Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

So I got a virus........


  • This topic is locked This topic is locked
4 replies to this topic

#1 tahoett

tahoett

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 16 June 2018 - 06:02 PM

I'm screwed as of right now.  The error I get is that it "can't connect to the system event notification service-which takes out a bunch of other services.  No internet-no anything.

 

AVG quarantined  c:;\users\public\documents\pre_fileassoc.tmp and c:\windows\wininit.ini.

 

Combofix didn't find anything.  Resetting winsock didn't work.  HELP!!!!!!  

 

Thanks!


Edited by hamluis, 16 June 2018 - 06:20 PM.
Moved from Win 7 to MRA - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,874 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:33 AM

Posted 16 June 2018 - 06:20 PM

Please...post the FRST data requested at https://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/ .  Post it to this topic, no need to initiate a new topic.

 

Louis



#3 tahoett

tahoett
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 16 June 2018 - 07:12 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by TT (administrator) on TT-PC (16-06-2018 16:57:14)
Running from C:\temp
Loaded Profiles: TT (Available Profiles: TT)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(GameHouse) C:\Program Files (x86)\GameHouse Games\aminstantservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
() C:\Windows\runSW.exe
(Realtek) C:\Windows\SwUSB.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\SuiteService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(UltimateOutsider) C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-01] (UltimateOutsider)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-03-25] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1685192 2018-03-16] (Solvusoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [Chromium] => c:\users\tt\appdata\local\chromium\application\chrome.exe [829440 2017-02-14] (The Chromium Authors)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{EED09F98-853C-4838-86DA-D90B62F0F50B}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{EED09F98-853C-4838-86DA-D90B62F0F50B}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{FC6D77E3-B1E3-48D8-8CB9-367359C6EC43}: [DhcpNameServer] 192.168.17.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-04-03] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-04-03] (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-04-03] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-04-03] (LastPass)
DPF: HKLM-x32 {00134F72-5284-44F7-95A8-52A619F70752} hxxps://tt-pc:4343/officescan/console/ClientInstall/WinNTChk.cab?ver=19,5,0,1365
DPF: HKLM-x32 {8157E81A-275D-4BE8-A7A9-E36E62DF9C68} hxxps://tt-pc:4343/SMB/console/html/root/AtxEnc.cab?ver=19,5,0,1365
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
 
FireFox:
========
FF DefaultProfile: tahoett@gmail.com
FF ProfilePath: C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default [2018-06-16]
FF user.js: detected! => C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\user.js [2018-06-16]
FF Homepage: Mozilla\Firefox\Profiles\pval9ljR.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\pval9ljR.default -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pval9ljR.default -> Disabled: web@Weather
FF NewTabOverride: Mozilla\Firefox\Profiles\pval9ljR.default -> Disabled: web@Weather
FF Extension: (Avira Browser Safety) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\abs@avira.com.xpi [2018-05-29]
FF Extension: (No Name) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\dp35@passwordmanager.xpi [2017-12-18]
FF Extension: (LastPass: Free Password Manager) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\support@lastpass.com.xpi [2018-05-29]
FF Extension: (YouTube Video Loop) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\{e1aaa9f8-4500-47f1-9a0a-b02bd60e4076}.xpi [2017-12-27]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\features\{20e7b090-a889-4702-ad5b-a421233d9d62}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-04-03] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-15] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-04-03] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://twitter.com/MeanStreetsOMA","hxxps://www.broadcastify.com/listen/ctid/1678","hxxps://www.reddit.com/r/bayarea/","hxxps://www.broadcastify.com/listen/feed/25253/web"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default [2018-06-16]
CHR Extension: (Slides) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-17]
CHR Extension: (Docs) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-17]
CHR Extension: (Google Drive) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-17]
CHR Extension: (AdGuard AdBlocker) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-05-22]
CHR Extension: (YouTube) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-12]
CHR Extension: (Unfriendly – Facebook Unfriend Notifications) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdafmffkfnfiebeeplnbpfjhanjegnkp [2018-02-18]
CHR Extension: (uBlock Origin) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-24]
CHR Extension: (Sheets) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-06-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2018-06-08]
CHR Extension: (ShiftEdit) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2018-03-23]
CHR Extension: (AVG SafePrice) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-28]
CHR Extension: (Wikibuy) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-17]
CHR Extension: (Chrome Media Router) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMInstantService; C:\Program Files (x86)\GameHouse Games\aminstantservice.exe [2041776 2016-10-26] (GameHouse)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [430032 2018-06-16] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 ESLoadService; C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe [47840 2017-10-30] (TODO: <Company name>)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-10-30] (iolo technologies, LLC)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2692296 2015-02-20] ()
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
R2 Solvusoft Suite Service; C:\Program Files (x86)\Solvusoft\SuiteService.exe [1285320 2018-03-16] (Solvusoft Corporation)
R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [731648 2018-01-22] (Splashtop Inc.) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [220600 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192536 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336848 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [50776 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [151504 2018-05-16] (AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-06-16] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [632640 2018-06-16] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [103744 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 cpuz143; no ImagePath
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-04-21] ()
S3 iobit_monitor_server; no ImagePath
R2 libwamf; C:\Windows\System32\DRIVERS\libwamf.sys [34424 2017-12-23] (OPSWAT, Inc.)
R2 libwasys; C:\Windows\System32\DRIVERS\libwasys.sys [38520 2017-12-23] (OPSWAT, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-10-30] (EldoS Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3664600 2014-12-16] (Realtek Semiconductor Corporation )
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 TMAgent; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-16 16:56 - 2018-06-16 16:57 - 000000000 ____D C:\FRST
2018-06-16 15:48 - 2018-06-16 15:48 - 000001393 _____ C:\Users\TT\Desktop\LiveBoost.lnk
2018-06-16 15:48 - 2018-06-16 15:48 - 000001389 _____ C:\Users\TT\Desktop\System Mechanic.lnk
2018-06-16 15:48 - 2018-06-16 15:48 - 000000282 _____ C:\Windows\Tasks\iolo Process Governor.job
2018-06-16 15:48 - 2018-06-16 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2018-06-16 15:48 - 2018-06-16 15:48 - 000000000 ____D C:\Program Files (x86)\iolo
2018-06-16 15:48 - 2014-10-30 14:22 - 000057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2018-06-16 15:48 - 2014-10-30 14:21 - 000026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2018-06-16 15:48 - 2014-10-30 14:20 - 002155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2018-06-16 15:48 - 2014-10-30 14:20 - 002097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2018-06-16 15:48 - 2014-10-30 14:03 - 000082160 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2018-06-16 15:48 - 2014-10-30 14:03 - 000069000 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-06-16 15:48 - 2014-10-30 14:03 - 000056200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-06-16 15:45 - 2018-06-16 15:49 - 000002460 _____ C:\Users\TT\Desktop\Rkill.txt
2018-06-16 15:43 - 2018-06-16 15:43 - 000000000 ____D C:\ProgramData\BSD
2018-06-16 15:41 - 2018-06-16 15:41 - 000002055 _____ C:\Users\Public\Desktop\DriverDoc.lnk
2018-06-16 15:41 - 2018-06-16 15:41 - 000000372 _____ C:\Windows\Tasks\DriverDoc Auto Start.job
2018-06-16 15:35 - 2018-06-16 15:41 - 000000000 ____D C:\Users\TT\AppData\Roaming\Solvusoft
2018-06-16 15:35 - 2018-06-16 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
2018-06-16 15:35 - 2018-06-16 15:35 - 000000000 ____D C:\Program Files (x86)\Solvusoft
2018-06-16 15:33 - 2018-06-16 15:35 - 000000000 ____D C:\ProgramData\Solvusoft
2018-06-16 15:09 - 2018-06-16 15:10 - 000000000 ___SD C:\32788R22FWJFW
2018-06-16 15:09 - 2018-06-16 14:16 - 005660124 ____R (Swearware) C:\Users\TT\Desktop\ComboFix.exe
2018-06-16 14:44 - 2018-06-16 14:44 - 000026221 _____ C:\ComboFix.txt
2018-06-16 13:37 - 2018-06-16 13:37 - 000000000 ____D C:\$AV_AVG
2018-06-16 13:00 - 2018-06-16 13:00 - 000001928 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2018-06-16 13:00 - 2018-06-16 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2018-06-16 12:59 - 2018-06-16 12:59 - 000000000 ____D C:\Users\TT\Desktop\Maddi - Copy
2018-06-16 12:57 - 2018-06-16 12:00 - 000632640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2018-06-16 12:57 - 2018-05-16 13:04 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-06-16 12:56 - 2018-06-16 12:56 - 000029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetNd6.sys
2018-06-16 12:41 - 2018-06-16 12:41 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\MV RegClean 5.0 English.lnk
2018-06-16 12:41 - 2018-06-16 12:41 - 000001326 _____ C:\Users\Public\Desktop\MV RegClean 5.0 English.lnk
2018-06-16 12:41 - 2018-06-16 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
2018-06-16 12:39 - 2018-06-16 12:40 - 001428214 _____ C:\Users\TT\Downloads\mvregclean5-en.zip
2018-06-16 11:24 - 2018-06-16 11:24 - 000000000 ____D C:\Users\TT\Desktop\memboost_1959 (1)
2018-06-16 11:22 - 2018-06-16 11:22 - 000000000 ____D C:\Users\TT\Downloads\memboost_1959 (1)
2018-06-16 11:19 - 2018-06-16 11:20 - 001065505 _____ C:\Users\TT\Downloads\memboost_1959 (1).zip
2018-06-16 01:56 - 2018-06-16 01:56 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2018-06-15 18:57 - 2018-06-15 19:57 - 005776384 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2018-06-14 02:02 - 2018-05-29 13:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-14 02:02 - 2018-05-29 12:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-14 02:02 - 2018-05-28 19:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-14 02:02 - 2018-05-28 19:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-14 02:02 - 2018-05-28 19:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-14 02:02 - 2018-05-28 19:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-14 02:02 - 2018-05-28 19:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-14 02:02 - 2018-05-28 19:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-14 02:02 - 2018-05-28 19:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-14 02:02 - 2018-05-28 19:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-14 02:02 - 2018-05-28 19:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-14 02:02 - 2018-05-28 19:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-14 02:02 - 2018-05-28 19:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-14 02:02 - 2018-05-28 19:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-14 02:02 - 2018-05-28 17:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-14 02:02 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-14 02:02 - 2018-05-24 21:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-14 02:02 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-14 02:02 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-14 02:02 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-14 02:02 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-14 02:02 - 2018-05-24 21:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-14 02:02 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-14 02:02 - 2018-05-24 21:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-14 02:02 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-14 02:02 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-14 02:02 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-14 02:02 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-14 02:02 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-14 02:02 - 2018-05-24 20:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-14 02:02 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-14 02:02 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-14 02:02 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-14 02:02 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-14 02:02 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-14 02:02 - 2018-05-24 20:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-14 02:02 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-14 02:02 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-14 02:02 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-14 02:02 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-14 02:02 - 2018-05-14 21:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-14 02:02 - 2018-05-14 20:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-14 02:02 - 2018-05-14 20:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-14 02:02 - 2018-05-14 20:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-14 02:02 - 2018-05-14 20:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-14 02:02 - 2018-05-14 20:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-14 02:02 - 2018-05-14 20:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-14 02:02 - 2018-05-14 20:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-14 02:02 - 2018-05-14 20:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-14 02:02 - 2018-05-14 18:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-14 02:02 - 2018-05-14 18:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-14 02:02 - 2018-05-11 19:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-14 02:02 - 2018-05-11 19:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-14 02:02 - 2018-05-11 19:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-14 02:02 - 2018-05-11 14:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-14 02:02 - 2018-05-11 14:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-14 02:02 - 2018-05-10 17:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-14 02:02 - 2018-05-10 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-14 02:02 - 2018-04-06 09:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-14 02:02 - 2018-04-06 09:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-14 02:01 - 2018-05-28 19:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-14 02:01 - 2018-05-28 18:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-14 02:01 - 2018-05-28 18:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-14 02:01 - 2018-05-28 18:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-14 02:01 - 2018-05-28 18:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-14 02:01 - 2018-05-28 18:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-14 02:01 - 2018-05-28 18:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-14 02:01 - 2018-05-28 18:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-14 02:01 - 2018-05-24 21:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-14 02:01 - 2018-05-24 21:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-14 02:01 - 2018-05-24 21:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-14 02:01 - 2018-05-24 21:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-14 02:01 - 2018-05-24 21:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-14 02:01 - 2018-05-24 21:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-14 02:01 - 2018-05-24 21:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-14 02:01 - 2018-05-24 21:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-14 02:01 - 2018-05-24 21:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-14 02:01 - 2018-05-24 21:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-14 02:01 - 2018-05-24 21:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-14 02:01 - 2018-05-24 21:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-14 02:01 - 2018-05-24 21:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-14 02:01 - 2018-05-24 21:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-14 02:01 - 2018-05-24 21:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-14 02:01 - 2018-05-24 21:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-14 02:01 - 2018-05-24 21:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-14 02:01 - 2018-05-24 21:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-14 02:01 - 2018-05-24 21:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-14 02:01 - 2018-05-24 21:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-14 02:01 - 2018-05-24 21:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-14 02:01 - 2018-05-24 21:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-14 02:01 - 2018-05-24 21:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-14 02:01 - 2018-05-24 21:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-14 02:01 - 2018-05-24 21:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-14 02:01 - 2018-05-24 21:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-14 02:01 - 2018-05-24 21:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-14 02:01 - 2018-05-24 21:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-14 02:01 - 2018-05-24 21:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-14 02:01 - 2018-05-24 21:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-14 02:01 - 2018-05-24 20:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-14 02:01 - 2018-05-24 20:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-14 02:01 - 2018-05-24 20:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-14 02:01 - 2018-05-24 20:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-14 02:01 - 2018-05-24 20:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-14 02:01 - 2018-05-24 20:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-14 02:01 - 2018-05-24 20:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-14 02:01 - 2018-05-24 20:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-14 02:01 - 2018-05-24 20:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-14 02:01 - 2018-05-24 20:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-14 02:01 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-14 02:01 - 2018-05-14 20:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-14 02:01 - 2018-05-14 20:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-14 02:01 - 2018-05-14 20:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-14 02:01 - 2018-05-14 20:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-14 02:01 - 2018-05-11 14:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-14 02:01 - 2018-05-10 17:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 19:22 - 2018-06-13 19:22 - 004351842 _____ C:\Users\TT\Desktop\Everything-Tastes-Better-Outside-Cookbook.pdf
2018-06-12 19:38 - 2018-06-12 19:38 - 000096430 _____ C:\Users\TT\Downloads\Statement_201805 (1).pdf
2018-06-12 19:27 - 2018-06-12 19:27 - 000096430 _____ C:\Users\TT\Downloads\Statement_201805.pdf
2018-06-06 12:52 - 2018-06-06 12:52 - 000000000 ____D C:\Users\TT\Documents\Aiseesoft Studio
2018-06-06 12:45 - 2018-06-06 14:10 - 000000000 ____D C:\Users\TT\AppData\Roaming\temp_info_collect
2018-06-06 12:45 - 2018-06-06 13:27 - 000000000 ____D C:\ProgramData\EMM
2018-06-06 12:45 - 2018-06-06 12:45 - 000001247 _____ C:\Users\Public\Desktop\EaseUS MobiMover.lnk
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\Users\TT\AppData\Roaming\SystemAcCrux
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS MobiMover
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-06-06 12:44 - 2018-06-06 12:44 - 034121304 _____ (EaseUS ) C:\Users\TT\Downloads\mobimover_free.exe
2018-06-06 12:30 - 2018-06-06 12:30 - 000000000 ____D C:\Users\TT\AppData\Local\Aiseesoft Studio
2018-06-06 12:29 - 2018-06-06 12:29 - 000001280 _____ C:\Users\Public\Desktop\FoneTrans.lnk
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\ProgramData\Aiseesoft Studio
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2018-06-06 12:28 - 2018-06-06 12:28 - 053883024 _____ (Aiseesoft Studio ) C:\Users\TT\Downloads\iphone-ipad-ipod-manager.exe
2018-06-06 11:36 - 2018-06-06 11:37 - 000550424 _____ () C:\Users\TT\Downloads\iExplorerSetup.exe
2018-06-04 16:36 - 2018-06-04 16:36 - 000090237 _____ C:\Users\TT\Downloads\LG-P9JV-4YK2-4274-F599.pdf
2018-06-03 18:57 - 2018-06-03 18:57 - 001036137 _____ C:\Users\TT\Desktop\TPD Application.pdf
2018-05-29 05:41 - 2018-06-09 06:50 - 000000928 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-05-29 05:41 - 2018-05-29 05:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-29 05:41 - 2018-05-29 05:41 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-27 11:37 - 2018-05-30 00:14 - 000000000 ____D C:\Users\TT\Desktop\Kaleb files
2018-05-21 21:58 - 2018-05-21 21:58 - 000592457 _____ C:\Users\TT\Desktop\TTomich Health Summary.pdf
2018-05-21 16:11 - 2018-05-21 16:12 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-05-21 16:11 - 2018-05-21 16:11 - 000002092 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2018-05-21 16:11 - 2018-05-21 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2018-05-21 16:10 - 2014-12-16 03:09 - 003664600 ____R (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2018-05-21 16:10 - 2014-12-16 03:09 - 000022232 _____ (Windows ® Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll
2018-05-21 16:10 - 2014-12-16 03:09 - 000008585 _____ C:\Windows\system32\rtlCoInst.dat
2018-05-21 16:10 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2018-05-21 16:09 - 2018-05-21 16:09 - 000000000 ____D C:\Program Files (x86)\REALTEK
2018-05-21 16:09 - 2015-03-03 12:32 - 000456560 _____ (Realtek) C:\Windows\SwUSB.exe
2018-05-21 16:09 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
2018-05-21 16:09 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2018-05-21 16:09 - 2010-12-01 09:31 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2018-05-21 16:09 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\Windows\RtlUI2.exe
2018-05-21 16:09 - 2009-01-05 20:31 - 000000901 _____ C:\Windows\RtlUI2.exe.manifest
2018-05-21 16:09 - 2007-04-26 14:05 - 000100000 _____ C:\Windows\SysWOW64\EAPPkt9x.VXD
2018-05-21 16:09 - 2001-09-26 11:03 - 000012981 _____ C:\Windows\SysWOW64\REALPKT.VXD
2018-05-21 14:59 - 2018-05-21 14:59 - 000000000 ____D C:\Users\TT\AppData\Roaming\AnyDesk
2018-05-21 03:47 - 2018-05-21 03:47 - 000002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-05-20 05:19 - 2018-05-20 05:19 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-05-20 05:19 - 2018-05-20 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-05-20 05:19 - 2018-05-20 05:19 - 000000000 ____D C:\Program Files\iPod
2018-05-20 05:18 - 2018-05-20 05:19 - 000000000 ____D C:\Program Files\iTunes
2018-05-20 05:14 - 2018-05-20 05:14 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-05-20 05:14 - 2018-05-20 05:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-05-17 13:18 - 2018-05-17 13:18 - 000175569 _____ C:\Users\TT\Desktop\DL.pdf
2018-05-17 13:14 - 2018-05-17 13:14 - 000570686 _____ C:\Users\TT\Desktop\VividSeats.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-16 16:57 - 2018-02-20 22:24 - 000000000 ____D C:\temp
2018-06-16 16:55 - 2018-02-22 18:14 - 000000000 ___RD C:\Users\TT\iCloudDrive
2018-06-16 16:48 - 2018-02-17 12:59 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-16 16:47 - 2018-02-17 13:49 - 000000000 ____D C:\ProgramData\iolo
2018-06-16 16:45 - 2009-07-13 21:45 - 000013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-16 16:45 - 2009-07-13 21:45 - 000013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-16 15:50 - 2018-02-10 04:19 - 000000000 ____D C:\Users\TT\AppData\Roaming\iolo
2018-06-16 15:48 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-06-16 15:43 - 2009-07-13 19:34 - 000000577 _____ C:\Windows\win.ini
2018-06-16 14:44 - 2018-02-17 13:39 - 000000000 ____D C:\Users\TT\AppData\Local\Apps\2.0
2018-06-16 14:44 - 2018-01-29 13:42 - 000302626 _____ C:\Windows\ntbtlog.txt
2018-06-16 14:44 - 2017-11-09 21:16 - 000000000 ____D C:\Qoobox
2018-06-16 14:41 - 2009-07-13 19:34 - 000000215 _____ C:\Windows\system.ini
2018-06-16 14:19 - 2009-07-13 22:13 - 000804470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-16 14:19 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-06-16 14:05 - 2017-11-22 01:09 - 000011264 _____ C:\Users\TT\Desktop\iPhone Insurance breakdown.xlsx
2018-06-16 13:56 - 2017-02-06 21:48 - 000000000 ____D C:\Users\TT\Desktop\Kaden
2018-06-16 13:54 - 2018-02-17 12:54 - 000000000 _____ C:\ProgramData\TEMP
2018-06-16 13:38 - 2017-01-31 17:31 - 000000000 ____D C:\Users\TT\Documents\Outlook Files
2018-06-16 13:26 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-16 13:21 - 2018-02-22 17:24 - 000000000 ____D C:\Users\TT\AppData\Local\FF401EE4-7603-443F-A503-787C3CB5AB5A.aplzod
2018-06-16 13:05 - 2017-06-10 20:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-16 12:57 - 2018-05-16 13:05 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-06-16 12:54 - 2018-02-20 11:12 - 000000000 ____D C:\Users\TT\Desktop\Trev
2018-06-16 12:40 - 2018-03-08 08:22 - 000000000 ____D C:\Program Files (x86)\Marcos Velasco Security
2018-06-16 12:29 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-16 12:28 - 2018-05-04 09:27 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-06-16 12:08 - 2018-05-04 09:27 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-06-16 05:10 - 2018-05-16 13:02 - 000000000 ____D C:\Program Files (x86)\AVG
2018-06-16 05:10 - 2018-05-16 13:01 - 000000000 ____D C:\ProgramData\Avg
2018-06-16 05:09 - 2018-05-16 19:58 - 000000000 ____D C:\Users\TT\AppData\Local\AvgSetupLog
2018-06-15 21:57 - 2017-11-12 06:49 - 000003408 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2018-06-15 21:46 - 2017-01-30 10:54 - 000000000 ____D C:\Windows\Minidump
2018-06-15 21:45 - 2017-01-28 01:35 - 000402888 ____N C:\Windows\Minidump\061518-158465-01.dmp
2018-06-15 19:57 - 2018-05-16 20:55 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-15 19:57 - 2018-02-17 20:21 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-15 19:57 - 2017-06-10 20:05 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-15 19:57 - 2017-06-10 20:05 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-15 19:57 - 2017-06-10 20:05 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-15 18:57 - 2018-05-16 22:58 - 000004450 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-15 17:00 - 2018-01-29 13:11 - 000003642 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-06-15 17:00 - 2017-09-08 04:13 - 000002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-06-15 16:08 - 2018-05-08 00:56 - 000019471 _____ C:\Users\TT\Desktop\Insur2.xlsx
2018-06-15 14:26 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-06-14 02:40 - 2018-03-08 22:50 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForTT.job
2018-06-14 02:20 - 2017-01-28 14:38 - 000000000 ____D C:\Windows\system32\MRT
2018-06-14 02:13 - 2017-10-18 05:18 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-14 02:12 - 2017-01-28 14:38 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 13:51 - 2018-02-17 17:53 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 13:51 - 2018-02-17 17:53 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-13 12:23 - 2018-03-08 22:50 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTT
2018-06-08 06:35 - 2018-02-17 16:40 - 000000000 ____D C:\Users\TT\AppData\Local\ElevatedDiagnostics
2018-06-08 06:27 - 2018-04-05 17:54 - 000000000 ____D C:\Program Files (x86)\iMobie
2018-06-06 12:37 - 2018-02-17 13:39 - 000000000 ____D C:\Users\TT\AppData\Local\Deployment
2018-06-06 12:23 - 2018-04-05 17:55 - 000000000 ____D C:\Users\TT\AppData\Local\iMobie_Inc
2018-06-06 12:23 - 2017-11-12 09:46 - 000000000 ____D C:\Users\TT\AppData\Roaming\iMobie
2018-06-06 12:22 - 2018-04-05 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2018-06-04 18:30 - 2018-02-17 13:01 - 000110728 _____ C:\Users\TT\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-04 18:26 - 2009-07-13 21:45 - 000415200 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-04 18:07 - 2018-05-16 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-06-04 18:07 - 2018-02-17 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-06-04 18:05 - 2017-01-30 11:25 - 000000000 ____D C:\Windows\SHELLNEW
2018-06-04 18:05 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-06-04 07:34 - 2017-02-20 19:41 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-31 20:34 - 2017-11-09 20:26 - 000000000 ____D C:\Users\TT\AppData\LocalLow\Mozilla
2018-05-31 05:28 - 2017-03-19 09:40 - 000000000 ____D C:\Windows\system32\appmgmt
2018-05-31 05:27 - 2018-03-25 08:45 - 000000000 ____D C:\BigFishCache
2018-05-29 05:41 - 2018-02-17 13:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-27 01:57 - 2018-02-17 20:21 - 000000000 ____D C:\Users\TT\AppData\Local\Adobe
2018-05-23 12:13 - 2018-02-20 22:31 - 000000000 ____D C:\Users\TT\AppData\Roaming\hpqLog
2018-05-21 16:09 - 2018-02-17 13:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-20 05:14 - 2017-03-30 00:12 - 000000000 ____D C:\Program Files\Bonjour
2018-05-19 09:33 - 2018-02-04 11:48 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 09:33 - 2018-02-04 11:48 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 16:56 - 2017-06-12 09:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-17 15:06 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
 
==================== Files in the root of some directories =======
 
2017-05-07 17:05 - 2017-05-07 17:33 - 000000115 _____ () C:\Users\TT\AppData\Roaming\LogFile.txt
2018-02-01 13:12 - 2018-02-03 13:10 - 000000070 _____ () C:\Users\TT\AppData\Roaming\wfbshelp.ini
2017-08-21 23:57 - 2018-02-02 09:53 - 000000010 _____ () C:\Users\TT\AppData\Local\sponge.last.runtime.cache
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-03 00:29
 
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by TT (administrator) on TT-PC (16-06-2018 16:57:14)
Running from C:\temp
Loaded Profiles: TT (Available Profiles: TT)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(GameHouse) C:\Program Files (x86)\GameHouse Games\aminstantservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
() C:\Windows\runSW.exe
(Realtek) C:\Windows\SwUSB.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\SuiteService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(UltimateOutsider) C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Solvusoft Corporation) C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4596296 2016-04-01] (UltimateOutsider)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-03-25] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe [1685192 2018-03-16] (Solvusoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\Run: [Chromium] => c:\users\tt\appdata\local\chromium\application\chrome.exe [829440 2017-02-14] (The Chromium Authors)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{EED09F98-853C-4838-86DA-D90B62F0F50B}: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{EED09F98-853C-4838-86DA-D90B62F0F50B}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{FC6D77E3-B1E3-48D8-8CB9-367359C6EC43}: [DhcpNameServer] 192.168.17.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-04-03] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-04-03] (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2018-04-03] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2018-04-03] (LastPass)
DPF: HKLM-x32 {00134F72-5284-44F7-95A8-52A619F70752} hxxps://tt-pc:4343/officescan/console/ClientInstall/WinNTChk.cab?ver=19,5,0,1365
DPF: HKLM-x32 {8157E81A-275D-4BE8-A7A9-E36E62DF9C68} hxxps://tt-pc:4343/SMB/console/html/root/AtxEnc.cab?ver=19,5,0,1365
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
 
FireFox:
========
FF DefaultProfile: tahoett@gmail.com
FF ProfilePath: C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default [2018-06-16]
FF user.js: detected! => C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\user.js [2018-06-16]
FF Homepage: Mozilla\Firefox\Profiles\pval9ljR.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\pval9ljR.default -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\pval9ljR.default -> Disabled: web@Weather
FF NewTabOverride: Mozilla\Firefox\Profiles\pval9ljR.default -> Disabled: web@Weather
FF Extension: (Avira Browser Safety) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\abs@avira.com.xpi [2018-05-29]
FF Extension: (No Name) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\dp35@passwordmanager.xpi [2017-12-18]
FF Extension: (LastPass: Free Password Manager) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\support@lastpass.com.xpi [2018-05-29]
FF Extension: (YouTube Video Loop) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\Extensions\{e1aaa9f8-4500-47f1-9a0a-b02bd60e4076}.xpi [2017-12-27]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\TT\AppData\Roaming\Mozilla\Firefox\Profiles\pval9ljR.default\features\{20e7b090-a889-4702-ad5b-a421233d9d62}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-04-03] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-15] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-04-03] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://twitter.com/MeanStreetsOMA","hxxps://www.broadcastify.com/listen/ctid/1678","hxxps://www.reddit.com/r/bayarea/","hxxps://www.broadcastify.com/listen/feed/25253/web"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default [2018-06-16]
CHR Extension: (Slides) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-17]
CHR Extension: (Docs) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-17]
CHR Extension: (Google Drive) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-17]
CHR Extension: (AdGuard AdBlocker) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-05-22]
CHR Extension: (YouTube) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-12]
CHR Extension: (Unfriendly – Facebook Unfriend Notifications) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdafmffkfnfiebeeplnbpfjhanjegnkp [2018-02-18]
CHR Extension: (uBlock Origin) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-24]
CHR Extension: (Sheets) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-17]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-06-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2018-06-08]
CHR Extension: (ShiftEdit) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2018-03-23]
CHR Extension: (AVG SafePrice) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-05-28]
CHR Extension: (Wikibuy) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-17]
CHR Extension: (Chrome Media Router) - C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMInstantService; C:\Program Files (x86)\GameHouse Games\aminstantservice.exe [2041776 2016-10-26] (GameHouse)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-14] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [430032 2018-06-16] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 ESLoadService; C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe [47840 2017-10-30] (TODO: <Company name>)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-10-30] (iolo technologies, LLC)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2692296 2015-02-20] ()
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
R2 Solvusoft Suite Service; C:\Program Files (x86)\Solvusoft\SuiteService.exe [1285320 2018-03-16] (Solvusoft Corporation)
R2 SplashtopRemoteService; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [731648 2018-01-22] (Splashtop Inc.) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [220600 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192536 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336848 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [50776 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [151504 2018-05-16] (AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-06-16] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\System32\drivers\avgNetSec.sys [632640 2018-06-16] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [103744 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-05-16] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-05-16] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-05-16] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-05-16] (AVG Technologies CZ, s.r.o.)
S3 cpuz143; no ImagePath
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-04-21] ()
S3 iobit_monitor_server; no ImagePath
R2 libwamf; C:\Windows\System32\DRIVERS\libwamf.sys [34424 2017-12-23] (OPSWAT, Inc.)
R2 libwasys; C:\Windows\System32\DRIVERS\libwasys.sys [38520 2017-12-23] (OPSWAT, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-10-30] (EldoS Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3664600 2014-12-16] (Realtek Semiconductor Corporation )
S1 ZAM; no ImagePath
S1 ZAM_Guard; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 TMAgent; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-16 16:56 - 2018-06-16 16:57 - 000000000 ____D C:\FRST
2018-06-16 15:48 - 2018-06-16 15:48 - 000001393 _____ C:\Users\TT\Desktop\LiveBoost.lnk
2018-06-16 15:48 - 2018-06-16 15:48 - 000001389 _____ C:\Users\TT\Desktop\System Mechanic.lnk
2018-06-16 15:48 - 2018-06-16 15:48 - 000000282 _____ C:\Windows\Tasks\iolo Process Governor.job
2018-06-16 15:48 - 2018-06-16 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2018-06-16 15:48 - 2018-06-16 15:48 - 000000000 ____D C:\Program Files (x86)\iolo
2018-06-16 15:48 - 2014-10-30 14:22 - 000057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2018-06-16 15:48 - 2014-10-30 14:21 - 000026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2018-06-16 15:48 - 2014-10-30 14:20 - 002155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2018-06-16 15:48 - 2014-10-30 14:20 - 002097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2018-06-16 15:48 - 2014-10-30 14:03 - 000082160 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2018-06-16 15:48 - 2014-10-30 14:03 - 000069000 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-06-16 15:48 - 2014-10-30 14:03 - 000056200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-06-16 15:45 - 2018-06-16 15:49 - 000002460 _____ C:\Users\TT\Desktop\Rkill.txt
2018-06-16 15:43 - 2018-06-16 15:43 - 000000000 ____D C:\ProgramData\BSD
2018-06-16 15:41 - 2018-06-16 15:41 - 000002055 _____ C:\Users\Public\Desktop\DriverDoc.lnk
2018-06-16 15:41 - 2018-06-16 15:41 - 000000372 _____ C:\Windows\Tasks\DriverDoc Auto Start.job
2018-06-16 15:35 - 2018-06-16 15:41 - 000000000 ____D C:\Users\TT\AppData\Roaming\Solvusoft
2018-06-16 15:35 - 2018-06-16 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
2018-06-16 15:35 - 2018-06-16 15:35 - 000000000 ____D C:\Program Files (x86)\Solvusoft
2018-06-16 15:33 - 2018-06-16 15:35 - 000000000 ____D C:\ProgramData\Solvusoft
2018-06-16 15:09 - 2018-06-16 15:10 - 000000000 ___SD C:\32788R22FWJFW
2018-06-16 15:09 - 2018-06-16 14:16 - 005660124 ____R (Swearware) C:\Users\TT\Desktop\ComboFix.exe
2018-06-16 14:44 - 2018-06-16 14:44 - 000026221 _____ C:\ComboFix.txt
2018-06-16 13:37 - 2018-06-16 13:37 - 000000000 ____D C:\$AV_AVG
2018-06-16 13:00 - 2018-06-16 13:00 - 000001928 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2018-06-16 13:00 - 2018-06-16 13:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2018-06-16 12:59 - 2018-06-16 12:59 - 000000000 ____D C:\Users\TT\Desktop\Maddi - Copy
2018-06-16 12:57 - 2018-06-16 12:00 - 000632640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2018-06-16 12:57 - 2018-05-16 13:04 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-06-16 12:56 - 2018-06-16 12:56 - 000029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetNd6.sys
2018-06-16 12:41 - 2018-06-16 12:41 - 000001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\MV RegClean 5.0 English.lnk
2018-06-16 12:41 - 2018-06-16 12:41 - 000001326 _____ C:\Users\Public\Desktop\MV RegClean 5.0 English.lnk
2018-06-16 12:41 - 2018-06-16 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
2018-06-16 12:39 - 2018-06-16 12:40 - 001428214 _____ C:\Users\TT\Downloads\mvregclean5-en.zip
2018-06-16 11:24 - 2018-06-16 11:24 - 000000000 ____D C:\Users\TT\Desktop\memboost_1959 (1)
2018-06-16 11:22 - 2018-06-16 11:22 - 000000000 ____D C:\Users\TT\Downloads\memboost_1959 (1)
2018-06-16 11:19 - 2018-06-16 11:20 - 001065505 _____ C:\Users\TT\Downloads\memboost_1959 (1).zip
2018-06-16 01:56 - 2018-06-16 01:56 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2018-06-15 18:57 - 2018-06-15 19:57 - 005776384 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2018-06-14 02:02 - 2018-05-29 13:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-14 02:02 - 2018-05-29 12:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-14 02:02 - 2018-05-28 19:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-14 02:02 - 2018-05-28 19:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-14 02:02 - 2018-05-28 19:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-14 02:02 - 2018-05-28 19:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-14 02:02 - 2018-05-28 19:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-14 02:02 - 2018-05-28 19:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-14 02:02 - 2018-05-28 19:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-14 02:02 - 2018-05-28 19:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-14 02:02 - 2018-05-28 19:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-14 02:02 - 2018-05-28 19:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-14 02:02 - 2018-05-28 19:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-14 02:02 - 2018-05-28 19:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-14 02:02 - 2018-05-28 19:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-14 02:02 - 2018-05-28 17:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-14 02:02 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-14 02:02 - 2018-05-24 21:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-14 02:02 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-14 02:02 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-14 02:02 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-14 02:02 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-14 02:02 - 2018-05-24 21:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-14 02:02 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-14 02:02 - 2018-05-24 21:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-14 02:02 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-14 02:02 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-14 02:02 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-14 02:02 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-14 02:02 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-14 02:02 - 2018-05-24 20:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-14 02:02 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-14 02:02 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-14 02:02 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-14 02:02 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-14 02:02 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-14 02:02 - 2018-05-24 20:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-14 02:02 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-14 02:02 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-14 02:02 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-14 02:02 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-14 02:02 - 2018-05-14 21:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-14 02:02 - 2018-05-14 20:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-14 02:02 - 2018-05-14 20:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-14 02:02 - 2018-05-14 20:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-14 02:02 - 2018-05-14 20:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-14 02:02 - 2018-05-14 20:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-14 02:02 - 2018-05-14 20:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-14 02:02 - 2018-05-14 20:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-14 02:02 - 2018-05-14 20:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-14 02:02 - 2018-05-14 18:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-14 02:02 - 2018-05-14 18:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-14 02:02 - 2018-05-11 19:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-14 02:02 - 2018-05-11 19:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-14 02:02 - 2018-05-11 19:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-14 02:02 - 2018-05-11 14:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-14 02:02 - 2018-05-11 14:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-14 02:02 - 2018-05-10 17:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-14 02:02 - 2018-05-10 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-14 02:02 - 2018-04-06 09:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-14 02:02 - 2018-04-06 09:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 19:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-14 02:01 - 2018-05-28 19:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-14 02:01 - 2018-05-28 19:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-14 02:01 - 2018-05-28 18:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-14 02:01 - 2018-05-28 18:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-14 02:01 - 2018-05-28 18:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-14 02:01 - 2018-05-28 18:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-14 02:01 - 2018-05-28 18:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-14 02:01 - 2018-05-28 18:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-14 02:01 - 2018-05-28 18:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-14 02:01 - 2018-05-28 18:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-14 02:01 - 2018-05-28 18:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-14 02:01 - 2018-05-24 21:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-14 02:01 - 2018-05-24 21:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-14 02:01 - 2018-05-24 21:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-14 02:01 - 2018-05-24 21:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-14 02:01 - 2018-05-24 21:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-14 02:01 - 2018-05-24 21:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-14 02:01 - 2018-05-24 21:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-14 02:01 - 2018-05-24 21:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-14 02:01 - 2018-05-24 21:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-14 02:01 - 2018-05-24 21:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-14 02:01 - 2018-05-24 21:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-14 02:01 - 2018-05-24 21:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-14 02:01 - 2018-05-24 21:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-14 02:01 - 2018-05-24 21:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-14 02:01 - 2018-05-24 21:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-14 02:01 - 2018-05-24 21:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-14 02:01 - 2018-05-24 21:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-14 02:01 - 2018-05-24 21:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-14 02:01 - 2018-05-24 21:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-14 02:01 - 2018-05-24 21:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-14 02:01 - 2018-05-24 21:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-14 02:01 - 2018-05-24 21:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-14 02:01 - 2018-05-24 21:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-14 02:01 - 2018-05-24 21:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-14 02:01 - 2018-05-24 21:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-14 02:01 - 2018-05-24 21:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-14 02:01 - 2018-05-24 21:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-14 02:01 - 2018-05-24 21:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-14 02:01 - 2018-05-24 21:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-14 02:01 - 2018-05-24 21:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-14 02:01 - 2018-05-24 20:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-14 02:01 - 2018-05-24 20:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-14 02:01 - 2018-05-24 20:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-14 02:01 - 2018-05-24 20:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-14 02:01 - 2018-05-24 20:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-14 02:01 - 2018-05-24 20:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-14 02:01 - 2018-05-24 20:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-14 02:01 - 2018-05-24 20:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-14 02:01 - 2018-05-24 20:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-14 02:01 - 2018-05-24 20:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-14 02:01 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-14 02:01 - 2018-05-14 20:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-14 02:01 - 2018-05-14 20:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-14 02:01 - 2018-05-14 20:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-14 02:01 - 2018-05-14 20:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-14 02:01 - 2018-05-11 14:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-14 02:01 - 2018-05-10 17:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 19:22 - 2018-06-13 19:22 - 004351842 _____ C:\Users\TT\Desktop\Everything-Tastes-Better-Outside-Cookbook.pdf
2018-06-12 19:38 - 2018-06-12 19:38 - 000096430 _____ C:\Users\TT\Downloads\Statement_201805 (1).pdf
2018-06-12 19:27 - 2018-06-12 19:27 - 000096430 _____ C:\Users\TT\Downloads\Statement_201805.pdf
2018-06-06 12:52 - 2018-06-06 12:52 - 000000000 ____D C:\Users\TT\Documents\Aiseesoft Studio
2018-06-06 12:45 - 2018-06-06 14:10 - 000000000 ____D C:\Users\TT\AppData\Roaming\temp_info_collect
2018-06-06 12:45 - 2018-06-06 13:27 - 000000000 ____D C:\ProgramData\EMM
2018-06-06 12:45 - 2018-06-06 12:45 - 000001247 _____ C:\Users\Public\Desktop\EaseUS MobiMover.lnk
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\Users\TT\AppData\Roaming\SystemAcCrux
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS MobiMover
2018-06-06 12:45 - 2018-06-06 12:45 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-06-06 12:44 - 2018-06-06 12:44 - 034121304 _____ (EaseUS ) C:\Users\TT\Downloads\mobimover_free.exe
2018-06-06 12:30 - 2018-06-06 12:30 - 000000000 ____D C:\Users\TT\AppData\Local\Aiseesoft Studio
2018-06-06 12:29 - 2018-06-06 12:29 - 000001280 _____ C:\Users\Public\Desktop\FoneTrans.lnk
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\ProgramData\Aiseesoft Studio
2018-06-06 12:29 - 2018-06-06 12:29 - 000000000 ____D C:\Program Files (x86)\Aiseesoft Studio
2018-06-06 12:28 - 2018-06-06 12:28 - 053883024 _____ (Aiseesoft Studio ) C:\Users\TT\Downloads\iphone-ipad-ipod-manager.exe
2018-06-06 11:36 - 2018-06-06 11:37 - 000550424 _____ () C:\Users\TT\Downloads\iExplorerSetup.exe
2018-06-04 16:36 - 2018-06-04 16:36 - 000090237 _____ C:\Users\TT\Downloads\LG-P9JV-4YK2-4274-F599.pdf
2018-06-03 18:57 - 2018-06-03 18:57 - 001036137 _____ C:\Users\TT\Desktop\TPD Application.pdf
2018-05-29 05:41 - 2018-06-09 06:50 - 000000928 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-05-29 05:41 - 2018-05-29 05:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-29 05:41 - 2018-05-29 05:41 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-27 11:37 - 2018-05-30 00:14 - 000000000 ____D C:\Users\TT\Desktop\Kaleb files
2018-05-21 21:58 - 2018-05-21 21:58 - 000592457 _____ C:\Users\TT\Desktop\TTomich Health Summary.pdf
2018-05-21 16:11 - 2018-05-21 16:12 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-05-21 16:11 - 2018-05-21 16:11 - 000002092 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2018-05-21 16:11 - 2018-05-21 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2018-05-21 16:10 - 2014-12-16 03:09 - 003664600 ____R (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlanu.sys
2018-05-21 16:10 - 2014-12-16 03:09 - 000022232 _____ (Windows ® Server 2003 DDK provider) C:\Windows\system32\rtlCoInst.dll
2018-05-21 16:10 - 2014-12-16 03:09 - 000008585 _____ C:\Windows\system32\rtlCoInst.dat
2018-05-21 16:10 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2018-05-21 16:09 - 2018-05-21 16:09 - 000000000 ____D C:\Program Files (x86)\REALTEK
2018-05-21 16:09 - 2015-03-03 12:32 - 000456560 _____ (Realtek) C:\Windows\SwUSB.exe
2018-05-21 16:09 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
2018-05-21 16:09 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2018-05-21 16:09 - 2010-12-01 09:31 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2018-05-21 16:09 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\Windows\RtlUI2.exe
2018-05-21 16:09 - 2009-01-05 20:31 - 000000901 _____ C:\Windows\RtlUI2.exe.manifest
2018-05-21 16:09 - 2007-04-26 14:05 - 000100000 _____ C:\Windows\SysWOW64\EAPPkt9x.VXD
2018-05-21 16:09 - 2001-09-26 11:03 - 000012981 _____ C:\Windows\SysWOW64\REALPKT.VXD
2018-05-21 14:59 - 2018-05-21 14:59 - 000000000 ____D C:\Users\TT\AppData\Roaming\AnyDesk
2018-05-21 03:47 - 2018-05-21 03:47 - 000002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-05-20 05:19 - 2018-05-20 05:19 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-05-20 05:19 - 2018-05-20 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-05-20 05:19 - 2018-05-20 05:19 - 000000000 ____D C:\Program Files\iPod
2018-05-20 05:18 - 2018-05-20 05:19 - 000000000 ____D C:\Program Files\iTunes
2018-05-20 05:14 - 2018-05-20 05:14 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-05-20 05:14 - 2018-05-20 05:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-05-17 13:18 - 2018-05-17 13:18 - 000175569 _____ C:\Users\TT\Desktop\DL.pdf
2018-05-17 13:14 - 2018-05-17 13:14 - 000570686 _____ C:\Users\TT\Desktop\VividSeats.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-16 16:57 - 2018-02-20 22:24 - 000000000 ____D C:\temp
2018-06-16 16:55 - 2018-02-22 18:14 - 000000000 ___RD C:\Users\TT\iCloudDrive
2018-06-16 16:48 - 2018-02-17 12:59 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-16 16:47 - 2018-02-17 13:49 - 000000000 ____D C:\ProgramData\iolo
2018-06-16 16:45 - 2009-07-13 21:45 - 000013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-16 16:45 - 2009-07-13 21:45 - 000013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-16 15:50 - 2018-02-10 04:19 - 000000000 ____D C:\Users\TT\AppData\Roaming\iolo
2018-06-16 15:48 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-06-16 15:43 - 2009-07-13 19:34 - 000000577 _____ C:\Windows\win.ini
2018-06-16 14:44 - 2018-02-17 13:39 - 000000000 ____D C:\Users\TT\AppData\Local\Apps\2.0
2018-06-16 14:44 - 2018-01-29 13:42 - 000302626 _____ C:\Windows\ntbtlog.txt
2018-06-16 14:44 - 2017-11-09 21:16 - 000000000 ____D C:\Qoobox
2018-06-16 14:41 - 2009-07-13 19:34 - 000000215 _____ C:\Windows\system.ini
2018-06-16 14:19 - 2009-07-13 22:13 - 000804470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-16 14:19 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-06-16 14:05 - 2017-11-22 01:09 - 000011264 _____ C:\Users\TT\Desktop\iPhone Insurance breakdown.xlsx
2018-06-16 13:56 - 2017-02-06 21:48 - 000000000 ____D C:\Users\TT\Desktop\Kaden
2018-06-16 13:54 - 2018-02-17 12:54 - 000000000 _____ C:\ProgramData\TEMP
2018-06-16 13:38 - 2017-01-31 17:31 - 000000000 ____D C:\Users\TT\Documents\Outlook Files
2018-06-16 13:26 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-16 13:21 - 2018-02-22 17:24 - 000000000 ____D C:\Users\TT\AppData\Local\FF401EE4-7603-443F-A503-787C3CB5AB5A.aplzod
2018-06-16 13:05 - 2017-06-10 20:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-16 12:57 - 2018-05-16 13:05 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-06-16 12:54 - 2018-02-20 11:12 - 000000000 ____D C:\Users\TT\Desktop\Trev
2018-06-16 12:40 - 2018-03-08 08:22 - 000000000 ____D C:\Program Files (x86)\Marcos Velasco Security
2018-06-16 12:29 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-16 12:28 - 2018-05-04 09:27 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-06-16 12:08 - 2018-05-04 09:27 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-06-16 05:10 - 2018-05-16 13:02 - 000000000 ____D C:\Program Files (x86)\AVG
2018-06-16 05:10 - 2018-05-16 13:01 - 000000000 ____D C:\ProgramData\Avg
2018-06-16 05:09 - 2018-05-16 19:58 - 000000000 ____D C:\Users\TT\AppData\Local\AvgSetupLog
2018-06-15 21:57 - 2017-11-12 06:49 - 000003408 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2018-06-15 21:46 - 2017-01-30 10:54 - 000000000 ____D C:\Windows\Minidump
2018-06-15 21:45 - 2017-01-28 01:35 - 000402888 ____N C:\Windows\Minidump\061518-158465-01.dmp
2018-06-15 19:57 - 2018-05-16 20:55 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-15 19:57 - 2018-02-17 20:21 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-15 19:57 - 2017-06-10 20:05 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-15 19:57 - 2017-06-10 20:05 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-15 19:57 - 2017-06-10 20:05 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-15 18:57 - 2018-05-16 22:58 - 000004450 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-15 17:00 - 2018-01-29 13:11 - 000003642 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-06-15 17:00 - 2017-09-08 04:13 - 000002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-06-15 16:08 - 2018-05-08 00:56 - 000019471 _____ C:\Users\TT\Desktop\Insur2.xlsx
2018-06-15 14:26 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-06-14 02:40 - 2018-03-08 22:50 - 000000320 _____ C:\Windows\Tasks\HPCeeScheduleForTT.job
2018-06-14 02:20 - 2017-01-28 14:38 - 000000000 ____D C:\Windows\system32\MRT
2018-06-14 02:13 - 2017-10-18 05:18 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-14 02:12 - 2017-01-28 14:38 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 13:51 - 2018-02-17 17:53 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 13:51 - 2018-02-17 17:53 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-13 12:23 - 2018-03-08 22:50 - 000003168 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTT
2018-06-08 06:35 - 2018-02-17 16:40 - 000000000 ____D C:\Users\TT\AppData\Local\ElevatedDiagnostics
2018-06-08 06:27 - 2018-04-05 17:54 - 000000000 ____D C:\Program Files (x86)\iMobie
2018-06-06 12:37 - 2018-02-17 13:39 - 000000000 ____D C:\Users\TT\AppData\Local\Deployment
2018-06-06 12:23 - 2018-04-05 17:55 - 000000000 ____D C:\Users\TT\AppData\Local\iMobie_Inc
2018-06-06 12:23 - 2017-11-12 09:46 - 000000000 ____D C:\Users\TT\AppData\Roaming\iMobie
2018-06-06 12:22 - 2018-04-05 17:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2018-06-04 18:30 - 2018-02-17 13:01 - 000110728 _____ C:\Users\TT\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-04 18:26 - 2009-07-13 21:45 - 000415200 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-04 18:07 - 2018-05-16 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-06-04 18:07 - 2018-02-17 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-06-04 18:05 - 2017-01-30 11:25 - 000000000 ____D C:\Windows\SHELLNEW
2018-06-04 18:05 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-06-04 07:34 - 2017-02-20 19:41 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-31 20:34 - 2017-11-09 20:26 - 000000000 ____D C:\Users\TT\AppData\LocalLow\Mozilla
2018-05-31 05:28 - 2017-03-19 09:40 - 000000000 ____D C:\Windows\system32\appmgmt
2018-05-31 05:27 - 2018-03-25 08:45 - 000000000 ____D C:\BigFishCache
2018-05-29 05:41 - 2018-02-17 13:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-27 01:57 - 2018-02-17 20:21 - 000000000 ____D C:\Users\TT\AppData\Local\Adobe
2018-05-23 12:13 - 2018-02-20 22:31 - 000000000 ____D C:\Users\TT\AppData\Roaming\hpqLog
2018-05-21 16:09 - 2018-02-17 13:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-20 05:14 - 2017-03-30 00:12 - 000000000 ____D C:\Program Files\Bonjour
2018-05-19 09:33 - 2018-02-04 11:48 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 09:33 - 2018-02-04 11:48 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 16:56 - 2017-06-12 09:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-17 15:06 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
 
==================== Files in the root of some directories =======
 
2017-05-07 17:05 - 2017-05-07 17:33 - 000000115 _____ () C:\Users\TT\AppData\Roaming\LogFile.txt
2018-02-01 13:12 - 2018-02-03 13:10 - 000000070 _____ () C:\Users\TT\AppData\Roaming\wfbshelp.ini
2017-08-21 23:57 - 2018-02-02 09:53 - 000000010 _____ () C:\Users\TT\AppData\Local\sponge.last.runtime.cache
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-03 00:29
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by TT (16-06-2018 16:58:48)
Running from C:\temp
Windows 7 Professional Service Pack 1 (X64) (2017-01-28 20:50:34)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1800849430-2401468083-1641420658-500 - Administrator - Disabled)
Guest (S-1-5-21-1800849430-2401468083-1641420658-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800849430-2401468083-1641420658-1008 - Limited - Enabled)
TT (S-1-5-21-1800849430-2401468083-1641420658-1000 - Administrator - Enabled) => C:\Users\TT
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Disabled) {FD3E91FB-7C15-3254-D603-FC5F31625538}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A05FDFEC-4377-49E0-82CB-B6D1386E89DA}) (Version: 11.3.0.9 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 18.4.3056 - AVG Technologies)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - Canon Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
DriverDoc (HKLM-x32\...\{650580EA-978C-4C04-81B9-BA53BB34BCBE}) (Version: 1.8.0 - Solvusoft Corporation) Hidden
DriverDoc (HKLM-x32\...\DriverDoc) (Version: 1.8.0 - Solvusoft Corporation)
EaseUS MobiMover 3.0 (HKLM-x32\...\EaseUS MobiMover_is1) (Version:  - EaseUS)
FoneTrans 8.3.30 (HKLM-x32\...\{438DA193-C1A2-4e65-84AD-A485FE64B6AD}_is1) (Version: 8.3.30 - Aiseesoft Studio)
GameHouse Games (HKLM-x32\...\GameHouse Games) (Version: 8.60.20 - GameHouse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{3D16A9C5-8107-4EBB-B988-08CD363A9D0F}) (Version: 12.9.18.3 - HP Inc.)
iCloud (HKLM\...\{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}) (Version: 7.3.0.20 - Apple Inc.)
iExplorer (HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\2ee35ebaf226322a) (Version: 4.2.0.0 - Macroplant LLC)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.0.1 - iolo technologies, LLC)
iTunes (HKLM\...\{5581A594-89CB-4062-81C3-2E9F7A76FBE0}) (Version: 12.7.4.76 - Apple Inc.)
Kernel for Outlook PST Repair Evaluation ver 18.1 (HKLM-x32\...\Kernel for Outlook PST Repair - Evaluation Version_is1) (Version:  - Lepide Software Pvt.Ltd.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LogMeIn Client (HKLM-x32\...\{DBECEFDA-F00A-48F8-B507-7E0BE6BBFE58}) (Version: 1.3.3212 - LogMeIn, Inc.)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MV RegClean 5.0 English (HKLM-x32\...\MV RegClean 5.0 English_is1) (Version:  - )
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
OPSWAT MetaAccess (HKLM-x32\...\{8AF70079-42E8-4194-A888-38711BD0F50E}) (Version: 7.6.133.0 - OPSWAT, Inc.) Hidden
OutlookFreeware.com Utilities (HKLM-x32\...\{7A3D7CC6-837B-4A40-A38C-E0C09A5D3E84}) (Version: 4.7.0 - Relief Software)
PhoneRescue (HKLM-x32\...\PhoneRescue) (Version: 3.7.0.0 - iMobie Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0265 - REALTEK Semiconductor Corp.)
Remo Repair Outlook [PST] (HKLM\...\{9F198151-82C8-4AE0-9290-4248B416BDF4}_is1) (Version: 3.0.0.19 - Remo Software)
SavvyConnect (HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\4f7d563df4a0e463) (Version: 4.3.0.10 - Luth Research, LLC.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Splashtop Business (HKLM-x32\...\{6A4CA92E-2579-4C4D-9C8B-44735449C64E}) (Version: 3.2.0.0 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.2.0.0 - Splashtop Inc.)
System Mechanic (HKLM-x32\...\{BF979795-8FC8-4FB5-AC26-CC753CA140BE}) (Version: 17.0.1.11 - iolo technologies, LLC) Hidden
SysTools Outlook Recovery v5.0 (HKLM-x32\...\{7EC76842-0E53-4175-B525-41F59423B4F5}_is1) (Version:  - SysTools Software Pvt. Ltd.)
The Price is Right (HKLM-x32\...\BFG-The Price is Right) (Version:  - )
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-05-16] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Windows\system32\Incinerator64.dll [2014-10-30] (iolo technologies, LLC)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-01-10] (Apple Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Windows\system32\Incinerator64.dll [2014-10-30] (iolo technologies, LLC)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-03] (NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-05-16] (AVG Technologies CZ, s.r.o.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0B93F8BF-7836-4DFC-ACD0-49E8140F5AE9} - System32\Tasks\HPCeeScheduleForTT => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {11B674DC-C451-4B74-986F-80C15A0840B4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_pepper.exe [2018-06-15] (Adobe Systems Incorporated)
Task: {11D3E12B-E353-41F8-8081-CA181DCBEF8B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {1D94B798-A040-48C9-A7B6-C0ADBA850F65} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-05-16] (AVG Technologies CZ, s.r.o.)
Task: {25B55728-DF87-47D3-8386-9560CB6C18FF} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-01-10] (Apple Inc.)
Task: {437A4D8C-D411-4CD3-A8BE-ADC2C13695BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {487C5088-8A08-4506-954E-CDE6E0F8B905} - System32\Tasks\{C8F28CE9-0763-42BB-8F25-285853E84505} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E0CA6191-52E8-41E0-96B2-05EA08E6869C}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {52EFD63B-72C9-4D49-94C2-5F8B8312BD0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-10-19] (HP Inc.)
Task: {555E1FC4-BE31-44FC-ACBB-B5C27A1CB5D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-10-19] (HP Inc.)
Task: {5AD8DED3-F0A5-464A-B32C-281DE9240EC7} - System32\Tasks\ioloToaster => C:\Program Files (x86)\System Mechanic\ioloToaster.exe
Task: {638308BA-FDEC-4674-B2EA-A7C829EF2470} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {78889365-8187-48D5-89CD-486CDAABD7BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.)
Task: {863C07A6-9A4F-46BB-B8C4-4F792CBAF814} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {90C8F7D5-5C1A-4243-AD11-B8E5727EA66D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {91278016-2471-4865-BCF4-10B243A13D87} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {923109AB-F135-43E1-AB61-2413087F11E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {99CD66DB-A9CD-4F80-97E8-997D0351B898} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.)
Task: {9B842DAC-D0B9-41E4-8ED2-E0E3D6CB587F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-05-16] (AVG Technologies CZ, s.r.o.)
Task: {9D1FAC94-50B0-42CD-BEB3-713F022F3436} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-10-19] (HP Inc.)
Task: {9E8D440E-E9E9-4F8C-9F61-103B4FE83BF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-15] (Adobe Systems Incorporated)
Task: {CCAF9F71-787C-457A-B8B8-BD254573A66E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {D5860972-1D6A-466A-9769-5321031548FB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-15] (Adobe Systems Incorporated)
Task: {EA823809-7963-43B7-AC83-40DDF7E23508} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {F17F34DE-F4BB-4C7A-BA28-618BDA5046EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.)
Task: {F6A1BF49-7237-4935-ACC9-8BD42FF2BA9E} - System32\Tasks\ioloSmartUpdater => C:\Program Files (x86)\System Mechanic\ioloSmartUpdater.exe
Task: {F9DDA142-854C-4ABA-A707-9A7D90744969} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DriverDoc Auto Start.job => C:\Program Files (x86)\Solvusoft\DriverDoc\DriverDoc.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTT.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\iolo Process Governor.job => C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
Task: C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-01-28 14:37 - 2015-02-20 01:43 - 002692296 _____ () C:\Windows\system32\nvwmi64.exe
2017-01-28 14:37 - 2015-02-03 19:21 - 000115400 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-05-21 16:09 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
2018-05-16 13:03 - 2018-05-16 13:03 - 000738032 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 001067248 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 000595696 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2018-03-28 17:05 - 2018-03-28 17:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-03-28 17:05 - 2018-03-28 17:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 000481008 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-06-16 10:06 - 2018-06-16 10:06 - 005837040 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18061604\algo.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 000886512 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2018-05-16 15:47 - 2018-05-16 15:47 - 000925936 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 000983792 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-05-16 13:04 - 2018-05-16 13:04 - 000520944 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-05-21 16:09 - 2013-02-27 17:17 - 000221184 _____ () C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll
2018-03-16 15:20 - 2018-03-16 15:20 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 008801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2018-05-16 15:48 - 2018-05-16 15:48 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:5FBC2BC4 [96]
AlternateDataStreams: C:\ProgramData\TEMP:89C6F032 [127]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\trendmicro.com -> hxxps://pwm.trendmicro.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7937 more sites.
 
IE trusted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\trendmicro.com -> hxxps://pwm.trendmicro.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\...\123simsen.com -> www.123simsen.com
 
There are 7935 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2018-06-16 14:40 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1800849430-2401468083-1641420658-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.17.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
MpsSvc => Firewall Service is not running.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{AA6C5D14-3809-4AEA-B264-EF1B7FFE7BEF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{69D189A0-183B-4ACD-BB8F-6366F801178C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91D94D9C-ABEA-400F-A060-FE87293A2016}] => (Block) LPort=445
FirewallRules: [{C561DE29-16FC-44A8-96C2-F2CC2D33E2B8}] => (Block) LPort=445
FirewallRules: [{FA9AE71B-ECED-4C00-9C84-8593E3E2A874}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{53370E55-14F3-4F34-961E-4240B6A55269}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BE3A71B7-55AA-4A5B-8559-52F68F1B639C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{625505D7-92C2-460B-ABE1-801452AF459F}] => (Allow) LPort=4343
FirewallRules: [{5C99C4DA-5835-4CED-8F80-E33BCA1F0616}] => (Allow) LPort=8059
FirewallRules: [{F53DB4BA-2135-4AD2-9185-4D9876470F87}] => (Allow) LPort=80
FirewallRules: [{58520D3B-0493-4024-9F9D-0840DFC52A7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6EC48985-6D3F-47BE-A6A4-00D70169E6D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E99A37FE-BC54-4D48-8F6E-90E4D2E77FC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1E4699F6-423A-4CD0-8585-8A54C5E64E1B}] => (Allow) LPort=53
FirewallRules: [{16BF8EA5-ECDF-4491-B90E-4499BCF08DC6}] => (Allow) LPort=1542
FirewallRules: [{34371A1A-E541-4D73-ADA5-D89C0AA53CF7}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe
FirewallRules: [{6CC9ECC3-062D-42CB-A939-144975A383F0}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{4829A89D-2559-4F12-AA53-375AE924BFB7}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{3BD57AAC-00BF-4E17-9899-F2F466F4CEC0}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{8948E4CE-FDD4-498D-B7EC-B5EE424FC4A5}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{AFFB332F-EFED-4D16-AA28-C1F6D42BB3D4}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{58E1BE5D-9C07-4207-B82F-3DF75F1FC7BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{057BE1E9-C006-46D8-A479-B9C0E2464C85}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
 
==================== Restore Points =========================
 
16-06-2018 06:04:12 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 07:09:29 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 08:02:42 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 09:10:17 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 10:07:46 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 11:19:11 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 12:01:28 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 12:58:12 Device Driver Package Install: AVG Technologies Network Service
16-06-2018 15:34:43 Installed DriverDoc.
 
==================== Faulty Device Manager Devices =============
 
Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
The Windows Event Log service is starting.
The Windows Event Log service could not be started.
 
A system error has occurred.
 
System error 1747 has occurred.
 
The authentication service is unknown.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 37%
Total physical RAM: 4079.34 MB
Available physical RAM: 2530.86 MB
Total Virtual: 8156.51 MB
Available Virtual: 6707.15 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:155.14 GB) (Free:11.84 GB) NTFS
Drive d: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.32 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:15.12 GB) (Free:14.86 GB) NTFS
Drive f: () (Removable) (Total:3.61 GB) (Free:2.83 GB) NTFS
 
\\?\Volume{95902a03-e534-11e6-90e8-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:1.99 GB) (Free:1.53 GB) NTFS
\\?\Volume{95902a04-e534-11e6-90e8-806e6f6e6963}\ (Sys_Drive) (Fixed) (Total:296.9 GB) (Free:66.14 GB) NTFS
\\?\Volume{95902a02-e534-11e6-90e8-806e6f6e6963}\ (Recovery) (Fixed) (Total:11.72 GB) (Free:8.21 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BC53D8B)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=296.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=155.1 GB) - (Type=0F Extended)
 
========================================================
Disk: 1 (Size: 15.1 GB) (Disk ID: 521DAE79)
Partition 1: (Active) - (Size=15.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 3.6 GB) (Disk ID: 000CDF3A)
Partition 1: (Active) - (Size=3.6 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:33 AM

Posted 17 June 2018 - 09:15 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Post the logs and let me know what problem persists.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:33 AM

Posted 23 June 2018 - 06:53 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users