Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019 Ran by admin (administrator) on USER (Acer Aspire E5-573) (25-05-2019 10:06:30) Running from C:\Users\admin\Desktop Loaded Profiles: admin (Available Profiles: admin) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe (Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [CheckNDISPort55ac29] => C:\Program Files (x86)\Vodafone Mobile Connect\CheckNDISPort_df.exe [478928 2017-10-13] (ZTE CORPORATION -> ) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-12-01] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] HKU\S-1-5-21-844090339-168977430-2555540811-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-12-01] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-12-01] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-09-09] ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0DCDEB5C-2A7C-48A4-A53B-EC4FB36A6600} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-21] (Google Inc -> Google Inc.) Task: {12A4C1CA-DE6A-4AA0-9FFC-566B7E161BB5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {2F3452F0-0D61-49E3-A132-13DF5A6C54C6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {3FC3F079-6081-49FF-916A-1F0D51593867} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-21] (Google Inc -> Google Inc.) Task: {40B7EC79-056C-4072-8FDA-6552880EC728} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {4C51BB2A-E344-40EB-BF4E-DAEEBC48BA50} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\admin\Desktop\ESET.exe Task: {69DBB2D3-CDFE-44DE-965A-C049476056F8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-30] (Acer Incorporated -> ) Task: {718B462D-642E-4D71-A58A-130FB25AC2FA} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2018-10-27] (Kaspersky Lab -> AO Kaspersky Lab) Task: {CE05F840-39B2-4BC0-8553-57BBCEEAA31A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated -> Acer Incorporated) Task: {DC0695CA-614F-412E-A84E-12FC1736A951} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\admin\Desktop\ESET.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3D22F6EB-7D48-4581-8A4A-7761F8E75A76}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{7E9EBC38-283C-4B56-89DA-0535C2A81429}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{8C0C8C41-DE5D-461D-8BFB-EE4420C2962F}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{F916C187-3FE7-40E2-8C16-F14583B0F455}: [DhcpNameServer] 192.168.43.1 HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1] Internet Explorer: ================== HKU\S-1-5-21-844090339-168977430-2555540811-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-07-27] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-844090339-168977430-2555540811-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) FireFox: ======== FF DefaultProfile: 4t3exipe.default-1551755093489 FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4t3exipe.default-1551755093489 [2019-05-25] FF Extension: (Facebook Container) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4t3exipe.default-1551755093489\Extensions\@contain-facebook.xpi [2019-05-25] FF Extension: (ETP Search Volume Study) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4t3exipe.default-1551755093489\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-05-15] FF Extension: (Online Convert) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4t3exipe.default-1551755093489\Extensions\firefox@online-convert.com.xpi [2019-04-08] FF Extension: (Facebook Messenger Message Cleaner) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\4t3exipe.default-1551755093489\Extensions\{847eddef-437f-4b5f-93db-b230488bc239}.xpi [2019-03-14] FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-16] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-03-05] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-03-05] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://homepage-web.com/?s=acer&m=home CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://homepage-web.com/?s=acer&m=start" CHR DefaultSearchURL: Default -> hxxps://192.168.1.240/bahmni/favicon.ico CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-05-21] CHR Extension: (Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29] CHR Extension: (Video & GIF Downloader For Facebook™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajanondpapegkikdhmmhmoogcaajdokn [2018-12-14] CHR Extension: (Kaspersky Protection) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-15] CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29] CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-20] CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-04-19] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-20] CHR Extension: (OpenERP) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapopdbfnfhcgfdldoielojfiidmecaj [2018-12-14] CHR Extension: (Video Downloader professional) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-19] CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-12-14] CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-15] CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-21] CHR Extension: (Delete All Messages) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2019-03-28] CHR Extension: (Delete All Messages for Facebook™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnpnpdgfopkoibbhemhdinhcbghpokf [2019-05-21] CHR Extension: (Multi Forward for Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmdplljmniahpamcmabdnahmjdlikpm [2017-08-02] CHR Extension: (Save to Facebook) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2019-05-21] CHR Extension: (Grammarly for Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-21] CHR Extension: (Facebook Fast Delete Messages) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmpnhheahecaojonebajllddfhpilan [2017-06-18] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-21] CHR Extension: (Anti-Phishing & Authenticity Checker) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggehmlfnempkheebgikhmemhnnpacle [2018-12-14] CHR Extension: (Messenger Cleaner) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhfajmpgiahjmnbhemaehbgadnhnhbd [2019-03-15] CHR Extension: (Bahmni Home) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlejgcccohmalhjkncfcbnbekihgnnmg [2017-07-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-15] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-21] CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-29] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKU\S-1-5-21-844090339-168977430-2555540811-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-12-01] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-11] (Intel Corporation - pGFX -> Intel Corporation) S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [414352 2018-12-07] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-27] (Microsoft Corporation) [File not signed] R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] (Huawei Technologies Co., Ltd. -> ) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG -> Nero AG) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-07-01] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [125568 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [91472 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [236672 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\drivers\klhk.sys [1091920 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1168000 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58704 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [60536 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [60784 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50304 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [46416 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [104576 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [184960 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [218240 2019-04-16] (Kaspersky Lab -> AO Kaspersky Lab) R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2299392 2015-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros, Inc.) S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.) R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek ) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X] S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X] S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-25 10:06 - 2019-05-25 10:08 - 000022718 _____ C:\Users\admin\Desktop\FRST.txt 2019-05-25 10:02 - 2019-05-25 10:03 - 000001985 _____ C:\Users\admin\Desktop\Fixlog.txt 2019-05-22 06:59 - 2019-05-24 05:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-05-21 16:44 - 2019-05-23 16:53 - 000003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2019-05-21 16:40 - 2019-05-21 16:44 - 000000000 ____D C:\ProgramData\Intel 2019-05-21 16:40 - 2019-05-21 16:40 - 000003616 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2019-05-21 16:40 - 2019-05-21 16:40 - 000003370 _____ C:\Windows\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2019-05-20 08:44 - 2019-05-23 09:12 - 000009780 _____ C:\VEW.txt 2019-05-20 06:14 - 2019-05-20 06:14 - 000061440 _____ ( ) C:\Users\admin\Desktop\VEW.exe 2019-05-19 13:27 - 2019-05-24 17:57 - 000000826 _____ C:\Users\admin\Desktop\LatencyMon.lnk 2019-05-19 13:27 - 2019-05-24 17:57 - 000000814 _____ C:\Users\admin\Desktop\In Depth Latency Tests.lnk 2019-05-19 13:27 - 2019-05-24 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon 2019-05-19 13:27 - 2019-05-24 17:57 - 000000000 ____D C:\Program Files\LatencyMon 2019-05-19 13:27 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys 2019-05-19 13:25 - 2019-05-19 13:25 - 002323432 _____ (Resplendence Software Projects Sp. ) C:\Users\admin\Desktop\LatencyMon.exe 2019-05-19 08:43 - 2019-05-19 08:43 - 000000808 _____ C:\Users\Public\Desktop\Speccy.lnk 2019-05-19 08:43 - 2019-05-19 08:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2019-05-19 08:43 - 2019-05-19 08:43 - 000000000 ____D C:\Program Files\Speccy 2019-05-19 08:36 - 2019-05-20 08:56 - 000006482 _____ C:\junk.txt 2019-05-19 08:36 - 2019-05-19 08:40 - 000006239 _____ C:\Windows\system32\junk.txt 2019-05-19 08:23 - 2019-05-19 08:23 - 002703128 _____ (Sysinternals - www.sysinternals.com) C:\Users\admin\Desktop\procexp.exe 2019-05-18 13:49 - 2019-05-18 13:49 - 000000000 ____D C:\Users\admin\AppData\Local\FreemakeVideoDownloader 2019-05-18 13:48 - 2019-05-18 13:53 - 000000000 ____D C:\ProgramData\Freemake 2019-05-18 13:48 - 2019-05-18 13:51 - 000000000 ____D C:\Users\admin\Documents\Freemake 2019-05-18 13:47 - 2019-05-18 13:52 - 000000000 ____D C:\Program Files (x86)\Freemake 2019-05-17 09:50 - 2019-05-17 09:51 - 000128454 _____ C:\Users\admin\Desktop\Hari Krishna Prahlad CV.pdf 2019-05-15 08:32 - 2019-05-06 09:17 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-05-15 08:32 - 2019-05-06 09:06 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-05-15 08:32 - 2019-05-06 09:06 - 001537776 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-05-15 08:32 - 2019-05-06 09:05 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-05-15 08:32 - 2019-05-06 09:04 - 000805384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-05-15 08:32 - 2019-05-06 09:03 - 001136208 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-05-15 08:32 - 2019-05-06 07:42 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-05-15 08:32 - 2019-05-06 07:38 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-05-15 08:32 - 2019-05-06 07:11 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2019-05-15 08:32 - 2019-04-30 06:21 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-05-15 08:32 - 2019-04-30 06:21 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-05-15 08:32 - 2019-04-25 09:31 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-05-15 08:32 - 2019-04-25 09:10 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-05-15 08:32 - 2019-04-25 09:01 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-05-15 08:32 - 2019-04-25 08:58 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-05-15 08:32 - 2019-04-25 08:56 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-05-15 08:32 - 2019-04-25 08:39 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-05-15 08:32 - 2019-04-25 08:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-05-15 08:32 - 2019-04-25 08:28 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-05-15 08:32 - 2019-04-25 08:20 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-05-15 08:32 - 2019-04-25 08:16 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-05-15 08:32 - 2019-04-25 08:12 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-05-15 08:32 - 2019-04-25 08:10 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-05-15 08:32 - 2019-04-25 08:07 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-05-15 08:32 - 2019-04-25 08:05 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-05-15 08:32 - 2019-04-25 08:05 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-05-15 08:32 - 2019-04-25 07:54 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-05-15 08:32 - 2019-04-25 07:48 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-05-15 08:32 - 2019-04-25 07:44 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-05-15 08:32 - 2019-04-25 07:44 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-05-15 08:32 - 2019-04-25 07:42 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-05-15 08:32 - 2019-04-20 22:11 - 000081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2019-05-15 08:32 - 2019-04-17 06:15 - 022373296 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2019-05-15 08:32 - 2019-04-17 06:11 - 019790872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2019-05-15 08:32 - 2019-04-16 19:15 - 001756160 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-05-15 08:32 - 2019-04-16 19:10 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-05-15 08:32 - 2019-04-14 22:07 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-05-15 08:32 - 2019-04-14 22:05 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2019-05-15 08:32 - 2019-04-14 21:39 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2019-05-15 08:32 - 2019-04-14 21:37 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2019-05-15 08:32 - 2019-04-09 03:47 - 000537096 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-05-15 08:32 - 2019-04-09 03:47 - 000139912 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-05-15 08:32 - 2019-04-09 03:43 - 000449744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-05-15 08:32 - 2019-04-09 03:42 - 000136736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-05-15 08:32 - 2019-04-09 03:10 - 000136432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2019-05-15 08:32 - 2019-04-07 06:27 - 001214720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-05-15 08:32 - 2019-04-07 02:01 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-05-15 08:32 - 2019-04-07 02:01 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-05-15 08:32 - 2019-04-07 02:01 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-05-15 08:32 - 2019-04-07 02:01 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-05-15 08:32 - 2019-04-07 02:01 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2019-05-15 08:32 - 2019-04-07 00:09 - 002172832 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2019-05-15 08:32 - 2019-04-07 00:09 - 001662512 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-05-15 08:32 - 2019-04-06 21:12 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-05-15 08:32 - 2019-04-06 04:17 - 000096208 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll 2019-05-15 08:32 - 2019-04-06 04:16 - 000177608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-05-15 08:32 - 2019-04-06 04:14 - 000073248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll 2019-05-15 08:32 - 2019-04-05 19:37 - 003324928 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-05-15 08:32 - 2019-04-05 19:36 - 001253888 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2019-05-15 08:32 - 2019-04-05 19:36 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2019-05-15 08:32 - 2019-04-05 19:36 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll 2019-05-15 08:32 - 2019-04-05 19:31 - 003618304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-05-15 08:32 - 2019-04-05 19:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2019-05-15 08:32 - 2019-04-05 05:28 - 000863232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2019-05-15 08:32 - 2019-04-05 03:45 - 000513416 _____ C:\Windows\SysWOW64\locale.nls 2019-05-15 08:32 - 2019-04-05 03:45 - 000513416 _____ C:\Windows\system32\locale.nls 2019-05-15 08:32 - 2019-04-04 23:31 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2019-05-15 08:32 - 2019-04-04 23:11 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-05-15 08:32 - 2019-04-04 22:40 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2019-05-15 08:32 - 2019-04-04 22:19 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-05-15 08:32 - 2019-04-04 22:18 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2019-05-15 08:32 - 2019-04-04 22:14 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-05-15 08:32 - 2019-04-04 21:45 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2019-05-15 08:32 - 2019-04-04 21:40 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-05-15 08:32 - 2015-06-10 04:09 - 000053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2019-05-15 08:32 - 2015-06-10 04:08 - 001201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2019-05-14 19:26 - 2019-05-14 19:26 - 000390192 _____ C:\Users\admin\Desktop\Jalaluddin Rumi.pdf 2019-05-11 12:39 - 2019-05-25 09:47 - 000000000 ____D C:\Users\admin\Desktop\DW 2019-05-11 12:37 - 2019-05-25 10:06 - 000000000 ____D C:\FRST 2019-05-11 12:35 - 2019-05-24 05:39 - 002435072 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe 2019-05-11 10:59 - 2019-05-11 11:00 - 003809414 _____ C:\Users\admin\Downloads\video-1557488557.mp4 2019-05-09 19:34 - 2019-05-09 19:34 - 000236152 _____ C:\Users\admin\Desktop\Gitanjali.pdf 2019-05-09 17:31 - 2019-05-09 17:31 - 000301749 _____ C:\Users\admin\Desktop\Nationalism by Tagore.pdf 2019-05-09 13:25 - 2019-05-09 13:25 - 000178127 _____ C:\Users\admin\Downloads\NationalismTagore.epub 2019-05-09 09:40 - 2019-05-09 09:40 - 009152798 _____ C:\Users\admin\Downloads\app-com.vidmix.app-homesite-release-v1.7.9.1-39-20190422-173209.apk 2019-05-07 10:40 - 2019-05-07 10:40 - 007931026 _____ C:\Users\admin\Desktop\kolam.mp4 2019-05-05 10:44 - 2019-05-05 10:45 - 017988470 _____ C:\Users\admin\Downloads\Clausewitz On War_compressed.pdf 2019-04-29 10:25 - 2019-04-29 10:26 - 000002760 _____ C:\Windows\SysWOW64\lgAxconfig.ini 2019-04-29 10:25 - 2019-04-29 10:26 - 000000000 ____D C:\ProgramData\LGMOBILEAX 2019-04-29 10:25 - 2019-04-29 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool 2019-04-29 10:25 - 2011-05-06 10:37 - 000655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll 2019-04-29 10:25 - 2011-05-06 10:37 - 000568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll 2019-04-29 10:25 - 2011-05-06 10:37 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll 2019-04-29 10:25 - 2006-04-30 05:33 - 000053248 _____ () C:\Windows\SysWOW64\CommonDL.dll 2019-04-29 10:25 - 2005-09-29 22:39 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll 2019-04-29 10:24 - 2019-04-29 10:24 - 016691672 _____ (LG Electronics) C:\Users\admin\Downloads\LGMobileDriver_WHQL_Ver_4.2.0(2).exe 2019-04-29 10:24 - 2019-04-29 10:24 - 001763528 _____ (LG Electronics) C:\Users\admin\Downloads\LGMobileSupportTool.exe 2019-04-29 10:16 - 2019-04-29 10:18 - 114146416 _____ (Anvsoft) C:\Users\admin\Downloads\syncios_data_transfer.exe 2019-04-29 10:02 - 2019-04-29 10:02 - 016691672 _____ (LG Electronics) C:\Users\admin\Downloads\LGMobileDriver_WHQL_Ver_4.2.0(1).exe 2019-04-28 12:23 - 2019-04-28 12:23 - 000970920 _____ C:\Users\admin\Downloads\video-1556431002.mp4 2019-04-26 14:55 - 2019-04-26 15:01 - 013324765 _____ C:\Users\admin\Desktop\cow.mp4 ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-25 10:07 - 2017-04-25 09:49 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2019-05-25 10:05 - 2017-04-20 07:17 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles 2019-05-25 10:05 - 2013-08-22 20:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-05-25 09:54 - 2019-03-11 17:35 - 000000000 ____D C:\Users\admin\Desktop\New Pics 2019-05-25 07:08 - 2017-04-20 06:50 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-844090339-168977430-2555540811-1001 2019-05-25 06:25 - 2017-04-21 08:36 - 000003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D4A6C8BA-157C-4671-970D-5A9A13D3CC10} 2019-05-25 06:22 - 2017-04-21 08:35 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla 2019-05-24 17:43 - 2013-08-22 19:06 - 000000000 ____D C:\Windows\Inf 2019-05-24 10:07 - 2017-06-04 12:06 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps 2019-05-24 10:06 - 2017-04-20 06:56 - 000000000 ____D C:\Program Files (x86)\Intel 2019-05-24 10:06 - 2017-04-20 06:53 - 000000000 ____D C:\ProgramData\Package Cache 2019-05-23 08:17 - 2017-04-30 09:51 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-05-23 08:17 - 2017-04-30 09:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-05-23 08:12 - 2013-08-22 18:55 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-05-22 10:20 - 2013-08-22 18:55 - 000262144 ___SH C:\Windows\system32\config\ELAM 2019-05-22 06:13 - 2017-04-21 12:17 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-22 06:13 - 2017-04-21 12:17 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-05-21 16:40 - 2017-04-20 06:54 - 000000000 ____D C:\Program Files\Intel 2019-05-21 08:41 - 2014-03-18 15:34 - 000820208 _____ C:\Windows\system32\PerfStringBackup.INI 2019-05-20 17:23 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\rescache 2019-05-20 13:35 - 2018-11-05 16:20 - 000000000 ____D C:\Users\admin\Desktop\phone 2019-05-20 13:34 - 2019-03-04 13:58 - 000000000 ____D C:\Users\admin\Desktop\New Phone 2019-05-20 07:36 - 2013-08-22 20:14 - 000483952 _____ C:\Windows\system32\FNTCACHE.DAT 2019-05-20 07:33 - 2013-08-22 20:50 - 000000000 ____D C:\Windows\CbsTemp 2019-05-19 14:30 - 2019-01-20 13:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc 2019-05-17 09:29 - 2017-07-12 08:33 - 000000000 ____D C:\Users\admin\Desktop\Hari 2019-05-17 09:07 - 2013-08-22 21:06 - 000000000 ___RD C:\Windows\ToastData 2019-05-17 08:49 - 2017-06-24 08:00 - 000000000 ____D C:\Windows\system32\MRT 2019-05-17 08:19 - 2017-06-24 08:00 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-05-16 08:16 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\AppReadiness 2019-05-15 18:25 - 2017-04-21 12:08 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-15 18:25 - 2017-04-21 12:08 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-05-09 14:31 - 2019-03-11 17:40 - 000000000 ____D C:\Users\admin\Desktop\PDF 2019-05-08 12:40 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-05-08 12:40 - 2013-08-22 21:06 - 000000000 ____D C:\Windows\system32\Macromed 2019-05-07 05:54 - 2017-04-19 19:10 - 000000000 ____D C:\Users\admin\AppData\Roaming\Atheros 2019-05-06 11:58 - 2019-04-19 07:58 - 000000000 ____D C:\Users\admin\Desktop\Phone Final 2019-05-06 11:57 - 2017-04-20 07:01 - 000000000 ____D C:\Users\admin\Documents\Bluetooth Folder 2019-05-06 05:54 - 2017-04-30 08:19 - 000000000 ____D C:\Program Files (x86)\LenovoUsbDriver 2019-05-03 13:22 - 2017-09-27 15:52 - 000000000 ____D C:\Users\admin\Desktop\AMS 2019-05-03 03:29 - 2017-06-21 08:03 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-05-03 03:29 - 2017-06-21 08:03 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-05-01 06:04 - 2018-11-13 12:01 - 000000000 ____D C:\Users\admin\Desktop\Pics ==================== Files in the root of some directories ======= 2017-05-08 13:26 - 2017-09-09 13:54 - 000005120 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-05-11 19:12 - 2017-05-11 19:12 - 000000000 _____ () C:\Users\admin\AppData\Local\{D0478A62-141E-4DB0-823C-FBA3EF766F66} ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-05-24 09:01 ==================== End of FRST.txt ============================