My desktop runs Windows 10. I downloaded & ran FRST64. The files FRST.txt log and Addition.txt log were created and are on my desktop in a folder along with the file fixlist.txt which is empty. I don't know what I am supposed to copy and paste in the fixlist file. Any help will be greatly appreciated.
Please help me with a fixlist for FRST64
Started by
Quartz
, Jun 28 2017 03:07 PM
#2
Posted 28 June 2017 - 04:50 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Neither do we without seeing the FRST.txt and Addition.txt logs. Please open Frst.txt, Ctrl + a, Ctrl +c then move to a reply and Ctrl + v, Repeat for Addition.txt then Post.
#3
Posted 28 June 2017 - 06:08 PM
Quartz
- Topic Starter
-
- Member
-
- 122 posts
Member
Thanks for answering my call for help. I stepped away from the computer & forgot to come back to post the files. Sorry.
Below is a link to Speccy listing details about my desktop. I thought you may need to know that I have 2 hard drives installed, with both Windows 7 & 10 installed on the Samsung SSD 850 EVO 120GB & a WD 1TB for programs & storage.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by Administrator (administrator) on DESKTOP-4B5L7F4 (26-06-2017 12:04:40)
Running from C:\Users\Administrator\Desktop\FRST
Loaded Profiles: Administrator (Available Profiles: Cindy & CW & Dustin & Administrator)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
(SUPERAntiSpyware.com) D:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony Corporation) E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => E:\Program Files (x86)\PlayMemories Home\PMBVolumeWatcher.exe [2724896 2016-06-24] (Sony Corporation)
HKLM-x32\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [316864 2010-04-09] (Cyber Power Systems, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2189236351-1808509422-1153190697-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{025c042c-4d0c-4418-9816-b4bd3a6f90c6}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2017-05-11] (F-Secure Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2017-05-11] (F-Secure Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2017-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{5ef50773-c517-432a-a8cb-325e25ece3d2}] - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\deploy\fs_firefox_https => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-18] [not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-06-26]
CHR Extension: (Google Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-07]
CHR Extension: (Theme Creator) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2016-08-07]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-07]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-07]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-07]
CHR Extension: (Honey) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-06-26]
CHR Extension: (eBay) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2017-03-20]
CHR Extension: (Advanced Font Settings) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2016-08-07]
CHR Extension: (Find My Tab) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjcielfmgjldjmgjlldijdifmhkgkkhf [2017-03-20]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-08-07]
CHR Extension: (Font App Extension) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogeggjdgldnjmlgdcgokmdpdilggkik [2017-04-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-19]
CHR Extension: (Google Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-07]
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2017-03-20]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-07]
CHR Extension: (Click&Clean) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2017-06-10]
CHR Extension: (AdBlock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-26]
CHR Extension: (Enjoy Music Player) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncfgilfeieogcpghjnnhddghgdjbekl [2017-06-26]
CHR Extension: (Disconnect) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2017-03-20]
CHR Extension: (Font Changer with Google Web Fonts™) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjhhoglgjdklldfgoffdiaceffijeke [2017-04-06]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2017-03-20]
CHR Extension: (Grammarly for Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-06-25]
CHR Extension: (searchanonymo) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflgpljkgfgnobalpcidgjfehndkdjee [2017-06-25]
CHR Extension: (eBay for Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2017-03-20]
CHR Extension: (Download Fonts) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmjfmdomlhhodhmmfaomfbbdadpeefk [2016-08-07]
CHR Extension: (Zoggle) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\makbpnhaoldbpinpacbppcefmonaimlf [2016-08-07]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-06-09]
CHR Extension: (Gilt) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjfjcgedpajobpeigceakhndfaicfehh [2016-08-07]
CHR Extension: (Sticky Notes) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2016-08-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-20]
CHR Extension: (Show Apps in new tab) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohbdifokmdgjcbbeobglcbaifinhfip [2017-03-20]
CHR Extension: (Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\okkolgldfknecfjnhhglfopimelbaceh [2016-08-07]
CHR Extension: (Font Size Increase) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombpcpigmndepfckcifdblemkabaoihk [2016-08-07]
CHR Extension: (PetsNotes) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\paladbapiopcbdkmelfcdgiglibeofee [2016-08-07]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2017-06-26]
CHR Extension: (Hover Zoom+) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2017-04-25]
CHR Extension: (Color Gradient) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjhiinilggcbncdcockblpokpnbihihg [2016-08-07]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-07]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-09]
CHR Extension: (Skype Calling) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-03-20]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2189236351-1808509422-1153190697-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; D:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-26] (SUPERAntiSpyware.com)
R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE [218080 2016-10-26] (F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [67640 2017-05-10] (F-Secure Corporation)
R2 PMBDeviceInfoProvider; E:\Program Files (x86)\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [918976 2010-04-16] (Cyber Power Systems, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102400 2016-02-26] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [229080 2017-02-25] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106704 2017-04-24] (F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [73928 2016-08-07] ()
R3 fsni; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\bin\fsni64.sys [120016 2017-05-11] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-10-08] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R1 SASDIFSV; D:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-26 12:04 - 2017-06-26 12:04 - 00000000 ____D C:\Users\Administrator\Desktop\FRST
2017-06-26 12:00 - 2017-06-26 12:01 - 00034957 _____ C:\Users\Administrator\Desktop\Addition.txt
2017-06-26 11:59 - 2017-06-26 12:01 - 00062547 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-06-26 11:56 - 2017-06-26 12:04 - 00000000 ____D C:\FRST
2017-06-25 22:25 - 2017-06-25 22:25 - 01663672 _____ (Malwarebytes) C:\Users\Administrator\Desktop\JRT.exe
2017-06-14 06:24 - 2017-06-14 06:24 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-14 06:21 - 2017-06-03 06:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 06:21 - 2017-06-03 06:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 06:21 - 2017-06-03 06:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 06:21 - 2017-06-03 06:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 06:21 - 2017-06-03 06:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 06:21 - 2017-06-03 06:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 06:21 - 2017-06-03 06:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 06:21 - 2017-06-03 06:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 06:21 - 2017-06-03 06:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 06:21 - 2017-06-03 06:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 06:21 - 2017-06-03 06:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 06:21 - 2017-06-03 06:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 06:21 - 2017-06-03 05:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 06:21 - 2017-06-03 05:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 06:21 - 2017-06-03 05:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 06:21 - 2017-06-03 05:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 06:21 - 2017-06-03 05:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 06:21 - 2017-06-03 05:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 06:21 - 2017-06-03 05:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 06:21 - 2017-06-03 05:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 06:21 - 2017-06-03 05:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 06:21 - 2017-06-03 05:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 06:21 - 2017-06-03 05:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 06:21 - 2017-06-03 05:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 06:21 - 2017-06-03 05:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 06:21 - 2017-06-03 05:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 06:21 - 2017-06-03 05:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 06:21 - 2017-06-03 05:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 06:21 - 2017-06-03 05:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 06:21 - 2017-06-03 05:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 06:21 - 2017-06-03 05:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 06:21 - 2017-06-03 05:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 06:21 - 2017-06-03 05:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 06:21 - 2017-06-03 05:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 06:21 - 2017-06-03 05:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 06:21 - 2017-06-03 05:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 06:21 - 2017-06-03 05:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 06:21 - 2017-06-03 05:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 06:21 - 2017-06-03 05:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 06:21 - 2017-06-03 05:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 06:21 - 2017-06-03 05:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 06:21 - 2017-06-03 05:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 06:21 - 2017-06-03 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 06:21 - 2017-06-03 05:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 06:21 - 2017-06-03 05:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 06:21 - 2017-06-03 05:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 06:21 - 2017-06-03 05:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 06:21 - 2017-06-03 05:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 06:21 - 2017-06-03 05:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 06:21 - 2017-06-03 05:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 06:21 - 2017-06-03 05:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 06:21 - 2017-06-03 05:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 06:21 - 2017-06-03 05:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 06:21 - 2017-06-03 05:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 06:21 - 2017-06-03 05:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 06:21 - 2017-06-03 05:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 06:21 - 2017-06-03 05:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 06:21 - 2017-06-03 05:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 06:21 - 2017-06-03 05:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 06:21 - 2017-06-03 05:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 06:21 - 2017-06-03 04:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 06:21 - 2017-06-03 04:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 06:21 - 2017-06-03 04:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 06:21 - 2017-06-03 04:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 06:21 - 2017-06-03 04:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 06:21 - 2017-06-03 04:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 06:21 - 2017-06-03 04:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 06:21 - 2017-06-03 04:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 06:21 - 2017-06-03 04:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 06:21 - 2017-06-03 04:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 06:21 - 2017-06-03 04:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 06:21 - 2017-06-03 04:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 06:21 - 2017-06-03 04:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 06:21 - 2017-06-03 04:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 06:21 - 2017-06-03 04:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 06:21 - 2017-06-03 04:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 06:21 - 2017-06-03 04:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 06:21 - 2017-05-20 05:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-14 06:21 - 2017-05-20 04:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-14 06:21 - 2017-05-20 04:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-14 06:21 - 2017-05-20 04:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-14 06:21 - 2017-05-20 04:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-14 06:21 - 2017-05-20 04:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-14 06:21 - 2017-05-20 04:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-14 06:21 - 2017-05-20 04:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 06:21 - 2017-05-20 04:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-14 06:21 - 2017-05-20 04:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-14 06:21 - 2017-05-20 04:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-14 06:21 - 2017-05-20 04:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-14 06:21 - 2017-05-20 04:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-14 06:21 - 2017-05-20 04:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-14 06:21 - 2017-05-20 04:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-14 06:21 - 2017-05-20 04:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-14 06:21 - 2017-05-20 04:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-14 06:21 - 2017-05-20 04:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-14 06:21 - 2017-05-20 04:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-14 06:21 - 2017-05-20 04:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-14 06:21 - 2017-05-20 04:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-14 06:21 - 2017-05-20 04:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-14 06:21 - 2017-05-20 04:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-14 06:21 - 2017-05-20 04:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-14 06:21 - 2017-05-20 04:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-14 06:21 - 2017-05-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-14 06:21 - 2017-05-20 04:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-14 06:21 - 2017-05-20 04:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-14 06:21 - 2017-05-20 04:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-14 06:21 - 2017-05-20 04:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-14 06:21 - 2017-05-20 04:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-14 06:21 - 2017-05-20 04:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-14 06:21 - 2017-05-20 04:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-14 06:21 - 2017-05-20 04:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-14 06:21 - 2017-05-20 04:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-14 06:21 - 2017-05-20 04:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-14 06:21 - 2017-05-20 04:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-14 06:21 - 2017-05-20 04:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-14 06:21 - 2017-05-20 04:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-14 06:21 - 2017-05-20 04:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-14 06:21 - 2017-05-20 04:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-14 06:21 - 2017-05-20 04:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-14 06:21 - 2017-05-20 04:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-14 06:21 - 2017-05-20 04:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-14 06:21 - 2017-05-20 04:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-14 06:21 - 2017-05-20 04:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-14 06:21 - 2017-05-20 04:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-14 06:21 - 2017-05-20 04:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-14 06:21 - 2017-05-20 04:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-14 06:21 - 2017-05-20 04:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-14 06:21 - 2017-05-20 04:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-14 06:21 - 2017-05-20 03:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 06:21 - 2017-05-20 03:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 06:21 - 2017-05-20 03:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-14 06:21 - 2017-05-20 02:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 06:21 - 2017-05-20 02:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-14 06:21 - 2017-05-20 02:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-14 06:21 - 2017-05-20 02:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-14 06:21 - 2017-05-20 02:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-14 06:21 - 2017-05-20 02:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-14 06:21 - 2017-05-20 02:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-14 06:21 - 2017-05-20 02:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-14 06:21 - 2017-05-20 02:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 06:21 - 2017-05-20 02:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-14 06:21 - 2017-05-20 02:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 06:21 - 2017-05-20 02:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-14 06:21 - 2017-05-20 02:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-14 06:21 - 2017-05-20 02:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-14 06:21 - 2017-05-20 02:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-14 06:21 - 2017-05-20 02:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-14 06:21 - 2017-05-20 02:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-14 06:21 - 2017-05-20 02:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-14 06:21 - 2017-05-20 02:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-14 06:21 - 2017-05-20 02:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-14 06:21 - 2017-05-20 02:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-14 06:21 - 2017-05-20 02:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-14 06:21 - 2017-05-20 02:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-14 06:21 - 2017-05-20 02:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-14 06:21 - 2017-05-20 02:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-14 06:21 - 2017-05-20 02:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-14 06:21 - 2017-05-20 02:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-14 06:21 - 2017-05-20 02:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-14 06:21 - 2017-05-20 02:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-14 06:21 - 2017-05-20 02:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-14 06:21 - 2017-05-20 02:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-14 06:21 - 2017-05-20 02:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-14 06:21 - 2017-05-20 02:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-14 06:21 - 2017-05-20 02:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-14 06:21 - 2017-05-20 02:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-14 06:21 - 2017-05-20 02:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-14 06:21 - 2017-05-20 01:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-14 06:21 - 2017-05-20 01:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-14 06:21 - 2017-05-20 01:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-14 06:21 - 2017-05-20 01:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-14 06:21 - 2017-05-20 01:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-14 06:21 - 2017-05-20 01:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-14 06:21 - 2017-05-20 01:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-14 06:21 - 2017-05-20 01:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-14 06:21 - 2017-05-20 01:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-14 06:21 - 2017-05-20 01:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-14 06:21 - 2017-05-20 01:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-14 06:21 - 2017-05-20 01:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-14 06:21 - 2017-05-20 01:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-14 06:21 - 2017-05-20 01:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-14 06:21 - 2017-05-20 01:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-14 06:21 - 2017-05-20 01:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-14 06:21 - 2017-05-20 01:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-14 06:21 - 2017-05-20 01:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-14 06:21 - 2017-05-20 01:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-14 06:20 - 2017-06-03 06:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 06:20 - 2017-06-03 06:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 06:20 - 2017-06-03 06:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 06:20 - 2017-06-03 06:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 06:20 - 2017-06-03 05:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 06:20 - 2017-06-03 05:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 06:20 - 2017-06-03 05:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 06:20 - 2017-06-03 05:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 06:20 - 2017-06-03 05:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 06:20 - 2017-06-03 05:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 06:20 - 2017-06-03 05:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 06:20 - 2017-06-03 05:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 06:20 - 2017-06-03 05:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 06:20 - 2017-06-03 05:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 06:20 - 2017-06-03 05:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 06:20 - 2017-06-03 05:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 06:20 - 2017-06-03 04:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 06:20 - 2017-06-03 04:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 06:20 - 2017-06-03 04:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-14 06:20 - 2017-05-20 04:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-14 06:20 - 2017-05-20 03:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-14 06:20 - 2017-05-20 02:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-14 06:20 - 2017-05-20 02:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-14 06:20 - 2017-05-20 02:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-14 06:20 - 2017-05-20 02:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 06:20 - 2017-05-20 02:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-14 06:20 - 2017-05-20 02:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-14 06:20 - 2017-05-20 02:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-14 06:20 - 2017-05-20 02:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-14 06:20 - 2017-05-20 02:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-14 06:20 - 2017-05-20 02:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-14 06:20 - 2017-05-20 02:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-14 06:20 - 2017-05-20 02:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-14 06:20 - 2017-05-20 02:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-14 06:20 - 2017-05-20 02:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-14 06:20 - 2017-05-20 02:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-14 06:20 - 2017-05-20 02:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-14 06:20 - 2017-05-20 02:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-14 06:20 - 2017-05-20 02:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-14 06:20 - 2017-05-20 02:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-14 06:20 - 2017-05-20 02:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-14 06:20 - 2017-05-20 02:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-14 06:20 - 2017-05-20 02:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-14 06:20 - 2017-05-20 02:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-14 06:20 - 2017-05-20 02:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-14 06:20 - 2017-05-20 02:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-14 06:20 - 2017-05-20 02:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-14 06:20 - 2017-05-20 01:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-14 06:20 - 2017-05-20 01:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-14 06:20 - 2017-05-20 01:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-14 06:20 - 2017-05-20 01:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-14 06:20 - 2017-05-20 01:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-14 06:20 - 2017-05-20 01:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-14 06:20 - 2017-05-20 01:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-14 06:20 - 2017-05-20 01:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-14 06:20 - 2017-05-20 01:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-14 06:20 - 2017-05-20 01:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-14 06:20 - 2017-05-20 01:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-14 06:20 - 2017-05-20 01:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-14 06:20 - 2017-05-20 01:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-14 06:20 - 2017-05-20 01:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-14 06:20 - 2017-05-20 01:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-14 06:20 - 2017-05-20 01:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-14 06:20 - 2017-05-20 01:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-14 06:20 - 2017-05-20 01:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-11 04:10 - 2017-06-11 04:11 - 00000000 ____D C:\Users\Administrator\Desktop\PDF FILES
2017-06-10 10:02 - 2017-06-10 10:02 - 00000149 _____ C:\Users\CW\Desktop\COURT CALENDAR.url
2017-06-09 22:01 - 2017-06-09 22:01 - 00000000 ____D C:\Users\CW\AppData\Roaming\Google
2017-06-09 21:15 - 2017-06-09 21:16 - 00000000 ___RD C:\Users\CW\Desktop\PICS
2017-06-09 20:30 - 2017-06-09 20:30 - 00001748 _____ C:\Users\Administrator\Desktop\Chrome Cleanup Tool - Shortcut.lnk
2017-06-09 20:18 - 2017-06-09 20:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Google
2017-06-09 20:17 - 2017-06-09 20:17 - 00000020 ___SH C:\Users\Dustin\ntuser.ini
2017-06-09 19:52 - 2017-06-09 19:52 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-06-09 15:27 - 2017-06-09 15:27 - 04110280 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\adwcleaner_6.047.exe
2017-06-01 16:39 - 2017-06-01 16:39 - 00622198 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\tb_buying_guides_anti_aging_products-r02.pdf
2017-06-01 12:20 - 2017-06-09 15:29 - 00000000 ___RD C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\MY PICS
2017-06-01 12:18 - 2017-06-01 12:21 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\CHANEL No5
2017-05-31 01:51 - 2017-05-31 01:51 - 00125801 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\BAKER CYST.ashx
2017-05-31 00:58 - 2017-05-31 00:58 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Roaming\library_dir
2017-05-30 04:20 - 2017-06-01 12:22 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\Chanel Front_files
2017-05-30 04:20 - 2017-05-30 04:20 - 00205942 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\Chanel Front.html
2017-05-30 04:19 - 2017-05-30 04:19 - 00205994 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\Chanel Bottom.html
2017-05-30 04:19 - 2017-05-30 04:19 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\Chanel Bottom_files
2017-05-29 23:58 - 2017-05-29 23:58 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\Documents\Sony PMB
2017-05-29 23:56 - 2017-05-29 23:56 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Roaming\Sony Corporation
2017-05-29 19:51 - 2017-05-29 19:51 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Local\PowerPanel Personal Edition
2017-05-29 03:02 - 2017-05-29 03:02 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\Documents\samsung
2017-05-29 03:02 - 2017-05-29 03:02 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Roaming\Samsung
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-26 12:01 - 2017-05-03 14:50 - 01067030 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-26 11:59 - 2017-03-18 17:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-26 11:59 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-26 11:58 - 2017-05-03 14:48 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{194D4C78-D7F5-462B-A4BE-C2D0B1C463EC}
2017-06-26 11:58 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-26 11:56 - 2017-04-25 15:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Raptr
2017-06-26 11:55 - 2017-05-11 01:12 - 00000652 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job
2017-06-26 11:55 - 2017-05-03 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-26 11:55 - 2017-05-03 14:41 - 00000000 ____D C:\Users\CW
2017-06-26 11:55 - 2017-03-18 10:23 - 00000000 ____D C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
2017-06-26 11:55 - 2017-03-18 07:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-26 11:54 - 2017-05-03 14:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-26 11:54 - 2017-03-21 09:06 - 00000000 ____D C:\Users\CW\AppData\Roaming\Raptr
2017-06-26 00:05 - 2017-05-03 14:48 - 00003658 _____ C:\WINDOWS\System32\Tasks\Scheduled scanning task
2017-06-25 23:03 - 2017-03-21 09:05 - 00000000 ____D C:\Users\CW\AppData\Local\Packages
2017-06-25 22:56 - 2016-04-27 02:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-25 15:31 - 2017-03-21 11:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-06-25 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-25 15:28 - 2017-05-03 14:48 - 00004568 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-25 15:28 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-25 15:28 - 2017-03-18 17:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-21 18:05 - 2017-05-03 14:48 - 00003306 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-21 18:05 - 2016-08-07 09:48 - 00002444 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-21 18:05 - 2016-08-07 09:48 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-06-21 01:55 - 2016-08-07 09:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-06-14 17:53 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 17:42 - 2017-05-03 14:40 - 00265528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-14 17:41 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 17:39 - 2017-05-03 14:41 - 00000000 ____D C:\Users\Administrator
2017-06-14 08:46 - 2016-08-07 07:00 - 00000000 ____D C:\ProgramData\F-Secure
2017-06-14 06:32 - 2016-07-15 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 06:27 - 2017-03-18 16:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 06:27 - 2016-07-15 16:00 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-11 04:11 - 2017-04-12 08:33 - 00002342 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2017-06-11 04:11 - 2017-03-20 21:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\PokerStars
2017-06-11 04:11 - 2017-03-15 23:45 - 00002030 _____ C:\Users\Public\Desktop\PokerStars.lnk
2017-06-11 04:11 - 2017-03-15 23:44 - 00000000 ____D C:\Program Files (x86)\PokerStars
2017-06-11 04:11 - 2016-08-07 09:48 - 00000000 ____D C:\Users\Administrator\AppData\Local\AMD
2017-06-10 14:08 - 2017-05-03 04:35 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2017-06-10 14:08 - 2017-05-03 04:35 - 00000729 _____ C:\Users\CW\Desktop\Windows 10 Upgrade Assistant.lnk
2017-06-10 14:08 - 2017-05-03 04:35 - 00000000 ____D C:\Windows10Upgrade
2017-06-09 20:58 - 2017-03-21 09:04 - 00000000 ____D C:\Users\CW\AppData\Local\ConnectedDevicesPlatform
2017-06-09 20:17 - 2017-05-03 14:41 - 00000000 ____D C:\Users\Dustin
2017-06-09 20:05 - 2017-05-03 14:48 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-09 19:52 - 2017-05-03 14:41 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4
2017-06-09 19:50 - 2016-08-14 04:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-09 15:36 - 2017-04-13 13:39 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Local\PokerStars
2017-06-09 15:33 - 2017-03-20 07:55 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Roaming\Raptr
2017-06-09 15:31 - 2016-08-11 17:47 - 00000000 ____D C:\AdwCleaner
2017-06-09 12:13 - 2017-05-13 01:18 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FCA2609F-B727-4854-AA23-12A80D95B5AA}
2017-06-04 03:08 - 2017-03-20 07:54 - 00002346 _____ C:\Users\Cindy.DESKTOP-4B5L7F4\Desktop\Google Chrome.lnk
2017-06-04 03:06 - 2017-02-22 03:07 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-03 02:32 - 2017-03-18 17:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 02:32 - 2017-03-18 17:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 11:35 - 2017-05-03 04:49 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-31 01:02 - 2017-03-20 07:55 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Local\VirtualStore
2017-05-31 01:02 - 2017-03-20 07:54 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Local\Packages
2017-05-31 00:58 - 2017-04-25 15:49 - 00002106 _____ C:\Users\Public\Desktop\Raptr.lnk
2017-05-30 02:08 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-29 19:56 - 2017-05-03 18:37 - 00000000 ____D C:\Windows.old
2017-05-29 19:52 - 2017-05-11 20:57 - 00000000 ____D C:\Users\Cindy.DESKTOP-4B5L7F4\AppData\Local\AMD
==================== Files in the root of some directories =======
2017-05-03 14:40 - 2017-05-03 14:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-21 18:12
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by Administrator (26-06-2017 12:05:22)
Running from C:\Users\Administrator\Desktop\FRST
Windows 10 Home Version 1703 (X64) (2017-05-03 18:58:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2189236351-1808509422-1153190697-500 - Administrator - Enabled) => C:\Users\Administrator
Cindy (S-1-5-21-2189236351-1808509422-1153190697-1007 - Administrator - Enabled) => %SystemDrive%\Users\CW
CW (S-1-5-21-2189236351-1808509422-1153190697-1009 - Limited - Enabled) => C:\Users\CW
DefaultAccount (S-1-5-21-2189236351-1808509422-1153190697-503 - Limited - Disabled)
Dustin (S-1-5-21-2189236351-1808509422-1153190697-1010 - Limited - Enabled) => C:\Users\Dustin
Guest (S-1-5-21-2189236351-1808509422-1153190697-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2189236351-1808509422-1153190697-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Computer Security by F-Secure (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Computer Security by F-Secure (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Application Mover (x64) (HKLM\...\Application Mover (x64 Shareware)_is1) (Version: 4.4 - Funduc Software Inc.)
Belkin Wireless USB Utility (x32 Version: 6.3.2.16 - Belkin) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Catalyst Control Center Next Localization BR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Charter Security Suite (HKLM-x32\...\F-Secure ServiceEnabler 42626) (Version: 2.76.211.0 - F-Secure Corporation)
Charter Security Suite (x32 Version: 2.76.211.0 - F-Secure Corporation) Hidden
Computer Security 14.176.101.0 (release) (x32 Version: 14.176.101.0 - F-Secure Corporation) Hidden
CyberPower PowerPanel Personal Edition 1.2.7 (HKLM-x32\...\{6604C31C-A3F5-4B19-A75F-BF7B87369C89}) (Version: 1.2.7 - Cyber Power Systems, Inc.)
F-Secure CCF Reputation (x32 Version: 2.1.1342.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.73.275.1078 (release) (x32 Version: 1.73.275.1078 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.04.214 (x32 Version: 1.04.214 - F-Secure Corporation) Hidden
F-Secure SafeSearch 10.0.0.0 (release) (x32 Version: 10.0.0.0 - F-Secure Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2189236351-1808509422-1153190697-500\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Online Safety 2.176.4626.2945 (x32 Version: 2.176.4626.2945 - F-Secure Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.2.01.06240 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.2.01 - Sony Corporation) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Reprofiler 2 (HKLM-x32\...\Reprofiler_is1) (Version: - IWR Consultancy)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.9 - Tweaking.com)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C182D8-1D62-4627-AA01-643E3243F204} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-25] (Adobe Systems Incorporated)
Task: {0A9D730E-1EE7-4B52-8182-F0C7D1C53268} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => E:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {2030C426-4AD8-478A-BBD6-2711A4BAECDE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {2CAF207E-906E-4FA2-B4FD-39744C52ADA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {877FD5CE-C28F-4FE2-80AF-B7891972A0C5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-25] (Adobe Systems Incorporated)
Task: {AA43AED4-0310-46F6-874B-EFFECF04C868} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {B553064B-3EEB-4227-A475-CE3E9267E515} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-15] (Google Inc.)
Task: {BA7DB153-95D4-4762-9562-1026CBEBC7E0} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsav.exe [2017-04-24] (F-Secure Corporation)
Task: {E81AEFAD-CD45-43DE-9712-994ADE3A3991} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-15] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\Scheduled scanning task.job =>
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Enjoy Music Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hncfgilfeieogcpghjnnhddghgdjbekl
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sticky Notes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nbjdhgkkhefpifbifjiflpaajchdkhpg
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 16:59 - 2017-03-18 22:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-12 10:48 - 2017-05-09 05:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 10:48 - 2017-05-09 05:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-07 07:03 - 2016-10-26 11:05 - 00074720 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\FSAVHRES.ENG
2016-10-25 11:01 - 2016-10-25 11:01 - 00254944 _____ () C:\Program Files (x86)\Charter Security Suite\daas2.dll
2016-08-07 07:03 - 2017-02-25 15:20 - 00213984 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Spam Control\fsas.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 15:01 - 2017-05-04 15:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-07 21:38 - 2015-05-07 21:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-07 21:49 - 2015-05-07 21:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-07 21:39 - 2015-05-07 21:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 17:59 - 2015-11-13 17:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 17:59 - 2015-11-13 17:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-11-13 17:58 - 2015-11-13 17:58 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2015-05-07 21:39 - 2015-05-07 21:39 - 00024064 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32pipe.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 13:33 - 2017-05-04 13:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-07 21:49 - 2015-05-07 21:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-07 21:55 - 2015-05-07 21:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2189236351-1808509422-1153190697-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6D9F764-D8C8-4435-B41C-615A50C54511}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D302BBB8-E906-46D6-9D39-638AC9875687}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A9B1B1BA-6E17-451E-80F9-67D098D8A721}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{DAEBF269-1EEA-4952-8C75-2E284E4B4BD8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{014EDF44-BFCC-431A-BB05-AD54E9DD2853}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
==================== Restore Points =========================
08-06-2017 22:38:49 Scheduled Checkpoint
14-06-2017 06:22:58 Windows Update
21-06-2017 18:38:17 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/26/2017 11:55:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/26/2017 02:24:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/26/2017 02:24:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/26/2017 02:24:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1706.13001, time stamp: 0x594028ed
Faulting module name: KERNELBASE.dll, version: 10.0.15063.296, time stamp: 0xa0527b0c
Exception code: 0x00000004
Fault offset: 0x0000000000069e08
Faulting process id: 0x2d3c
Faulting application start time: 0x01d2ee44ccfbc9df
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 9e4f054e-05c0-43f9-a070-dbeb8c503e7f
Faulting package full name: Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (06/26/2017 02:24:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.15063.0, time stamp: 0x0fa14906
Faulting module name: KERNELBASE.dll, version: 10.0.15063.296, time stamp: 0xa0527b0c
Exception code: 0x00000004
Fault offset: 0x0000000000069e08
Faulting process id: 0x6e8
Faulting application start time: 0x01d2ee44ccff5f21
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: abf31d61-353f-4258-936d-7d2af9f2279b
Faulting package full name: Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (06/26/2017 01:39:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/26/2017 01:39:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (06/26/2017 01:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1706.13001, time stamp: 0x594028ed
Faulting module name: KERNELBASE.dll, version: 10.0.15063.296, time stamp: 0xa0527b0c
Exception code: 0x00000004
Fault offset: 0x0000000000069e08
Faulting process id: 0x2cb8
Faulting application start time: 0x01d2ee3e7c010cc5
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 33fc1727-f299-4d86-bf24-14fc58362838
Faulting package full name: Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (06/26/2017 01:38:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.15063.0, time stamp: 0x0fa14906
Faulting module name: KERNELBASE.dll, version: 10.0.15063.296, time stamp: 0xa0527b0c
Exception code: 0x00000004
Fault offset: 0x0000000000069e08
Faulting process id: 0x2ce4
Faulting application start time: 0x01d2ee3e7c0533ee
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: f608052f-3ae0-424f-af20-f85221090bc4
Faulting package full name: Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (06/26/2017 12:58:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4B5L7F4)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (06/26/2017 11:55:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1068" attempting to start the service upnphost with arguments "Unavailable" in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (06/26/2017 11:55:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/26/2017 11:55:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1068" attempting to start the service upnphost with arguments "Unavailable" in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (06/26/2017 11:55:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/26/2017 11:55:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1068" attempting to start the service upnphost with arguments "Unavailable" in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (06/26/2017 11:55:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/26/2017 11:55:51 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1068" attempting to start the service upnphost with arguments "Unavailable" in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (06/26/2017 11:55:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (06/26/2017 11:55:51 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x8007042c'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (06/26/2017 11:55:51 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )
Description: A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x8007042c'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
CodeIntegrity:
===================================
Date: 2017-06-25 20:26:27.943
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:27.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:27.925
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.845
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.843
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.836
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.802
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-25 20:26:22.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A8-3850 APU with Radeon™ HD Graphics
Percentage of memory in use: 45%
Total physical RAM: 8181.39 MB
Available physical RAM: 4436.38 MB
Total Virtual: 18821.39 MB
Available Virtual: 14195.44 MB
==================== Drives ================================
Drive c: (Windows 10) (Fixed) (Total:100.07 GB) (Free:34.02 GB) NTFS
Drive d: (Windows 7 ) (Fixed) (Total:345.57 GB) (Free:232.95 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Storage) (Fixed) (Total:585.94 GB) (Free:528.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 60961FA9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 39643964)
Partition 1: (Active) - (Size=345.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
#4
Posted 28 June 2017 - 06:48 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
I don't see any sign of malware. What problems are you having?
#5
Posted 28 June 2017 - 06:52 PM
Quartz
- Topic Starter
-
- Member
-
- 122 posts
Member
I use Google Chrome. Recently, random tabs have been opening whenever I am on another tab/webpage. Sometimes I cannot close the tab & there is even a speaker on some sites that tells me (in a loud obnoxious voice ) that my computer is infected with a virus & that I need to call the phone # provided. Most of the time I have been able to close the tabs, but sometimes I have no choice but to reboot.
#6
Posted 28 June 2017 - 07:03 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Download the attached fixlist.txt to the same location as FRST
[attachment=85389:fixlist.txt]
Run FRST and press Fix
A fix log will be generated please post that
PC will probablt reboot so make sure nothing else is open.
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
