alright .. thank you
so here is the FRST Report
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by NEW LAP (administrator) on NEWLAP-PC (26-03-2018 22:33:12)
Running from C:\Users\NEW LAP\Desktop
Loaded Profiles: NEW LAP (Available Profiles: NEW LAP)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
( ) C:\Windows\System32\lmabcoms.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
( ) C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Seifert) C:\Program Files (x86)\WinDirStat\windirstat.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-06] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286272 2016-01-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [590400 2015-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe "C:\Program Files (x86)\HP\HP UT\"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-01] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\...\Run: [LMab1err] => C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [582312 2010-03-26] ( )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-01-27]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19CB2762-27D3-4551-8997-E7E0190F0B3D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4046C0C9-D98E-480D-9230-5B3B65EFD33F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2018-01-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-06] (AVAST Software)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-06] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-06] (AVAST Software)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default [2018-03-26]
FF Extension: (Flash Video Downloader) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\[email protected] [2018-03-26]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\[email protected] [2016-08-20] [Legacy]
FF Extension: (Avast SafePrice) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\[email protected] [2018-03-25]
FF Extension: (Avast Online Security) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\[email protected] [2018-01-06]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\[email protected] [2018-03-23]
FF Extension: (Video DownloadHelper) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-03-24]
FF Extension: (آدبلوك بلس) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-24]
FF Extension: (Block site) - C:\Users\NEW LAP\AppData\Roaming\Mozilla\Firefox\Profiles\ylqbpwkw.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2018-03-24]
FF HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-11-09] [Legacy]
FF HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\NEW LAP\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\NEW LAP\AppData\Roaming\IDM\idmmzcc5 [2018-03-23] [Legacy] [not signed]
FF HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2018-01-06] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-06] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-01-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-01-27] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: homtherckersopyzaqige
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
CHR HKU\S-1-5-21-3427846102-3826013632-1412583081-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-11-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-06] (AVAST Software)
R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1048576 2012-09-28] ( ) [File not signed]
R2 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [593920 2012-09-28] ( ) [File not signed]
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115224 2016-01-27] (RealNetworks, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-06] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-06] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-06] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-06] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-06] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-06] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-06] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-06] (AVAST Software)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2018-01-10] (Enigma Software Group USA, LLC.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-28] (REALiX)
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [520192 2010-12-14] (IDT, Inc.) [File not signed]
S1 MpKslb4bb97b5; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F09347C3-6881-4727-A1C9-D6E757F57DB1}\MpKslb4bb97b5.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-26 14:52 - 2018-03-26 14:52 - 000000000 ___SD C:\ComboFix
2018-03-25 21:53 - 2018-03-25 21:53 - 000001035 _____ C:\Users\NEW LAP\Desktop\WinDirStat.lnk
2018-03-25 21:53 - 2018-03-25 21:53 - 000000000 ____D C:\Users\NEW LAP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-03-25 21:53 - 2018-03-25 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-03-25 21:53 - 2018-03-25 21:53 - 000000000 ____D C:\Program Files (x86)\WinDirStat
2018-03-23 04:21 - 2018-03-23 04:21 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-03-23 04:17 - 2018-03-23 04:18 - 000006518 _____ C:\Users\NEW LAP\Desktop\Fixlog.txt
2018-03-23 04:13 - 2018-03-23 04:13 - 000017405 _____ C:\ComboFix.txt
2018-03-23 03:47 - 2018-03-23 03:47 - 000000000 ____D C:\$AV_ASW
2018-03-20 22:44 - 2018-03-20 22:47 - 000030818 _____ C:\Users\NEW LAP\Desktop\Addition.txt
2018-03-20 22:43 - 2018-03-26 22:33 - 000015722 _____ C:\Users\NEW LAP\Desktop\FRST.txt
2018-03-20 22:41 - 2018-03-26 22:33 - 000000000 ____D C:\FRST
2018-03-20 22:41 - 2018-03-20 22:41 - 000000182 _____ C:\Users\NEW LAP\Desktop\turkish.txt
2018-03-20 22:09 - 2018-03-20 22:10 - 002403328 _____ (Farbar) C:\Users\NEW LAP\Desktop\FRST64.exe
2018-03-19 03:02 - 2018-03-19 03:02 - 000003143 _____ C:\Users\NEW LAP\Desktop\ZHPFixReport.txt
2018-03-19 03:01 - 2018-03-19 03:01 - 000003257 _____ C:\Users\NEW LAP\Desktop\fix 2.txt
2018-03-19 02:20 - 2018-03-19 02:21 - 000090218 _____ C:\Users\NEW LAP\Desktop\ZHPDiag.txt
2018-03-19 01:18 - 2018-03-26 14:52 - 000000000 ____D C:\Qoobox
2018-03-19 01:17 - 2018-03-26 14:52 - 000000000 ____D C:\Windows\erdnt
2018-03-18 13:10 - 2018-03-18 13:10 - 000001002 _____ C:\Users\Public\Desktop\MBRCheck.lnk
2018-03-18 13:10 - 2018-03-18 13:10 - 000000995 _____ C:\Users\Public\Desktop\ZHPDiag.lnk
2018-03-18 13:10 - 2018-03-18 13:10 - 000000990 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2018-03-18 12:56 - 2018-03-18 12:56 - 000346130 _____ C:\Users\NEW LAP\Desktop\zhp
2018-03-18 12:42 - 2018-03-18 12:42 - 000020832 _____ C:\Users\NEW LAP\Desktop\ZHPCleaner.html
2018-03-18 12:42 - 2018-03-18 12:42 - 000003343 _____ C:\Users\NEW LAP\Desktop\ZHPCleaner.txt
2018-03-15 00:41 - 2018-03-19 01:44 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-03-15 00:40 - 2018-03-18 12:42 - 000000000 ____D C:\Users\NEW LAP\AppData\Roaming\ZHP
2018-03-15 00:40 - 2018-03-15 00:40 - 000000000 ____D C:\Users\NEW LAP\AppData\Local\ZHP
2018-03-15 00:39 - 2018-03-18 12:32 - 000000000 ____D C:\ProgramData\RogueKiller
2018-03-04 22:41 - 2018-03-12 00:25 - 000000000 ____D C:\Users\NEW LAP\Desktop\Coloring Materials
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-26 22:31 - 2017-04-05 21:38 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-03-26 22:28 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-26 22:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-03-26 18:31 - 2018-01-08 23:41 - 000000463 _____ C:\Users\NEW LAP\Desktop\MOVIES SAVE.txt
2018-03-26 14:52 - 2016-01-27 17:23 - 000000000 ____D C:\Users\NEW LAP\AppData\Roaming\DMCache
2018-03-25 00:24 - 2016-01-27 17:26 - 000001945 _____ C:\Windows\epplauncher.mif
2018-03-24 23:51 - 2016-01-30 08:21 - 000000000 ____D C:\Users\NEW LAP\AppData\Local\CrashDumps
2018-03-23 04:29 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-23 04:29 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-23 04:23 - 2018-02-09 20:20 - 000000000 ____D C:\Users\NEW LAP\AppData\LocalLow\Mozilla
2018-03-23 04:21 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-23 04:18 - 2016-02-05 01:37 - 000000000 ____D C:\Users\NEW LAP\AppData\LocalLow\Temp
2018-03-23 04:00 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2018-03-23 03:39 - 2016-01-27 17:13 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 03:39 - 2016-01-27 17:13 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-19 13:03 - 2016-01-27 17:23 - 000000000 ____D C:\Users\NEW LAP\AppData\Roaming\IDM
2018-03-19 03:09 - 2018-01-06 17:52 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2018-03-19 03:03 - 2018-01-06 21:46 - 000000246 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2018-03-19 03:02 - 2018-01-10 23:54 - 000000000 ____D C:\ZHP
2018-03-19 02:21 - 2018-01-10 23:54 - 000000000 ____D C:\Program Files (x86)\ZHPDiag
2018-03-18 13:10 - 2018-01-10 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2018-03-15 00:14 - 2016-01-27 17:23 - 000000000 ____D C:\Users\NEW LAP\Downloads\Compressed
2018-03-10 01:41 - 2018-01-06 17:53 - 000000000 ____D C:\Users\NEW LAP\Documents\RegRun2
2018-02-28 17:29 - 2017-06-23 01:16 - 000000000 ____D C:\Users\NEW LAP\Desktop\Print
2018-02-28 15:50 - 2016-06-18 00:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-28 15:49 - 2016-06-18 00:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-19 01:03
==================== End of FRST.txt ============================