Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

lagging issues

Started by dolface755 , Jun 04 2018 05:22 PM
told to post here

  • Please log in to reply

#1
dolface755
Posted 04 June 2018 - 05:22 PM

dolface755

    Member

  • Member
  • PipPipPip
  • 249 posts
I'm including original because I've already run all these programs and the only issue I came across was that I had an abundance of duplicate files, which is what I was requesting help with because I was quite sure on these duplicate files and what I could safely delete. However, when I posted I was told I needed to go through here because I mentioned that Malware Bytes came up and said that Auslogics Defrag was a malware program and deleted it...
Here is original posts...and I will attach my faber Logs under if there is something I missed please let me know...Thank you for your help
Original post:
my computer seems to be halting and lagging with black squares coming up and crossing my screen and getting worse every day. I've already run AVG and MalwareBytes. I've tried running Auslogics Defrag but Malware came up and said it was malware, and now I can't delete all of it. I also ran a file duplication program to see if there were several copies of things that may be causing the lag, the problem is that I'm not sure which of the files I can actually delete or if this is going to make a difference. I am including the TXT file of what the scanner found.
 
If anyone can help me that would be much appreciated. Thank you
 
duplicate log:
------------------------------------------------------------------------------------------------------------------------------------------------------
RtkUpd64.exe C:\Program Files\Realtek\Audio\HDA 1.60 MB 1/27/10 3:12:24 AM
RtkUpd64.exe C:\Program Files (x86)\Realtek\Audio\Drivers 1.60 MB 1/27/10 3:12:24 AM
------------------------------------------------------------------------------------------------------------------------------------------------------
RtlUpd64.exe C:\Program Files\Realtek\Audio\HDA 1.60 MB 6/22/10 10:03:16 AM
RtlUpd64.exe C:\Program Files (x86)\Realtek\Audio\Drivers 1.60 MB 6/22/10 10:03:16 AM
------------------------------------------------------------------------------------------------------------------------------------------------------
avBugReport.exe C:\Program Files (x86)\AVG\Antivirus 2.81 MB 5/10/18 4:33:36 PM
avBugReport.exe C:\Program Files (x86)\AVG\Antivirus\setup 2.81 MB 5/10/18 4:33:36 PM
------------------------------------------------------------------------------------------------------------------------------------------------------
HTMLayout.dll C:\Program Files (x86)\AVG\Antivirus 3.29 MB 5/10/18 4:33:40 PM
HTMLayout.dll C:\Program Files (x86)\AVG\Antivirus\setup 3.29 MB 5/10/18 4:33:40 PM
------------------------------------------------------------------------------------------------------------------------------------------------------
mfc90.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor\codec 3.59 MB 7/30/08 5:05:08 AM
mfc90.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor 3.59 MB 7/30/08 5:05:08 AM
mfc90.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker 3.59 MB 7/30/08 5:05:08 AM
mfc90.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker\plug-in 3.59 MB 7/30/08 5:05:08 AM
------------------------------------------------------------------------------------------------------------------------------------------------------
mfc90u.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor\codec 3.60 MB 7/30/08 5:05:10 AM
mfc90u.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor 3.60 MB 7/30/08 5:05:10 AM
mfc90u.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker 3.60 MB 7/30/08 5:05:10 AM
mfc90u.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker\plug-in 3.60 MB 7/30/08 5:05:10 AM
------------------------------------------------------------------------------------------------------------------------------------------------------
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor 1.40 MB 11/11/09 8:18:52 PM
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\LiveUpdate 1.40 MB 11/11/09 8:18:52 PM
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker 1.40 MB 11/11/09 8:18:52 PM
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\NTI JewelCase Maker 1.40 MB 11/11/09 8:18:52 PM
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\NTI Ripper Suite 1.40 MB 11/11/09 8:18:52 PM
SCD32.dll C:\Program Files (x86)\NTI\NTI Media Maker 9 1.40 MB 11/11/09 8:18:52 PM
------------------------------------------------------------------------------------------------------------------------------------------------------
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Audio Editor 2.51 MB 11/02/09 10:43:14 PM
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\LiveUpdate 2.51 MB 11/02/09 10:43:14 PM
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\Media Maker 2.51 MB 11/02/09 10:43:14 PM
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\NTI JewelCase Maker 2.51 MB 11/02/09 10:43:14 PM
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9\NTI Ripper Suite 2.51 MB 11/02/09 10:43:14 PM
SCD32_libFNP.dll C:\Program Files (x86)\NTI\NTI Media Maker 9 2.51 MB 11/02/09 10:43:14 PM
------------------------------------------------------------------------------------------------------------------------------------------------------
msidcrl40.dll C:\Program Files (x86)\Windows Live\Mail 1.08 MB 9/30/09 4:40:02 PM
msidcrl40.dll C:\Program Files (x86)\Windows Live\Messenger 1.08 MB 9/30/09 4:40:02 PM
msidcrl40.dll C:\Program Files (x86)\Windows Live\Photo Gallery 1.08 MB 9/30/09 4:40:02 PM
msidcrl40.dll C:\Program Files (x86)\Windows Live\Sync 1.08 MB 9/30/09 4:40:02 PM
msidcrl40.dll C:\Program Files (x86)\Windows Live\Writer 1.08 MB 9/30/09 4:40:02 PM
------------------------------------------------------------------------------------------------------------------------------------------------------
uxcore.dll C:\Program Files (x86)\Windows Live\Mail 2.28 MB 4/17/10 3:12:18 AM
uxcore.dll C:\Program Files (x86)\Windows Live\Messenger 2.28 MB 4/17/10 3:12:18 AM
------------------------------------------------------------------------------------------------------------------------------------------------------
VID_20180210_003428.mp4 C:\Users\Dragonsgrl\Music 146 MB 2/12/18 2:34:17 AM
VID_20180210_003428.mp4 C:\Users\Dragonsgrl\Videos 146 MB 2/12/18 2:34:17 AM
 
 
 

  • 0

Advertisements

#2
RKinner
Posted 07 June 2018 - 07:51 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Please copy and paste your FRST logs.  Also

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#3
dolface755
Posted 07 June 2018 - 01:01 PM

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 249 posts

Ok here is the cut and copy of my FRST and Addition logs....I will do the steps you requested and post everything when I get back from my treatment

thank you for your help

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.06.2018
Ran by Dragonsgrl (administrator) on DRAGONSGRL-PC (04-06-2018 16:12:54)
Running from C:\Users\Dragonsgrl\Desktop
Loaded Profiles: Dragonsgrl (Available Profiles: Dragonsgrl)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\...\Run: [Chromium] => c:\users\dragonsgrl\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.122
Tcpip\..\Interfaces\{5AE284F5-3F40-4BA8-AD39-FD777996F789}: [DhcpNameServer] 192.168.1.254 75.153.171.122
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3326494740-2715231408-2236335189-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3326494740-2715231408-2236335189-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://ca.yahoo.com/
CHR StartupUrls: Default -> "hxxps://ca.yahoo.com/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSearchKeyword: Default -> ca.yahoo.com
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default [2018-06-04]
CHR Extension: (Slides) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Docs) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-09]
CHR Extension: (YouTube) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-09]
CHR Extension: (Adblock Plus) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Flash Playlist) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanagokoaogopceablgmpndejhedkjjb [2018-04-03]
CHR Extension: (Sheets) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Google Docs Offline) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-09]
CHR Extension: (Popup Blocker Pro) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2018-05-31]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2018-06-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-09]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-10] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-10] (AVG Technologies CZ, s.r.o.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-05-10] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [220600 2018-05-10] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [192536 2018-05-10] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [336848 2018-05-10] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [50776 2018-05-10] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-05-10] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [151504 2018-05-10] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [103744 2018-05-10] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [78352 2018-05-10] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1020112 2018-05-10] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [452904 2018-05-10] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-05-10] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [373944 2018-05-10] (AVG Technologies CZ, s.r.o.)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-05-27] (Malwarebytes)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-04 16:12 - 2018-06-04 16:14 - 000016115 _____ C:\Users\Dragonsgrl\Desktop\FRST.txt
2018-06-04 16:12 - 2018-06-04 16:12 - 000000000 ____D C:\FRST
2018-06-04 15:44 - 2018-06-04 15:44 - 002413056 _____ (Farbar) C:\Users\Dragonsgrl\Desktop\FRST64.exe
2018-06-01 11:23 - 2018-06-04 16:06 - 000000000 ____D C:\Users\Dragonsgrl\Documents\computer fix
2018-05-26 16:47 - 2018-05-26 16:47 - 015838840 _____ (Piriform Ltd) C:\Users\Dragonsgrl\Downloads\ccsetup543 (1).exe
2018-05-24 18:52 - 2018-05-24 18:54 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Local\PokerStars
2018-05-24 18:52 - 2018-05-24 18:52 - 000001979 _____ C:\Users\Dragonsgrl\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.lnk
2018-05-24 18:52 - 2018-05-24 18:52 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2018-05-24 18:51 - 2018-05-24 18:54 - 000000000 ____D C:\Program Files (x86)\PokerStars
2018-05-24 12:37 - 2018-05-24 12:43 - 121256480 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Dragonsgrl\Downloads\PokerStarsInstall.exe
2018-05-19 12:48 - 2018-05-19 12:48 - 000000000 ____D C:\Program Files\KeyboardNotification
2018-05-14 20:31 - 2018-05-14 20:31 - 000174256 _____ (Microsoft Corporation) C:\Windows\system32\WirelessKB850NotificationService.exe
2018-05-10 09:36 - 2018-05-10 09:36 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-05-10 08:34 - 2018-04-23 11:57 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-10 08:34 - 2018-04-23 11:02 - 000348832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-10 08:34 - 2018-04-22 17:35 - 005583552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-10 08:34 - 2018-04-22 17:35 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-10 08:34 - 2018-04-22 17:35 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-10 08:34 - 2018-04-22 17:35 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-05-10 08:34 - 2018-04-22 17:35 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-05-10 08:34 - 2018-04-22 17:12 - 004047040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-05-10 08:34 - 2018-04-22 17:12 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-05-10 08:34 - 2018-04-22 17:10 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-10 08:34 - 2018-04-22 17:07 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 17:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:44 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-05-10 08:34 - 2018-04-22 16:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:32 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-05-10 08:34 - 2018-04-22 16:32 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-10 08:34 - 2018-04-22 16:32 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-05-10 08:34 - 2018-04-22 16:31 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-05-10 08:34 - 2018-04-22 16:28 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-05-10 08:34 - 2018-04-22 16:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-05-10 08:34 - 2018-04-22 16:27 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-05-10 08:34 - 2018-04-22 16:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-05-10 08:34 - 2018-04-22 16:24 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-05-10 08:34 - 2018-04-22 16:24 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-05-10 08:34 - 2018-04-22 16:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-05-10 08:34 - 2018-04-22 16:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-05-10 08:34 - 2018-04-22 16:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-05-10 08:34 - 2018-04-22 16:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-05-10 08:34 - 2018-04-22 16:19 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-05-10 08:34 - 2018-04-22 16:19 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-10 08:34 - 2018-04-22 16:19 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-05-10 08:34 - 2018-04-22 16:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-05-10 08:34 - 2018-04-22 16:18 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-05-10 08:34 - 2018-04-22 16:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 16:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-05-10 08:34 - 2018-04-22 01:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-10 08:34 - 2018-04-22 00:53 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-05-10 08:34 - 2018-04-22 00:53 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-05-10 08:34 - 2018-04-22 00:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-10 08:34 - 2018-04-22 00:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-05-10 08:34 - 2018-04-22 00:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-10 08:34 - 2018-04-22 00:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-05-10 08:34 - 2018-04-22 00:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-05-10 08:34 - 2018-04-22 00:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-05-10 08:34 - 2018-04-22 00:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-10 08:34 - 2018-04-22 00:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-05-10 08:34 - 2018-04-22 00:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-05-10 08:34 - 2018-04-22 00:27 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-05-10 08:34 - 2018-04-22 00:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-10 08:34 - 2018-04-22 00:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-10 08:34 - 2018-04-22 00:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-05-10 08:34 - 2018-04-22 00:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-05-10 08:34 - 2018-04-22 00:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-10 08:34 - 2018-04-22 00:18 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-05-10 08:34 - 2018-04-22 00:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-05-10 08:34 - 2018-04-22 00:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-05-10 08:34 - 2018-04-22 00:08 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-05-10 08:34 - 2018-04-22 00:08 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-05-10 08:34 - 2018-04-22 00:07 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-05-10 08:34 - 2018-04-22 00:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-10 08:34 - 2018-04-22 00:04 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-05-10 08:34 - 2018-04-22 00:04 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-05-10 08:34 - 2018-04-22 00:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-05-10 08:34 - 2018-04-22 00:03 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-05-10 08:34 - 2018-04-22 00:03 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-05-10 08:34 - 2018-04-22 00:02 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-05-10 08:34 - 2018-04-22 00:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-05-10 08:34 - 2018-04-22 00:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-10 08:34 - 2018-04-22 00:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-05-10 08:34 - 2018-04-21 23:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-05-10 08:34 - 2018-04-21 23:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-05-10 08:34 - 2018-04-21 23:55 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-05-10 08:34 - 2018-04-21 23:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-10 08:34 - 2018-04-21 23:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-10 08:34 - 2018-04-21 23:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-05-10 08:34 - 2018-04-21 23:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-10 08:34 - 2018-04-21 23:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-10 08:34 - 2018-04-21 23:49 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-10 08:34 - 2018-04-21 23:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-10 08:34 - 2018-04-21 23:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-10 08:34 - 2018-04-21 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-05-10 08:34 - 2018-04-21 23:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-05-10 08:34 - 2018-04-21 23:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-05-10 08:34 - 2018-04-21 23:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-05-10 08:34 - 2018-04-21 23:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-05-10 08:34 - 2018-04-21 23:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-05-10 08:34 - 2018-04-21 23:37 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-05-10 08:34 - 2018-04-21 23:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-05-10 08:34 - 2018-04-21 23:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-05-10 08:34 - 2018-04-21 23:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-10 08:34 - 2018-04-21 23:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-10 08:34 - 2018-04-21 23:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-10 08:34 - 2018-04-21 23:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-10 08:34 - 2018-04-21 23:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-10 08:34 - 2018-04-21 23:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-10 08:34 - 2018-04-21 23:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-05-10 08:34 - 2018-04-21 23:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-10 08:34 - 2018-04-21 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-10 08:34 - 2018-04-21 23:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-10 08:34 - 2018-04-21 23:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-10 08:34 - 2018-04-21 23:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-10 08:34 - 2018-04-18 09:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-10 08:34 - 2018-04-18 09:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-05-10 08:34 - 2018-04-18 08:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-10 08:34 - 2018-04-18 08:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-05-10 08:34 - 2018-04-18 08:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-05-10 08:34 - 2018-04-18 08:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-05-10 08:34 - 2018-04-11 09:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-10 08:34 - 2018-04-11 09:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-10 08:34 - 2018-04-11 09:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-10 08:34 - 2018-04-11 09:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-10 08:34 - 2018-04-10 12:45 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-10 08:34 - 2018-04-10 09:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-05-10 08:34 - 2018-04-10 09:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-05-10 08:34 - 2018-04-10 09:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-10 08:34 - 2018-04-10 09:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-10 08:34 - 2018-04-10 09:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-10 08:34 - 2018-04-10 09:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-10 08:34 - 2018-04-10 09:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-05-10 08:34 - 2018-04-10 08:54 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-10 08:34 - 2018-04-10 08:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-05-10 08:34 - 2018-04-10 08:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-10 08:34 - 2018-04-10 08:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-05-10 08:34 - 2018-04-07 09:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-05-10 08:34 - 2018-03-18 15:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-05-10 08:34 - 2018-03-18 15:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-05-10 08:34 - 2018-03-14 10:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-10 08:34 - 2018-03-14 10:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-10 08:34 - 2018-03-14 10:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-10 08:34 - 2018-03-14 10:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-10 08:34 - 2018-03-14 10:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-05-10 08:34 - 2018-03-14 09:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-10 08:34 - 2018-03-14 09:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-10 08:34 - 2018-03-14 09:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-10 08:34 - 2018-03-14 09:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-05-10 08:34 - 2018-03-14 09:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-10 08:34 - 2018-03-14 09:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-10 08:34 - 2018-03-14 09:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-10 08:34 - 2018-03-14 09:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-10 08:34 - 2018-03-14 09:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-10 08:34 - 2018-03-14 09:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-10 08:34 - 2018-03-14 09:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-04 14:32 - 2009-07-13 21:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-04 14:32 - 2009-07-13 21:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-01 11:17 - 2017-11-10 03:12 - 000000000 ____D C:\Users\Dragonsgrl\Downloads\registry
2018-06-01 11:12 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-30 09:34 - 2018-01-21 21:19 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Roaming\PhotoScape
2018-05-27 14:25 - 2018-02-04 19:46 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-05-26 16:50 - 2018-01-24 11:31 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-26 16:41 - 2009-07-13 22:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-05-25 16:03 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-05-19 12:32 - 2017-11-17 15:58 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Local\Adobe
2018-05-19 12:31 - 2017-11-17 16:00 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-19 12:31 - 2017-11-17 16:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-19 12:31 - 2017-11-17 16:00 - 000004494 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-19 12:31 - 2017-11-17 16:00 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-19 12:31 - 2010-09-21 01:41 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-18 17:15 - 2017-11-09 22:21 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 17:15 - 2017-11-09 22:21 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 14:38 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2018-05-16 13:01 - 2017-11-09 22:22 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-16 13:01 - 2017-11-09 22:22 - 000002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-10 09:43 - 2017-11-10 01:09 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Local\Avg
2018-05-10 09:38 - 2017-11-10 01:10 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-10 09:38 - 2017-11-10 01:09 - 000000000 ____D C:\ProgramData\Avg
2018-05-10 09:37 - 2017-11-10 01:17 - 000003916 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-05-10 09:36 - 2017-11-10 01:17 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-05-10 09:36 - 2017-11-10 01:17 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-05-10 09:36 - 2017-11-10 01:17 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-05-10 09:36 - 2017-11-10 01:17 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-05-10 09:36 - 2017-11-10 01:17 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-05-10 09:36 - 2017-11-10 01:17 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-05-10 09:35 - 2017-11-13 14:10 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-05-10 09:35 - 2017-11-10 01:17 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-05-10 09:18 - 2009-07-13 22:13 - 000782744 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-10 09:11 - 2009-07-13 21:45 - 000268392 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-10 08:48 - 2017-11-09 22:20 - 000000000 ____D C:\Windows\system32\MRT
2018-05-10 08:43 - 2017-11-09 22:19 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-10 08:43 - 2017-11-09 22:19 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-10 08:38 - 2017-11-13 20:31 - 000767054 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
 
==================== Files in the root of some directories =======
 
2017-12-22 05:15 - 2017-12-22 05:15 - 000000000 _____ () C:\Users\Dragonsgrl\AppData\Local\{65ECEA2F-444A-4E8D-BCE3-1F1A2EBEB15A}
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-30 09:28
 
==================== End of FRST.txt ============================
 
ADDITION LOG:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.06.2018
Ran by Dragonsgrl (04-06-2018 16:15:02)
Running from C:\Users\Dragonsgrl\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-11-10 05:11:17)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3326494740-2715231408-2236335189-500 - Administrator - Disabled)
Dragonsgrl (S-1-5-21-3326494740-2715231408-2236335189-1001 - Administrator - Enabled) => C:\Users\Dragonsgrl
Guest (S-1-5-21-3326494740-2715231408-2236335189-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3326494740-2715231408-2236335189-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
18 Wheels of Steel - American Long Haul (HKLM-x32\...\WT088649) (Version: 2.2.0.95 - WildTangent) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Game Console (HKLM-x32\...\Acer Game Console) (Version:  - WildTangent) Hidden
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3504 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.82.76 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WT088295) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.3.2 - Advanced Micro Devices, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.7.0 - Auslogics Labs Pty Ltd)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.4.3056 - AVG Technologies)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT088300) (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT088373) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT088310) (Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{5FB9AC96-BC36-7EED-7DCF-8B2FF4437A59}) (Version: 2010.0421.657.10561 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT088312) (Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3216.50 - CyberLink Corp.)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT088318) (Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (HKLM-x32\...\WT088393) (Version: 2.2.0.95 - WildTangent) Hidden
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
FATE (HKLM-x32\...\WT088413) (Version: 2.2.0.95 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Jewel Quest - Heritage (HKLM-x32\...\WT088653) (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT088350) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WT088445) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Media Player 10 (HKLM-x32\...\Media Player 10) (Version: 10.0.0 - CodeTechno)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MyWinLocker (HKLM-x32\...\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}) (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
Penguins! (HKLM-x32\...\WT088449) (Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\WT088364) (Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (HKLM-x32\...\WT088453) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT088457) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT088553) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WT088517) (Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-05-10] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-05-26] (Egis Technology Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2010-04-02] (Egis Technology Inc.)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-05-26] (Egis Technology Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-08] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-05-10] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03F60BF9-9B3F-4815-B262-CAFCEA9148F6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-05-10] (AVG Technologies CZ, s.r.o.)
Task: {3EFDED95-C945-4D5D-B367-6D391B171A15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-09] (Google Inc.)
Task: {44540915-D046-4D30-B32A-0EFA454CCB50} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {60553A67-C09C-4DE9-8918-8EA744C6AA63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-09] (Google Inc.)
Task: {76AEFD0F-48F5-47D9-8652-A89FFD71E41F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-03-08] (Advanced Micro Devices, Inc.)
Task: {779303C6-699A-46E0-B0BD-A6ED3F5163F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {A7CBDFAB-B5E3-4FE5-A6E7-C2273F7DFCF4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-03-08] (Advanced Micro Devices, Inc.)
Task: {B8FB64B6-A962-42FA-90CA-5EF1C3E5B335} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-19] (Adobe Systems Incorporated)
Task: {C4F13FC6-4202-4B86-977B-1A4DC68B3184} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-05-31] (AVG Technologies CZ, s.r.o.)
Task: {E06C451E-89AF-4EE9-9DDD-70943149601D} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2016-06-08] (Acer Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-05-10 09:35 - 2018-05-10 09:35 - 000738032 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 001067248 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000595696 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000481008 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000886512 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000925936 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000983792 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-05-10 09:35 - 2018-05-10 09:35 - 000520944 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-06-04 14:13 - 2018-06-04 14:13 - 005786864 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18060408\algo.dll
2010-06-28 15:20 - 2010-06-28 15:20 - 000465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 15:12 - 2010-06-28 15:12 - 001081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2018-03-12 11:38 - 2018-03-12 11:38 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2010-09-21 01:56 - 2009-05-19 23:02 - 000072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2018-03-29 16:31 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dragonsgrl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254 - 75.153.171.122
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{969402E1-A538-4399-8E87-2E5123D3B9B1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{95460CE1-933A-4158-91FC-BFCF88262CD6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{15DFC08E-364B-46B8-889E-B0949D5B6B2C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F50BBD29-40B1-4DF4-9AED-396C42819C32}] => (Allow) svchost.exe
FirewallRules: [{4C7EC1A7-1E67-4FD6-8372-EBB7E63D4E4C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C40A9421-6F6A-4E80-BCA7-0AD3B760CB0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{73B8F2D4-BE2F-4D68-98F8-68F897B11DB2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1AF70914-75AE-4A9D-86DE-D82E2AA76751}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
 
==================== Restore Points =========================
 
22-04-2018 08:10:38 Windows Update
22-04-2018 08:46:54 Windows Update
10-05-2018 08:35:28 Windows Update
19-05-2018 12:48:13 Windows Update
25-05-2018 12:36:58 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/01/2018 11:14:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Dragonsgrl\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/01/2018 11:13:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1703, time stamp: 0x5aa17009
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xed8
Faulting application start time: 0x01d3f9d41b71d71e
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 7acc8f4a-65c7-11e8-ae35-1c75080899c1
 
Error: (06/01/2018 12:20:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1703, time stamp: 0x5aa17009
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xe78
Faulting application start time: 0x01d3f978d8417634
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 50ad7594-656c-11e8-a8b9-1c75080899c1
 
Error: (06/01/2018 12:20:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Dragonsgrl\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/31/2018 08:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RadeonSettings.exe, version: 10.1.2.1703, time stamp: 0x5aa17009
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xfe4
Faulting application start time: 0x01d3f9561a83fc44
Faulting application path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Faulting module path: unknown
Report Id: 7035c512-6549-11e8-b90d-1c75080899c1
 
Error: (05/31/2018 08:10:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Dragonsgrl\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/31/2018 08:10:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (3804) WebCacheLocal: Database recovery/restore failed with unexpected error -501.
 
Error: (05/31/2018 08:10:33 PM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhost (3804) WebCacheLocal: Corruption was detected during soft recovery in logfile C:\Users\Dragonsgrl\AppData\Local\Microsoft\Windows\WebCache\V01.log. The failing checksum record is located at position END. Data not matching the log-file fill pattern first appeared in sector 787 (0x00000313). This logfile has been damaged and is unusable.
 
 
System errors:
=============
Error: (06/04/2018 02:12:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.66.
The computer with the IP address 192.168.1.67 did not allow the name to be claimed by
this computer.
 
Error: (06/04/2018 02:12:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (06/02/2018 01:15:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the GREGService service.
 
Error: (06/01/2018 11:19:37 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAVIDSALTER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5AE284F5-3F40-4BA8-AD39-FD777996F789}.
The master browser is stopping or an election is being forced.
 
Error: (06/01/2018 01:07:22 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAVIDSALTER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5AE284F5-3F40-4BA8-AD39-FD777996F789}.
The master browser is stopping or an election is being forced.
 
Error: (05/31/2018 08:17:19 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAVIDSALTER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5AE284F5-3F40-4BA8-AD39-FD777996F789}.
The master browser is stopping or an election is being forced.
 
Error: (05/31/2018 12:17:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
 
Error: (05/30/2018 05:40:12 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAVIDSALTER-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{5AE284F5-3F40-4BA8-AD39-FD777996F789}.
The master browser is stopping or an election is being forced.
 
 
CodeIntegrity:
===================================
 
Date: 2017-11-13 23:26:17.741
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-13 23:26:17.741
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-13 17:50:48.416
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-13 17:50:48.416
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-13 13:15:06.562
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-13 13:15:06.562
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-10 02:39:30.499
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-11-10 02:39:30.499
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II P340 Dual-Core Processor
Percentage of memory in use: 32%
Total physical RAM: 2810.9 MB
Available physical RAM: 1909.9 MB
Total Virtual: 5619.96 MB
Available Virtual: 4437.09 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:225.78 GB) NTFS
 
\\?\Volume{da946445-c5b5-11e7-883c-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{da946444-c5b5-11e7-883c-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:1.53 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 7E675493)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#4
dolface755
Posted 11 June 2018 - 04:49 PM

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 249 posts

Here's the System Processes File you requested that I copy and paste here. sorry for the delay I'm having some health issues that required me being in the hospital for a week...continuing with the rest of your instructions

 

 

System Prossess:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 85.82 0 K 24 K 0
procexp64.exe 4.89 22,764 K 41,788 K 6080 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 2.50 4,412 K 8,376 K 780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 2.27 4,572 K 10,316 K 620 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
Interrupts 1.37 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.79 12,996 K 10,228 K 576 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
AVGUI.exe 0.75 20,756 K 46,424 K 3588 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Netherlands B.V.
System 0.43 168 K 1,048 K 4
ePowerTray.exe 0.29 3,884 K 10,284 K 3172 ePowerTray Acer Incorporated (Verified) Acer Incorporated
ePowerEvent.exe 0.23 1,900 K 5,112 K 4320 ePowerEvent Acer Incorporated (Verified) Acer Incorporated
chrome.exe 0.23 101,336 K 147,020 K 4912 Google Chrome Google Inc. (Verified) Google Inc
FoxitConnectedPDFService.exe 0.10 4,388 K 9,448 K 1788 Foxit Reader ConnectedPDF Windows Service. Foxit Software Inc. (Verified) Foxit Software Incorporated
explorer.exe 0.06 43,404 K 58,556 K 2748 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.05 79,388 K 67,900 K 376 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.05 55,280 K 72,104 K 5224 Google Chrome Google Inc. (Verified) Google Inc
AVGSvc.exe 0.03 81,876 K 40,992 K 1312 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Netherlands B.V.
CCleaner64.exe 0.03 9,136 K 1,648 K 4352 CCleaner Piriform Ltd (Verified) Piriform Ltd
chrome.exe 0.02 68,056 K 92,820 K 3240 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.02 34,448 K 48,152 K 4720 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.01 14,344 K 15,052 K 1152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 0.01 18,172 K 12,500 K 3700 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
aswidsagenta.exe 0.01 15,888 K 22,784 K 3668 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Netherlands B.V.
sftlist.exe 0.01 5,692 K 9,368 K 2252 Microsoft Application Virtualization Client Service Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe 0.01 23,200 K 34,692 K 492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe < 0.01 8,360 K 14,036 K 3356 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe < 0.01 8,820 K 14,932 K 344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 6,532 K 12,232 K 1732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
IScheduleSvc.exe < 0.01 5,156 K 10,324 K 1932 Backup Manager Module NewTech Infosystems, Inc. (Verified) NewTech Infosystems
dsiwmis.exe < 0.01 2,528 K 5,916 K 1624 Dritek WMI Service Dritek System Inc. (Verified) Dritek System Inc.
svchost.exe < 0.01 105,600 K 107,548 K 256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 1,604 K 3,900 K 2608 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 12,104 K 6,748 K 1908 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,172 K 7,824 K 3924 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WirelessKB850NotificationService.exe 1,300 K 3,972 K 2216 WirelessKB850NotificationService.exe Microsoft Corporation (Verified) Microsoft Corporation
winlogon.exe 2,696 K 5,600 K 688 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,480 K 3,964 K 544 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
UpdaterService.exe 1,120 K 3,716 K 2180 Updater Service Acer Incorporated (Verified) Acer Incorporated
UpdaterService.exe 1,124 K 3,716 K 1864 Updater Service Acer Incorporated (Verified) Acer Incorporated
unsecapp.exe 2,276 K 6,816 K 2052 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 5,144 K 11,144 K 2488 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,436 K 3,764 K 4040 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 12,824 K 11,932 K 1484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,984 K 7,296 K 880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 20,924 K 19,928 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,668 K 9,840 K 4936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,800 K 5,132 K 2152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,872 K 5,672 K 1588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,408 K 5,368 K 1056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,392 K 8,580 K 1448 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 460 K 1,160 K 328 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
sftvsa.exe 1,404 K 4,228 K 2080 Microsoft Application Virtualization Virtual Service Agent Microsoft Corporation (Verified) Microsoft Corporation
services.exe 5,216 K 7,832 K 612 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2,068 K 6,596 K 3180 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe 9,500 K 11,872 K 3056 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,548 K 7,640 K 1568 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PmmUpdate.exe 1,736 K 5,812 K 4240 PMM Update Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
MMDx64Fx.exe 2,396 K 5,756 K 4480 MMDx64Fx Application Dritek System Inc. (Verified) Dritek System Inc.
lsm.exe 2,452 K 4,024 K 628 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
LMworker.exe 1,508 K 4,660 K 4524 Launch Manager Worker Dritek System Inc. (Verified) Dritek System Inc.
LManager.exe 11,336 K 14,064 K 4308 Launch Manager Dritek System Inc. (Verified) Dritek System Inc.
GREGsvc.exe 824 K 2,780 K 1832 Global Registration Service Acer Incorporated (Verified) Acer Incorporated
GoogleCrashHandler64.exe 1,448 K 620 K 3008 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1,420 K 576 K 2984 Google Crash Handler Google Inc. (Verified) Google Inc
ePowerSvc.exe 2,496 K 6,552 K 1664 ePowerSvc Acer Incorporated (Verified) Acer Incorporated
EgisUpdate.exe 3,152 K 8,228 K 4440 EgisUpdate Release Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
dwm.exe 2,048 K 5,520 K 2520 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
CVHSVC.EXE 5,132 K 7,872 K 3068 Microsoft Office Client Virtualization Service Microsoft Corporation (Verified) Microsoft Corporation
csrss.exe 2,496 K 4,612 K 480 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 37,144 K 50,424 K 5192 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 34,180 K 47,120 K 4264 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 164,844 K 177,124 K 4860 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 14,196 K 19,964 K 5272 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,864 K 7,176 K 4176 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,840 K 7,444 K 4108 Google Chrome Google Inc. (Verified) Google Inc
BackupManagerTray.exe 2,080 K 7,492 K 4256 Acer Backup Manager NewTech Infosystems, Inc. (Verified) NewTech Infosystems
audiodg.exe 18,300 K 18,312 K 4476 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,408 K 3,792 K 944 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 1,984 K 5,168 K 1188 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

  • 0

#5
dolface755
Posted 11 June 2018 - 04:51 PM

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 249 posts

Commnd Prompt log:

 

 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       328 N/A                                         
csrss.exe                      480 N/A                                         
wininit.exe                    544 N/A                                         
csrss.exe                      576 N/A                                         
services.exe                   612 N/A                                         
lsass.exe                      620 KeyIso, SamSs                               
lsm.exe                        628 N/A                                         
winlogon.exe                   688 N/A                                         
svchost.exe                    780 DcomLaunch, PlugPlay, Power                 
svchost.exe                    880 RpcEptMapper, RpcSs                         
atiesrxx.exe                   944 AMD External Events Utility                 
svchost.exe                   1008 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                    256 AudioEndpointBuilder, hidserv,              
                                   HomeGroupListener, Netman, PcaSvc, SysMain, 
                                   TrkWks, UxSms, WdiSystemHost, Wlansvc,      
                                   wudfsvc                                     
svchost.exe                    344 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost                         
svchost.exe                    492 AeLookupSvc, Appinfo, BITS, Browser,        
                                   EapHost, IKEEXT, iphlpsvc, LanmanServer,    
                                   MMCSS, ProfSvc, Schedule, SENS,             
                                   ShellHWDetection, Themes, Winmgmt, wuauserv 
svchost.exe                   1056 gpsvc                                       
svchost.exe                   1152 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
atieclxx.exe                  1188 N/A                                         
AVGSvc.exe                    1312 AVG Antivirus                               
spoolsv.exe                   1448 Spooler                                     
svchost.exe                   1484 BFE, DPS, MpsSvc                            
svchost.exe                   1588 DiagTrack                                   
dsiwmis.exe                   1624 DsiWMIService                               
ePowerSvc.exe                 1664 ePowerSvc                                   
svchost.exe                   1732 FDResPub, SSDPSRV, upnphost                 
FoxitConnectedPDFService.     1788 FoxitReaderService                          
GREGsvc.exe                   1832 GREGService                                 
UpdaterService.exe            1864 Live Updater Service                        
IScheduleSvc.exe              1932 NTI IScheduleSvc                            
sftvsa.exe                    2080 sftvsa                                      
svchost.exe                   2152 stisvc                                      
UpdaterService.exe            2180 Updater Service                             
WirelessKB850Notification     2216 WirelessKB850NotificationService            
sftlist.exe                   2252 sftlist                                     
taskhost.exe                  2488 N/A                                         
dwm.exe                       2520 N/A                                         
explorer.exe                  2748 N/A                                         
GoogleCrashHandler.exe        2984 N/A                                         
GoogleCrashHandler64.exe      3008 N/A                                         
CVHSVC.EXE                    3068 cvhsvc                                      
WUDFHost.exe                  2608 N/A                                         
rundll32.exe                  3180 N/A                                         
aswidsagenta.exe              3668 avgbIDSAgent                                
RAVCpl64.exe                  3056 N/A                                         
SearchIndexer.exe             3700 WSearch                                     
SynTPEnh.exe                  3356 N/A                                         
ePowerTray.exe                3172 N/A                                         
wmpnetwk.exe                  1908 WMPNetworkSvc                               
SynTPHelper.exe               4040 N/A                                         
unsecapp.exe                  2052 N/A                                         
AVGUI.exe                     3588 N/A                                         
WmiPrvSE.exe                  3924 N/A                                         
PmmUpdate.exe                 4240 N/A                                         
BackupManagerTray.exe         4256 N/A                                         
LManager.exe                  4308 N/A                                         
ePowerEvent.exe               4320 N/A                                         
CCleaner64.exe                4352 N/A                                         
EgisUpdate.exe                4440 N/A                                         
MMDx64Fx.exe                  4480 N/A                                         
LMworker.exe                  4524 N/A                                         
svchost.exe                   4936 p2pimsvc, p2psvc, PNRPsvc                   
chrome.exe                    4912 N/A                                         
chrome.exe                    4176 N/A                                         
chrome.exe                    4108 N/A                                         
chrome.exe                     376 N/A                                         
chrome.exe                    4860 N/A                                         
chrome.exe                    4264 N/A                                         
chrome.exe                    3240 N/A                                         
chrome.exe                    4720 N/A                                         
chrome.exe                    5192 N/A                                         
chrome.exe                    5224 N/A                                         
chrome.exe                    5272 N/A                                         
audiodg.exe                   4692 N/A                                         
cmd.exe                       2980 N/A                                         
conhost.exe                   2352 N/A                                         
tasklist.exe                  5944 N/A                                         
WmiPrvSE.exe                  5428 N/A                                         

  • 0

#6
dolface755
Posted 11 June 2018 - 05:07 PM

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 249 posts

Speccy file attachment 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP