Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC running very slow, I may be infected with something. any help is ap


  • This topic is locked This topic is locked

#1
myslowpc

myslowpc

    Member

  • Member
  • PipPip
  • 10 posts

My PC has become very slow recently, I dont know much about computers 
I noticed it wont go into sleep mode.  the screen turns off but the fan still spins until i wake it up.
I wish i knew more to help.
I ram malware bytes and farbar so far 
malware bytes found some files so i quarantined them.
A appreciate any help i can get.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 01
Ran by Kevin (administrator) on KEVIN-PC (19-08-2018 08:36:04)
Running from C:\Users\Kevin\Desktop
Loaded Profiles: Kevin (Available Profiles: Kevin & Doreen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
(Provo Craft & Novelty, Inc.) C:\Users\Kevin\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutLauncher4.exe
(Provo Craft & Novelty, Inc.) C:\Users\Kevin\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutBridge4.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-16] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-11-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1821707421-50379567-1595094216-1000\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12476064 2018-03-07] ()
HKU\S-1-5-21-1821707421-50379567-1595094216-1000\...\Run: [Cricut Design Space3] => C:\Users\Kevin\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutLauncher4.exe [459784 2018-06-15] (Provo Craft & Novelty, Inc.)
HKU\S-1-5-21-1821707421-50379567-1595094216-1000\...\MountPoints2: {6c00881c-a7ca-11e7-bb98-806e6f6e6963} - D:\Run.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2017-10-04]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ADB1D8A-6958-46B0-B6B1-863F37597185}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6AFBBA5D-0F61-4685-A75D-663D9459517F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA5A2079-F487-4AF8-AF2C-DF48BF0B7326}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DF692A87-50F0-40C1-BD9C-ACD3FFDF7439}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-16] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-16] (AVAST Software)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [2018-06-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [2018-06-10] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://steemit.com/@quickfingersluc
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.facebook.com/","hxxp://www.youtube.com/","hxxps://www.google.com/","hxxp://mysearch.avg.com/?cid={77E9F06D-E56E-4025-A7E6-FE49AE9A32A3}&mid=4082e19574d44f7194c83882377c46fa-61574f0735a79a2bead530fdbf475f742e30cdc2&lang=en&ds=co012&pr=sa&d=2013-09-13 21:37:04&v=15.4.0.5&pid=safeguard&sg=0&sap=hp","hxxps://www.google.com/","hxxp://www.google.com/
hxxp://www.facebook.com/
hxxp://www.youtube.com/
hxxp://search.conduit.com/?ctid={28C41ACF-B4E5-4903-B7A3-A2752CE1C8B2}&SearchSource=48&CUI=UN27248036095778318&UM=2&sspv=17.1.3.3&mid=4082e19574d44f7194c83882377c46fa-61574f0735a79a2bead530fdbf475f742e30cdc2&lang=en&ds=co012&pr=sa&d=2013-09-13 21:37:04&v=15.4.0.5&pid=safeguard&sg=46&sap=hp
hxxps://www.google.com/","hxxps://www.google.com/","hxxp://mysearch.avg.com?cid={28C41ACF-B4E5-4903-B7A3-A2752CE1C8B2}&mid=4082e19574d44f7194c83882377c46fa-61574f0735a79a2bead530fdbf475f742e30cdc2&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.5.515&pid=safeguard&sg=0&sap=hp","hxxp://mysearch.avg.com?cid={28C41ACF-B4E5-4903-B7A3-A2752CE1C8B2}&mid=4082e19574d44f7194c83882377c46fa-61574f0735a79a2bead530fdbf475f742e30cdc2&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.7.600&pid=safeguard&sg=0&sap=hp","hxxps://mysearch.avg.com?cid={28C41ACF-B4E5-4903-B7A3-A2752CE1C8B2}&mid=4082e19574d44f7194c83882377c46fa-61574f0735a79a2bead530fdbf475f742e30cdc2&lang=&ds=&coid=&cmpid=&pr=&d=&v=18.1.9.790&pid=safeguard&sg=0&sap=hp","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default [2018-08-19]
CHR Extension: (Google Translate) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-25]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-08-19]
CHR Extension: (Video Downloader For Facebook) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobeeghhhohhefmlmbpmkcdndgebpfkf [2018-02-03]
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-17]
CHR Extension: (Visited) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcodeehkjogenemacopdbhabjebnbah [2017-12-28]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-17]
CHR Extension: (Honey) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-08-19]
CHR Extension: (eBay) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2017-10-17]
CHR Extension: (ImprovedTube for YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2018-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2018-08-19]
CHR Extension: (Pushbullet) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2018-08-19]
CHR Extension: (Netflix) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2017-10-17]
CHR Extension: (Tampermonkey) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-08]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-10-17]
CHR Extension: (MaskMe) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2017-12-28]
CHR Extension: (Friend Remover PRO - Delete All Friends 2017) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekjblaihiicbgjibfipjoepkmondnnbd [2017-12-28]
CHR Extension: (Video Downloader professional) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-04-12]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2017-10-17]
CHR Extension: (Frame by Frame for YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elkadbdicdciddfkdpmaolomehalghio [2017-10-17]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-15]
CHR Extension: (Full Screen Weather) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2017-10-17]
CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2018-06-26]
CHR Extension: (The QR Code Generator) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2017-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (AdBlock) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-31]
CHR Extension: (Avast Online Security) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-22]
CHR Extension: (Color Links) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiponeioelghhaljfflaaflpccedbdem [2018-02-25]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2018-06-26]
CHR Extension: (Notifier for Twitter) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn [2018-08-06]
CHR Extension: (Free PDF Maker) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbhncalhbjgoibpokgjnjigjpkdopai [2017-10-17]
CHR Extension: (Disconnect) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2017-12-28]
CHR Extension: (Save to Facebook) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-12-28]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2017-10-17]
CHR Extension: (Social Book Post Manager) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2017-12-28]
CHR Extension: (Google Maps) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-10-17]
CHR Extension: (Google Mail Checker) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-12-28]
CHR Extension: (Video Deck for YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2017-10-17]
CHR Extension: (Wikibuy) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-08-15]
CHR Extension: (Video Speed Controller) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2018-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2017-10-17]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2018-08-15]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-06-26]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2017-10-17]
CHR Extension: (Gmail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-06]
CHR Extension: (Enhancer for YouTube™) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2018-07-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-16] (AVAST Software)
R2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [271840 2010-03-22] (Atheros Communications, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (DEVGURU Co., LTD.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [358256 2017-11-14] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [316120 2014-03-19] ()
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-16] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-16] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-07-23] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-16] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193256 2018-08-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [117472 2018-08-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [52848 2018-08-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [259360 2018-08-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [98616 2018-08-19] (Malwarebytes)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-19 08:36 - 2018-08-19 08:37 - 000021242 _____ C:\Users\Kevin\Desktop\FRST.txt
2018-08-19 08:35 - 2018-08-19 08:36 - 000000000 ____D C:\FRST
2018-08-19 08:33 - 2018-08-19 08:33 - 002413056 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2018-08-19 08:19 - 2018-08-19 08:26 - 000098616 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-08-19 08:19 - 2018-08-19 08:19 - 000117472 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-08-19 07:01 - 2018-08-19 08:20 - 000052848 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-08-19 07:01 - 2018-08-19 08:19 - 000259360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-19 07:01 - 2018-08-19 07:01 - 000193256 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-08-19 07:01 - 2018-08-19 07:01 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-19 07:01 - 2018-08-19 07:01 - 000000000 ____D C:\Users\Kevin\AppData\Local\mbam
2018-08-19 07:00 - 2018-08-19 07:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-19 07:00 - 2018-08-19 07:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-19 07:00 - 2018-08-19 07:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-19 07:00 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-19 06:57 - 2018-08-19 06:58 - 082463976 _____ (Malwarebytes ) C:\Users\Kevin\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6397.exe
2018-08-19 06:55 - 2018-08-19 07:01 - 000082514 _____ C:\Windows\ntbtlog.txt
2018-08-15 13:02 - 2018-08-15 13:08 - 000000062 _____ C:\Users\Kevin\Desktop\New Text Document.txt
2018-08-14 22:03 - 2018-08-14 22:14 - 000000000 ____D C:\Users\Kevin\Desktop\form
2018-08-14 12:30 - 2018-08-03 08:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 12:30 - 2018-08-01 20:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 12:30 - 2018-08-01 20:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 12:30 - 2018-08-01 20:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 12:30 - 2018-08-01 20:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 12:30 - 2018-08-01 20:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 12:30 - 2018-08-01 20:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 12:30 - 2018-08-01 20:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 12:30 - 2018-08-01 19:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 12:30 - 2018-08-01 19:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 12:30 - 2018-08-01 19:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 12:30 - 2018-08-01 19:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 12:30 - 2018-08-01 19:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 12:30 - 2018-08-01 19:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 12:30 - 2018-08-01 19:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 12:30 - 2018-08-01 19:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 12:30 - 2018-08-01 19:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 12:30 - 2018-08-01 19:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 12:30 - 2018-08-01 19:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 12:30 - 2018-08-01 19:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 12:30 - 2018-08-01 19:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 12:30 - 2018-08-01 19:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 12:30 - 2018-08-01 19:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 12:30 - 2018-08-01 19:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 12:30 - 2018-08-01 19:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 12:30 - 2018-08-01 19:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 12:30 - 2018-08-01 19:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 12:30 - 2018-08-01 19:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 12:30 - 2018-08-01 19:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 12:30 - 2018-08-01 19:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 12:30 - 2018-08-01 19:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 12:30 - 2018-07-19 16:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 12:30 - 2018-07-19 15:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 12:30 - 2018-07-18 23:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 12:30 - 2018-07-18 21:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 12:30 - 2018-07-18 21:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 12:30 - 2018-07-18 21:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 12:30 - 2018-07-18 21:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 12:30 - 2018-07-18 21:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 12:30 - 2018-07-18 21:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 12:30 - 2018-07-18 21:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 12:30 - 2018-07-18 21:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 12:30 - 2018-07-18 21:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 12:30 - 2018-07-18 21:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 12:30 - 2018-07-18 21:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 12:30 - 2018-07-18 21:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 12:30 - 2018-07-18 21:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 12:30 - 2018-07-18 21:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 12:30 - 2018-07-18 21:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 12:30 - 2018-07-18 21:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 12:30 - 2018-07-18 21:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 12:30 - 2018-07-18 21:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 12:30 - 2018-07-18 21:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 12:30 - 2018-07-18 21:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 12:30 - 2018-07-18 21:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 12:30 - 2018-07-18 21:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 12:30 - 2018-07-18 21:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 12:30 - 2018-07-18 21:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 12:30 - 2018-07-18 21:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 12:30 - 2018-07-18 21:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 12:30 - 2018-07-18 21:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 12:30 - 2018-07-18 21:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 12:30 - 2018-07-18 20:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 12:30 - 2018-07-18 20:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 12:30 - 2018-07-18 20:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 12:30 - 2018-07-18 20:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 12:30 - 2018-07-18 20:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 12:30 - 2018-07-18 20:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 12:30 - 2018-07-18 20:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 12:30 - 2018-07-18 20:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 12:30 - 2018-07-18 20:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 12:30 - 2018-07-18 20:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 12:30 - 2018-07-18 20:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 12:30 - 2018-07-18 20:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 12:30 - 2018-07-18 20:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 12:30 - 2018-07-18 20:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 12:30 - 2018-07-18 20:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 12:30 - 2018-07-18 20:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 12:30 - 2018-07-18 20:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 12:30 - 2018-07-18 20:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 12:30 - 2018-07-18 20:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 12:30 - 2018-07-18 20:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 12:30 - 2018-07-18 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 12:30 - 2018-07-18 20:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 12:30 - 2018-07-18 20:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 12:30 - 2018-07-18 20:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 12:30 - 2018-07-18 20:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 12:30 - 2018-07-18 20:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 12:30 - 2018-07-18 20:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 12:30 - 2018-07-18 20:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 12:30 - 2018-07-18 20:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 12:30 - 2018-07-18 20:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 12:30 - 2018-07-18 20:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 12:30 - 2018-07-18 20:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 12:30 - 2018-07-18 20:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 12:30 - 2018-07-18 20:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 12:30 - 2018-07-13 12:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-14 12:30 - 2018-07-13 12:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-14 12:30 - 2018-07-13 12:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-14 12:30 - 2018-07-07 08:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 12:30 - 2018-06-29 08:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 12:30 - 2018-06-29 08:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 12:30 - 2018-06-29 08:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 12:30 - 2018-06-29 08:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 12:30 - 2018-06-29 08:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 12:30 - 2018-06-29 08:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 12:30 - 2018-06-15 22:24 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-08-14 12:30 - 2018-06-15 22:11 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-08-14 12:30 - 2018-06-15 22:11 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-08-14 12:30 - 2018-06-13 09:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-08-14 12:30 - 2018-06-13 09:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-08-14 12:30 - 2018-06-13 08:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-08-14 12:30 - 2018-06-13 08:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-08-14 12:30 - 2018-06-08 09:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-08-14 12:30 - 2018-06-08 09:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-08-14 12:30 - 2018-06-08 09:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-08-14 12:30 - 2018-06-08 09:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-08-14 12:30 - 2018-06-08 08:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-08-14 12:30 - 2018-06-08 08:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-08-14 12:30 - 2018-06-07 09:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-08-14 12:30 - 2018-06-07 09:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-08-14 12:30 - 2018-06-07 08:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-08-14 12:30 - 2018-06-07 08:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-08-14 12:30 - 2018-06-07 08:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-08-14 12:30 - 2018-05-14 21:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-08-14 12:30 - 2018-05-14 20:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-08-14 12:30 - 2018-05-14 20:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-08-14 12:30 - 2018-05-14 20:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-08-14 12:30 - 2018-05-14 20:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-08-14 12:30 - 2018-05-14 20:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-08-14 12:30 - 2018-05-14 20:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-08-14 12:30 - 2018-05-14 20:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-08-14 12:30 - 2018-05-14 20:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-08-14 12:30 - 2018-05-14 20:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-08-14 12:30 - 2018-05-11 19:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-08-14 12:30 - 2018-05-11 19:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-08-14 12:30 - 2018-05-11 19:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-08-14 12:30 - 2018-05-11 14:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-14 12:30 - 2018-05-11 14:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-08-14 12:30 - 2018-05-10 17:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-14 12:30 - 2018-05-10 17:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-08-14 12:30 - 2018-04-25 09:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-08-14 12:29 - 2018-08-03 08:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 12:29 - 2018-08-01 19:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 12:29 - 2018-08-01 19:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 12:29 - 2018-08-01 19:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 12:29 - 2018-08-01 19:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 12:29 - 2018-08-01 19:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 12:29 - 2018-08-01 19:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 12:29 - 2018-08-01 19:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 12:29 - 2018-08-01 19:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 12:29 - 2018-08-01 19:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 12:29 - 2018-08-01 19:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 12:29 - 2018-08-01 19:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 12:29 - 2018-08-01 19:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 12:29 - 2018-08-01 19:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 12:29 - 2018-08-01 19:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 12:29 - 2018-08-01 19:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 12:29 - 2018-08-01 19:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 12:29 - 2018-08-01 19:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 12:29 - 2018-07-18 21:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 12:29 - 2018-07-18 21:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 12:29 - 2018-07-18 21:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 12:29 - 2018-07-08 09:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 12:29 - 2018-07-08 09:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 12:29 - 2018-07-08 09:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 12:29 - 2018-07-08 09:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 12:29 - 2018-07-08 09:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 12:29 - 2018-07-08 09:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 12:29 - 2018-07-08 08:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 12:29 - 2018-07-08 08:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 12:29 - 2018-07-08 08:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 12:29 - 2018-07-08 08:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 12:29 - 2018-07-08 08:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 12:29 - 2018-07-08 08:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 12:29 - 2018-07-06 09:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 12:29 - 2018-07-06 09:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 12:29 - 2018-07-06 09:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 12:29 - 2018-07-06 08:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 12:29 - 2018-07-06 08:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 12:29 - 2018-06-29 08:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 12:29 - 2018-06-27 09:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 12:29 - 2018-06-27 08:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 12:29 - 2018-06-27 08:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 12:29 - 2018-06-27 08:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 12:29 - 2018-06-27 08:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 12:29 - 2018-06-27 08:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 12:29 - 2018-06-27 08:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 12:29 - 2018-06-27 08:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 12:29 - 2018-06-27 08:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 12:29 - 2018-06-27 08:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 12:29 - 2018-06-27 08:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 12:29 - 2018-06-27 08:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 12:29 - 2018-06-27 08:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 12:29 - 2018-06-27 08:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-14 12:29 - 2018-06-20 20:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-14 12:29 - 2018-06-20 20:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-14 12:29 - 2018-06-08 09:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-08-14 12:29 - 2018-06-08 09:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-08-14 12:29 - 2018-06-08 09:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-08-14 12:29 - 2018-06-08 08:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-08-14 12:29 - 2018-06-08 08:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-08-14 12:29 - 2018-06-08 08:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-08-14 12:29 - 2018-06-08 08:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-08-14 12:29 - 2018-06-08 08:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-08-14 12:29 - 2018-06-07 09:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-08-14 12:29 - 2018-06-07 09:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-08-14 12:29 - 2018-05-14 20:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-08-14 12:29 - 2018-05-14 20:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-08-14 12:29 - 2018-05-14 20:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-08-14 12:29 - 2018-05-02 08:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-08-14 12:29 - 2018-05-02 08:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-08-14 12:29 - 2018-04-26 06:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-08-14 12:29 - 2018-04-26 06:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-08-14 12:29 - 2018-04-25 08:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-08-06 20:39 - 2018-08-06 20:39 - 000000000 ____D C:\Users\Doreen\AppData\Roaming\AVAST Software
2018-08-06 20:39 - 2018-08-06 20:39 - 000000000 ____D C:\Users\Doreen\AppData\Local\CEF
2018-08-06 20:29 - 2018-08-17 15:26 - 000000000 ____D C:\Users\Doreen\AppData\Local\Google
2018-08-06 20:29 - 2018-08-06 20:30 - 000002255 _____ C:\Users\Doreen\Desktop\Google Chrome.lnk
2018-08-06 20:29 - 2018-08-06 20:29 - 000001413 _____ C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-08-06 20:29 - 2018-08-06 20:29 - 000000020 ___SH C:\Users\Doreen\ntuser.ini
2018-08-06 20:29 - 2018-08-06 20:29 - 000000000 ____D C:\Users\Doreen\AppData\Roaming\Apple Computer
2018-08-06 20:29 - 2018-08-06 20:29 - 000000000 ____D C:\Users\Doreen\AppData\Roaming\Adobe
2018-08-06 20:29 - 2018-08-06 20:29 - 000000000 ____D C:\Users\Doreen\AppData\Local\VirtualStore
2018-08-06 20:29 - 2018-08-06 20:29 - 000000000 ____D C:\Users\Doreen\AppData\Local\AVAST Software
2018-08-06 20:29 - 2018-08-06 20:29 - 000000000 ____D C:\Users\Doreen
2018-08-06 20:29 - 2011-04-12 01:28 - 000000000 ____D C:\Users\Doreen\AppData\Roaming\Media Center Programs
2018-08-06 13:30 - 2018-08-06 13:30 - 000179493 _____ C:\Users\Kevin\Downloads\CCSD Letterhead Memo.pdf
2018-08-04 15:02 - 2018-08-17 12:37 - 000000000 ____D C:\Users\Kevin\Desktop\New folder (3)
2018-08-02 11:13 - 2018-08-02 11:13 - 002935242 _____ C:\Users\Kevin\Downloads\video-1533199750.mp4
2018-08-02 10:51 - 2018-08-02 10:51 - 000035290 _____ C:\Users\Kevin\Downloads\msg0004 (2).WAV
2018-08-02 10:51 - 2018-08-02 10:51 - 000035290 _____ C:\Users\Kevin\Downloads\msg0004 (1).WAV
2018-07-25 08:17 - 2018-07-25 08:17 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cricut Design Space
2018-07-25 08:17 - 2018-07-25 08:17 - 000000000 ____D C:\Users\Kevin\AppData\Roaming\CricutDesignSpace3
2018-07-25 08:16 - 2018-07-25 08:16 - 011289872 _____ (Provo Craft & Novelty, Inc.) C:\Users\Kevin\Downloads\CricutDesignSpace-5.8.1806.151932.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-19 08:37 - 2009-07-13 21:45 - 000026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-19 08:37 - 2009-07-13 21:45 - 000026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-19 08:24 - 2009-07-13 22:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-19 08:24 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-08-19 08:23 - 2017-10-04 10:03 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CE944704-9B56-4627-84A4-E10A0E8FADBC}
2018-08-19 08:18 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-19 06:27 - 2017-10-17 19:30 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-18 17:01 - 2018-06-10 21:54 - 000000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2018-08-18 16:29 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-15 10:45 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2018-08-15 09:07 - 2009-07-13 21:45 - 000413704 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-15 09:04 - 2018-04-30 16:12 - 000000000 ____D C:\Windows\system32\appraiser
2018-08-14 22:53 - 2017-11-01 12:58 - 000773912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-10 17:42 - 2018-05-23 12:29 - 000000000 ____D C:\Users\Kevin\Desktop\Discmania stock
2018-08-10 17:41 - 2017-10-06 21:22 - 000000000 ____D C:\Users\Kevin\Desktop\Photos
2018-08-08 14:31 - 2017-10-07 12:04 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-29 06:31 - 2011-04-12 01:28 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-07-23 11:15 - 2017-10-17 19:29 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
 
==================== Files in the root of some directories =======
 
2017-10-07 12:08 - 2017-10-07 12:08 - 007649280 _____ () C:\Program Files (x86)\GUT35DF.tmp
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-08-16 00:09
 
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 01
Ran by Kevin (19-08-2018 08:38:22)
Running from C:\Users\Kevin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-10-02 23:34:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1821707421-50379567-1595094216-500 - Administrator - Disabled)
Doreen (S-1-5-21-1821707421-50379567-1595094216-1001 - Limited - Enabled) => C:\Users\Doreen
Guest (S-1-5-21-1821707421-50379567-1595094216-501 - Limited - Disabled)
Kevin (S-1-5-21-1821707421-50379567-1595094216-1000 - Administrator - Enabled) => C:\Users\Kevin
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cricut Design Space Client (HKU\S-1-5-21-1821707421-50379567-1595094216-1000\...\Cricut Design Space Client) (Version: 5.8.1806.151932 - Provo Craft)
Flopzilla (HKLM-x32\...\{B8C906E2-8626-4CF2-BC7E-2E8189F22A57}) (Version: 1.8.5 - Flopzilla)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
iTunes (HKLM\...\{3D8C6B05-FE24-4B9C-A57C-B8E1FA39E83D}) (Version: 12.7.4.80 - Apple Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NETGEAR WNA1100 wireless USB 2.0 driver (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.2.0.2 - NETGEAR)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.3 - Ralink)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.235 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Vysor (HKU\S-1-5-21-1821707421-50379567-1595094216-1000\...\Vysor) (Version: 1.8.3 - ClockworkMod)
WD Drive Utilities (HKLM-x32\...\{5ea95ccc-fc68-4182-88a9-e563ba3900ed}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{893C7059-0464-47FB-85A4-5E1ADDA56141}) (Version: 2.0.0.26 - Western Digital Technologies, Inc.) Hidden
WSOP.com (HKLM-x32\...\WSOP.com) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-16] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-16] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-16] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-16] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {17CD5CD5-92F9-433D-98D4-D4738606E7FE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-10-11] (Microsoft Corporation)
Task: {2747863C-3B4F-4F3C-BBAA-9749142C29B4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-17] (AVAST Software)
Task: {3B0BC4F3-B3A9-4FA3-9EE5-3CC96A0D0040} - System32\Tasks\{E72A5686-3302-4B58-9E4C-CFEEC261E0B7} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\WSOP.com\SETUPR~1.EXE -d C:\Users\Kevin\Downloads -c ENV.REPORT_ADRESS SETUP_START 27627cfa-2e5c-4f60-80bc-dab82e27214
Task: {475AD551-D282-475B-B289-C1ED17E2F183} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-10-11] (Microsoft Corporation)
Task: {6B90C8C3-8EBB-4462-B177-A4E06135FB2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-17] (Google Inc.)
Task: {93055E17-AF2D-424F-82FD-C623BED088F7} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-10-11] (Microsoft Corporation)
Task: {AC6A9E63-F611-452C-8DB6-0BB8252C3961} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2017-10-11] (Microsoft)
Task: {B46F0FB6-7266-40A1-99CF-671F4C0C5BB0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2017-10-11] (Microsoft)
Task: {B9E238DC-57AC-4E80-BBDA-97E7CA7322AF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-10-11] (Microsoft Corporation)
Task: {BA0FC44E-86B0-4416-8893-B6A04CCF5246} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-16] (AVAST Software)
Task: {DE85BECD-BA61-4B4F-A708-1CD927402D66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-17] (Google Inc.)
Task: {F3566CC4-9A08-4170-9B81-BE40007A6320} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-10] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-06-29 20:30 - 2014-03-19 09:51 - 000316120 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2018-08-19 07:00 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-19 07:00 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-07 00:24 - 2018-03-07 00:24 - 012476064 _____ () C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
2018-07-16 20:22 - 2018-07-16 20:22 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-08-08 14:31 - 2018-08-07 17:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 14:31 - 2018-08-07 17:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-07-16 20:22 - 2018-07-16 20:22 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-18 07:22 - 2018-08-18 07:22 - 005674128 _____ () C:\Program Files\AVAST Software\Avast\defs\18081802\algo.dll
2018-07-16 20:22 - 2018-07-16 20:22 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-16 20:22 - 2018-07-16 20:22 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-16 20:21 - 2018-07-16 20:21 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-16 20:22 - 2018-07-16 20:22 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-13 12:09 - 2018-03-13 12:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-16 20:21 - 2018-07-16 20:21 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-06-29 20:30 - 2014-03-06 16:45 - 000372736 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2016-05-04 02:15 - 2016-05-04 02:15 - 001289216 _____ () C:\Program Files (x86)\Samsung\SideSync4\cairo.dll
2016-05-04 02:15 - 2016-05-04 02:15 - 000230529 _____ () C:\Program Files (x86)\Samsung\SideSync4\libpng14-14.dll
2016-05-04 02:15 - 2016-05-04 02:15 - 000100352 _____ () C:\Program Files (x86)\Samsung\SideSync4\zlib1.dll
2018-03-07 00:45 - 2018-03-07 00:45 - 002661536 _____ () C:\Program Files (x86)\Samsung\SideSync4\NativeSideSyncFramework.dll
2018-03-07 00:49 - 2018-03-07 00:49 - 000861344 _____ () C:\Program Files (x86)\Samsung\SideSync4\SCommon.dll
2018-03-07 00:53 - 2018-03-07 00:53 - 005038752 _____ () C:\Program Files (x86)\Samsung\SideSync4\SLocales.dll
2016-05-04 02:15 - 2016-05-04 02:15 - 000091136 _____ () C:\Program Files (x86)\Samsung\SideSync4\ThoughtWorks.QRCode.dll
2017-10-02 16:48 - 2013-09-23 16:48 - 001210672 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1821707421-50379567-1595094216-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5363D8E1-A25E-4944-A522-1F8C04DB55E4}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{00EDC479-8771-417B-B6C7-04E1E307932A}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{BE15DCF7-116B-4714-8599-D7384F975676}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{77CC0A99-3D2C-4C91-B667-A7F0A67BABD1}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{1BBE48C0-6FFF-4737-963B-3C7BDD0567FE}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{62D86B07-BBA8-4D86-99EF-A216F33521B0}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [TCP Query User{B0C7AF72-908E-4AEF-A64A-B35D3FEFD8AC}C:\users\kevin\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\kevin\appdata\local\vysor\app-1.8.3\vysor.exe
FirewallRules: [UDP Query User{4B3EFCA9-B629-4465-9B2E-3F96DCC0A482}C:\users\kevin\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\kevin\appdata\local\vysor\app-1.8.3\vysor.exe
FirewallRules: [{47F8AB04-F8BA-49B0-86DA-BE651906D5D6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{A36C9F74-026F-45E1-A767-56CB21A4F9EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8D728CD-A15A-4D5E-BBDB-465E03830D99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E04EFF30-233A-423A-9520-F032DF835D68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7DAB871F-A5E0-48AA-A45D-D714EEA75384}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5B720D2F-072B-495B-9022-A5C9C1D49560}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{51B7F7EE-6B28-4B44-BF8B-C26B6B7EC682}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5904E9F5-E999-4CAB-B7DD-76847F8EB0E2}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{E619560E-39E5-4D26-889E-77091041CF15}C:\users\kevin\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\kevin\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [UDP Query User{5EE91FE8-A050-48F9-A132-2060A5EB9089}C:\users\kevin\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\kevin\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [{42CB87FD-4A39-417D-8FE4-B152CF6BEE52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
14-08-2018 13:12:55 Scheduled Checkpoint
14-08-2018 22:44:21 Windows Update
18-08-2018 17:47:24 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/19/2018 08:19:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/19/2018 08:18:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/19/2018 08:18:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/19/2018 06:55:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/19/2018 06:55:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
Error: (08/19/2018 06:55:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/19/2018 06:40:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/19/2018 06:19:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (08/19/2018 06:55:59 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/19/2018 06:55:59 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (08/19/2018 06:55:58 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (08/19/2018 06:55:53 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (08/19/2018 06:55:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
aswArPot
aswbidsdriver
aswbidsh
aswblog
aswbuniv
aswHdsKe
aswRvrt
aswSnx
aswSP
aswVmm
discache
spldr
Wanarpv6
 
Error: (08/19/2018 06:55:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:50:39 AM on ‎8/‎19/‎2018 was unexpected.
 
Error: (08/19/2018 06:44:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (08/19/2018 06:39:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:34:55 AM on ‎8/‎19/‎2018 was unexpected.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6300 Six-Core Processor 
Percentage of memory in use: 21%
Total physical RAM: 15853.54 MB
Available physical RAM: 12441.79 MB
Total Virtual: 31705.22 MB
Available Virtual: 28306.06 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:816.15 GB) NTFS
 
\\?\Volume{66b599ef-a7c9-11e7-874a-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 53B8412C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

hi


  • 0

#3
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Is there anyone that can help me?


  • 0

#4
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Hello, its me again looking for some help


  • 0

#5
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Do i need to pay someone to get help?  am I doing it wrong?


  • 0

#6
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

.


  • 0

#7
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

AEzsrxdtcfygubhinjmkl,p[]';,lkjbhvcfxdrzsesvbfnm,.l;[;[l.'mjkdszeardygumhiopl;/.,kbv x


  • 0

#8
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

thanks for nothing.  


Edited by myslowpc, 19 September 2018 - 08:46 AM.

  • 0

#9
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts

Hello myslowpc, sorry about the delay. One of the reasons your topic might have gotten looked over is that you kept replying to yourself. Helpers look for topics that haven't replied to yet, as that indicates to us that they require assistance. Since you were waiting for a few days, I would have recommended to you to post in the " The Waiting Room" forum here. That being said, do you still require assistance? 


  • 0

#10
myslowpc

myslowpc

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Hello myslowpc, sorry about the delay. One of the reasons your topic might have gotten looked over is that you kept replying to yourself. Helpers look for topics that haven't replied to yet, as that indicates to us that they require assistance. Since you were waiting for a few days, I would have recommended to you to post in the " The Waiting Room" forum here. That being said, do you still require assistance? 

Yes I am still having the same issues and could use some assistance.


  • 0

#11
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts

Yes I am still having the same issues and could use some assistance.

I would be happy to help and see if this is malware related. Have your symptoms changed since you first posted? As it's been awhile since you posted your logs, let's run FRST again and get a fresh set of them. Please continue with the steps below.
 
Step 1 of 1:Re-Scan with FRST
  • Right-click the FRST application and select run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce logs called FRST.txt and Addition.txt in the same directory the tool is run from.
  • Please copy and paste the logs back here.
 
===============================================
 
When you reply to me, I need to see:
  • Any questions/concerns you might have, or if you were not able to complete any of the steps above
  • The copied and pasted results of the FRST.txt and Addition.txt logs
 
 

  • 0

#12
Joeicam

Joeicam

    Malware Removal

  • Malware Removal
  • 1,289 posts

Hello myslowpc, did you still require assistance? 


  • 0

#13
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP