Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Desktop keeps crashing - AVG found nothing - please help!


  • Please log in to reply

#1
mikison

mikison

    Member

  • Member
  • PipPip
  • 94 posts

My computer (Windows 7 operating system, 64-bit) crashed a few months ago. Before it crashed completely, it keep rebooting on its own randomly. Eventually it crashed altogether but all files were backed up on 
Carbonite. I just recently restored the files on a different computer (also Windows 7, 64-bit), but now THIS computer keeps rebooting every few minutes.  There are 2 users on this computer but it was running perfectly until I added myself as a user and restored my files from Carbonite, so I can only assume one of the files was infected...

 

I have AVG and have done a scan with no results found. I have run FRST and the results are below. 

 

Any help you can give me would be greatly appreciated! Thanks in advance.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by shane (administrator) on SHANE-HP (25-08-2018 13:58:13)
Running from C:\Users\shane\Desktop
Loaded Profiles: shane (Available Profiles: shane & Miki)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Premium\ioloGovernor64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Premium\LiveBoost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-12-13] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7177728 2013-05-15] (Broadcom Corporation)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [291056 2018-08-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\common\Lib\ioloLManager.exe [4612544 2016-02-19] (iolo technologies, LLC)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278568 2018-02-02] (Carbonite, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2944518736-501353301-3337814941-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-2944518736-501353301-3337814941-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-2944518736-501353301-3337814941-1001\...\MountPoints2: {9cbd15f9-db0b-11e2-a971-d0df9adebeea} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series (Copy 1).lnk [2018-08-25]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series (Copy 1).lnk -> C:\Program Files\hp\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2015-05-12]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\hp\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\shane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-11]
ShortcutTarget: Twitch.lnk -> C:\Users\shane\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47BAC1E0-2F49-4BD6-A06D-9FF365F9F4C6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{61BC18EE-CC0C-4768-A771-97A85503264A}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2944518736-501353301-3337814941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {9997EEDF-A83E-4F2D-9DBA-41E3F8DE2865} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9997EEDF-A83E-4F2D-9DBA-41E3F8DE2865} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> {79E8117D-A3CB-4057-BA16-664713C90575} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> {9997EEDF-A83E-4F2D-9DBA-41E3F8DE2865} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-2944518736-501353301-3337814941-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-11-09] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\shane\AppData\Local\Google\Chrome\User Data\Default [2018-08-25]
CHR Extension: (Adobe Acrobat) - C:\Users\shane\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-06-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\shane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\shane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-22]
CHR HKU\S-1-5-21-2944518736-501353301-3337814941-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-22] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-22] (AVAST Software)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [323512 2018-08-22] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Technologies CZ, s.r.o.)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4759600 2016-02-19] (iolo technologies, LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6593536 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\windows\System32\uxtuneup.dll [48640 2018-07-26] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\windows\SysWOW64\uxtuneup.dll [41472 2018-07-26] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5862400 2013-05-15] (Broadcom Corporation) [File not signed]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [192104 2018-08-22] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [222288 2018-08-22] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [194224 2018-08-22] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [339048 2018-08-22] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [51952 2018-08-22] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [39352 2018-08-22] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [155664 2018-08-22] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [104256 2018-08-22] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [78352 2018-08-22] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1020112 2018-08-22] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [459624 2018-08-22] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [207192 2018-08-22] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [373944 2018-08-22] (AVG Technologies CZ, s.r.o.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [152688 2018-07-12] (Malwarebytes)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [193256 2018-08-22] (Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [117472 2018-08-24] (Malwarebytes)
R3 MBAMProtection; C:\windows\System32\DRIVERS\mbam.sys [52848 2018-08-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [259360 2018-08-24] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\System32\DRIVERS\mwac.sys [98616 2018-08-25] (Malwarebytes)
R1 RawDisk3; C:\windows\system32\drivers\rawdsk3.sys [32568 2015-08-16] (EldoS Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2018-01-22] (AVG Netherlands B.V.)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-25 13:58 - 2018-08-25 13:58 - 000021851 _____ C:\Users\shane\Desktop\FRST.txt
2018-08-25 13:58 - 2018-08-25 13:58 - 000000000 ____D C:\FRST
2018-08-25 13:56 - 2018-08-25 13:56 - 002413056 _____ (Farbar) C:\Users\shane\Desktop\FRST64.exe
2018-08-24 20:23 - 2018-08-24 20:23 - 000262144 ____N C:\windows\Minidump\082418-23384-01.dmp
2018-08-24 19:52 - 2018-08-24 19:52 - 000262144 ____N C:\windows\Minidump\082418-31730-01.dmp
2018-08-24 16:44 - 2018-08-24 16:44 - 000262144 ____N C:\windows\Minidump\082418-26192-01.dmp
2018-08-24 16:28 - 2018-08-24 16:28 - 000262144 ____N C:\windows\Minidump\082418-43009-01.dmp
2018-08-24 00:44 - 2018-08-24 00:44 - 000262144 ____N C:\windows\Minidump\082418-27814-01.dmp
2018-08-24 00:36 - 2018-08-24 00:36 - 000262144 ____N C:\windows\Minidump\082418-28984-01.dmp
2018-08-24 00:26 - 2018-08-24 00:26 - 000262144 ____N C:\windows\Minidump\082418-26925-01.dmp
2018-08-23 21:16 - 2018-08-23 21:16 - 000262144 ____N C:\windows\Minidump\082318-29718-01.dmp
2018-08-23 16:59 - 2018-08-23 16:59 - 000262144 ____N C:\windows\Minidump\082318-27549-01.dmp
2018-08-23 12:48 - 2018-08-24 20:44 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2018-08-23 10:02 - 2018-08-23 10:02 - 000001180 _____ C:\Users\shane\Desktop\World of Warcraft.lnk
2018-08-23 03:35 - 2018-08-23 03:35 - 000262144 ____N C:\windows\Minidump\082318-30388-01.dmp
2018-08-23 03:10 - 2018-08-23 03:10 - 000262144 ____N C:\windows\Minidump\082318-33618-01.dmp
2018-08-23 03:07 - 2018-08-23 03:07 - 000262144 ____N C:\windows\Minidump\082318-47299-01.dmp
2018-08-23 03:02 - 2018-08-23 03:02 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-08-23 03:02 - 2018-08-23 03:02 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-08-23 02:59 - 2016-08-29 11:04 - 003229696 _____ (Microsoft Corporation) C:\windows\explorer.exe
2018-08-23 02:59 - 2016-08-29 10:55 - 002972672 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2018-08-23 02:59 - 2016-03-09 15:00 - 000396800 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2018-08-23 02:59 - 2016-03-09 14:40 - 000316416 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2018-08-22 21:29 - 2018-08-22 21:29 - 000262144 ____N C:\windows\Minidump\082218-27315-01.dmp
2018-08-22 21:19 - 2018-08-22 21:19 - 000000000 ____D C:\Users\shane\AppData\Roaming\twitch-electron
2018-08-22 20:30 - 2018-08-22 20:30 - 000262144 ____N C:\windows\Minidump\082218-27752-01.dmp
2018-08-22 20:12 - 2018-08-22 20:12 - 000000000 ____D C:\Users\shane\AppData\Local\mbam
2018-08-22 20:12 - 2018-08-22 20:12 - 000000000 ____D C:\Users\shane\AppData\Local\AVAST Software
2018-08-22 20:11 - 2018-08-22 21:22 - 000000000 ____D C:\Users\Miki\AppData\Local\CrashDumps
2018-08-22 20:10 - 2018-08-24 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-22 20:10 - 2018-08-22 20:10 - 000001869 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-22 20:10 - 2018-07-12 08:42 - 000152688 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2018-08-22 20:09 - 2018-08-22 20:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-22 20:06 - 2018-08-22 20:06 - 082738216 _____ (Malwarebytes ) C:\Users\Miki\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6455 (1).exe
2018-08-22 20:06 - 2016-03-16 14:50 - 000156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2018-08-22 20:06 - 2016-03-16 14:28 - 000176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2018-08-22 20:06 - 2016-03-16 14:28 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2018-08-22 20:06 - 2016-01-20 20:51 - 000073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2018-08-22 20:06 - 2015-07-09 13:58 - 001632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2018-08-22 20:06 - 2015-07-09 13:58 - 000082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2018-08-22 20:06 - 2015-07-09 13:42 - 001372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2018-08-22 20:06 - 2015-07-09 13:42 - 000067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2018-08-22 20:05 - 2016-07-07 11:08 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2018-08-22 20:05 - 2016-05-12 11:18 - 000090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2018-08-22 20:05 - 2016-02-05 14:56 - 000020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2018-08-22 20:05 - 2016-02-05 14:54 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2018-08-22 20:05 - 2016-02-05 13:33 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2018-08-22 20:05 - 2015-07-22 20:02 - 000879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2018-08-22 20:05 - 2015-07-22 13:53 - 000635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2018-08-22 20:05 - 2015-06-03 16:21 - 000451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2018-08-22 20:05 - 2015-05-25 14:19 - 000113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2018-08-22 20:05 - 2015-05-25 14:18 - 000404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2018-08-22 20:05 - 2015-05-25 14:18 - 000104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2018-08-22 20:05 - 2015-05-25 14:18 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2018-08-22 20:05 - 2015-05-25 14:18 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2018-08-22 20:05 - 2015-05-25 14:18 - 000019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2018-08-22 20:05 - 2015-05-25 14:01 - 000092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2018-08-22 20:05 - 2015-05-25 14:00 - 000364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2018-08-22 20:05 - 2015-05-25 14:00 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2018-08-22 20:05 - 2015-05-25 14:00 - 000040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2018-08-22 20:05 - 2015-05-25 14:00 - 000037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2018-08-22 20:05 - 2015-05-25 14:00 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2018-08-22 19:58 - 2015-10-29 13:50 - 000342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2018-08-22 19:58 - 2015-10-29 13:50 - 000072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2018-08-22 19:58 - 2015-10-29 13:50 - 000023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2018-08-22 19:58 - 2015-10-29 13:50 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2018-08-22 19:58 - 2015-10-29 13:50 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2018-08-22 19:58 - 2015-10-29 13:49 - 000295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2018-08-22 19:58 - 2015-10-29 13:49 - 000020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2018-08-22 19:31 - 2016-03-09 14:54 - 000275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2018-08-22 19:31 - 2016-03-09 14:34 - 000216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2018-08-22 19:31 - 2015-04-10 23:19 - 000069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2018-08-22 19:14 - 2018-08-25 13:58 - 000098616 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2018-08-22 19:14 - 2018-08-24 20:53 - 000259360 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-08-22 19:14 - 2018-08-24 20:53 - 000117472 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2018-08-22 19:14 - 2018-08-24 20:53 - 000052848 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2018-08-22 19:14 - 2018-08-22 20:11 - 000193256 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2018-08-22 19:14 - 2018-08-22 19:14 - 000000000 ____D C:\Users\Miki\AppData\Local\mbam
2018-08-22 19:13 - 2018-08-22 19:13 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-22 19:10 - 2018-08-22 19:10 - 082738216 _____ (Malwarebytes ) C:\Users\Miki\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6455.exe
2018-08-22 19:00 - 2018-08-22 19:00 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Malwarebytes
2018-08-22 18:57 - 2018-08-22 18:57 - 000262144 ____N C:\windows\Minidump\082218-27705-01.dmp
2018-08-22 18:23 - 2018-08-22 18:23 - 000001835 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-08-22 18:22 - 2018-08-24 20:44 - 000003374 _____ C:\windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-08-22 18:22 - 2018-08-24 20:44 - 000003246 _____ C:\windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-08-22 18:22 - 2018-08-22 18:22 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-22 18:22 - 2018-08-22 18:22 - 000000000 ____D C:\Users\Miki\AppData\Local\AVAST Software
2018-08-22 18:22 - 2018-08-22 18:22 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-22 18:22 - 2018-08-22 18:22 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-08-22 18:21 - 2018-08-22 18:21 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2018-08-22 18:19 - 2018-08-22 18:19 - 007504768 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Miki\Downloads\avg_antivirus_free_setup_a2h.exe
2018-08-22 18:19 - 2018-08-22 18:19 - 000110424 _____ C:\Users\Miki\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-22 17:56 - 2018-08-24 20:44 - 000004172 _____ C:\windows\System32\Tasks\Open URL by RoboForm
2018-08-22 17:56 - 2018-08-24 20:44 - 000003598 _____ C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2018-08-22 17:53 - 2018-08-24 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-08-22 17:51 - 2018-08-24 20:04 - 000000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-08-22 17:51 - 2018-08-22 17:51 - 000000000 ____D C:\Users\Miki\AppData\Local\RoboForm
2018-08-22 17:51 - 2018-08-22 17:51 - 000000000 ____D C:\ProgramData\RoboForm
2018-08-22 17:50 - 2018-08-22 17:50 - 023535768 _____ (Siber Systems) C:\Users\Miki\Downloads\RoboForm-v8-Setup.exe
2018-08-22 17:50 - 2018-08-22 17:50 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-22 17:49 - 2018-08-24 20:04 - 000000000 ____D C:\Users\Miki\AppData\Local\Microsoft Help
2018-08-22 17:49 - 2018-08-22 17:49 - 000000000 __RHD C:\MSOCache
2018-08-22 17:49 - 2018-08-22 17:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-08-21 13:05 - 2018-08-21 13:05 - 000001382 _____ C:\Users\Public\Desktop\Restore Report 08-19-2018 03-07-42PM.html.lnk
2018-08-19 21:53 - 2018-08-19 21:53 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Battle.net
2018-08-19 21:53 - 2018-08-19 21:53 - 000000000 ____D C:\Users\Miki\AppData\Local\Blizzard Entertainment
2018-08-19 21:53 - 2018-08-19 21:53 - 000000000 ____D C:\Users\Miki\AppData\Local\Battle.net
2018-08-19 16:03 - 2018-08-19 16:04 - 000000000 ____D C:\Restored from Carbonite
2018-08-19 15:38 - 2018-08-21 13:03 - 000000000 ____D C:\Users\Public\Documents\AirDroid
2018-08-19 15:38 - 2018-08-21 13:03 - 000000000 ____D C:\Program Files\Quicken
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Public\OEM
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Public\Juniper Networks
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Public\Documents\SmartSwitch
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Public\Documents\Shared Books
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Miki\Tracing
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Miki\temp
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\Users\Administrator
2018-08-19 15:38 - 2018-08-19 15:38 - 000000000 ____D C:\QuickenW
2018-08-19 15:34 - 2018-08-19 15:34 - 000000000 ____D C:\Users\Miki\InstallAnywhere
2018-08-19 15:32 - 2018-08-20 18:29 - 000000000 ___RD C:\Users\Miki\Dropbox
2018-08-19 15:32 - 2018-08-20 17:38 - 000000000 ____D C:\Users\Miki\Downloads\invoice
2018-08-19 15:32 - 2018-08-20 17:35 - 000000000 ____D C:\Users\Miki\Documents\Youcam
2018-08-19 15:32 - 2018-08-19 15:32 - 000000000 ____D C:\Users\Miki\Downloads\Program files
2018-08-19 15:32 - 2018-08-19 15:32 - 000000000 ____D C:\Users\Miki\Documents\Zoom
2018-08-19 15:31 - 2018-08-22 21:25 - 000000000 ____D C:\Users\Miki\Documents\Taxes
2018-08-19 15:31 - 2018-08-22 19:17 - 000000000 ____D C:\Users\Miki\Documents\Outlook Files
2018-08-19 15:31 - 2018-08-20 13:53 - 000000000 ____D C:\Users\Miki\Documents\Scrap Girls Club
2018-08-19 15:31 - 2018-08-20 11:25 - 000000000 ___RD C:\Users\Miki\Documents\Scanned Documents
2018-08-19 15:31 - 2018-08-20 11:25 - 000000000 ____D C:\Users\Miki\Documents\River Forest home
2018-08-19 15:31 - 2018-08-20 11:24 - 000000000 ____D C:\Users\Miki\Documents\Powerpoint
2018-08-19 15:31 - 2018-08-20 11:24 - 000000000 ____D C:\Users\Miki\Documents\Pine School
2018-08-19 15:31 - 2018-08-20 10:48 - 000000000 ____D C:\Users\Miki\Documents\OneNote Notebooks
2018-08-19 15:31 - 2018-08-20 10:37 - 000000000 ____D C:\Users\Miki\Documents\My Smilebox Creations
2018-08-19 15:31 - 2018-08-19 15:32 - 000000000 ____D C:\Users\Miki\Documents\Wondershare DVD Creator
2018-08-19 15:31 - 2018-08-19 15:31 - 000000000 ____D C:\Users\Miki\Documents\Roxio
2018-08-19 15:31 - 2018-08-19 15:31 - 000000000 ____D C:\Users\Miki\Documents\RER Soft, Inc
2018-08-19 15:31 - 2018-08-19 15:31 - 000000000 ____D C:\Users\Miki\Documents\My Slide Shows
2018-08-19 15:31 - 2018-08-19 15:31 - 000000000 ____D C:\Users\Miki\Documents\My RoboForm Data
2018-08-19 15:30 - 2018-08-20 10:30 - 000000000 ____D C:\Users\Miki\Documents\My Photoshop files
2018-08-19 15:30 - 2018-08-20 10:22 - 000000000 ____D C:\Users\Miki\Documents\My Kindle Content
2018-08-19 15:30 - 2018-08-20 10:22 - 000000000 ____D C:\Users\Miki\Documents\My Google Gadgets
2018-08-19 15:30 - 2018-08-20 10:22 - 000000000 ____D C:\Users\Miki\Documents\My eBooks
2018-08-19 15:30 - 2018-08-20 10:21 - 000000000 ____D C:\Users\Miki\Documents\My Digital Editions
2018-08-19 15:30 - 2018-08-20 10:21 - 000000000 ____D C:\Users\Miki\Documents\My Data Sources
2018-08-19 15:30 - 2018-08-20 10:21 - 000000000 ____D C:\Users\Miki\Documents\MT
2018-08-19 15:30 - 2018-08-20 10:18 - 000000000 ____D C:\Users\Miki\Documents\Miki personal
2018-08-19 15:30 - 2018-08-20 10:18 - 000000000 ____D C:\Users\Miki\Documents\MCNLL
2018-08-19 15:30 - 2018-08-20 10:17 - 000000000 ____D C:\Users\Miki\Documents\Image Converter Plus
2018-08-19 15:30 - 2018-08-20 10:17 - 000000000 ____D C:\Users\Miki\Documents\Homeschool planner templates
2018-08-19 15:30 - 2018-08-20 10:17 - 000000000 ____D C:\Users\Miki\Documents\GoogleCalendarBackups
2018-08-19 15:30 - 2018-08-20 10:17 - 000000000 ____D C:\Users\Miki\Documents\Flash
2018-08-19 15:30 - 2018-08-20 10:12 - 000000000 ____D C:\Users\Miki\Documents\Crafts
2018-08-19 15:30 - 2018-08-20 10:05 - 000000000 ____D C:\Users\Miki\Documents\Bipolar_OCD
2018-08-19 15:30 - 2018-08-20 10:05 - 000000000 ____D C:\Users\Miki\Documents\Austin
2018-08-19 15:30 - 2018-08-20 10:04 - 000000000 ____D C:\Users\Miki\Documents\Auction house
2018-08-19 15:30 - 2018-08-20 10:03 - 000000000 ____D C:\Users\Miki\Documents\Andy
2018-08-19 15:30 - 2018-08-19 15:31 - 000000000 ____D C:\Users\Miki\Documents\My PSP Files
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Practice Files
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Garmin
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Downloads
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Corel Shows
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Books
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\My Albums
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\Leawo
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\iSkysoft DVD Creator
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\Fax
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\DSSPlayer
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\Digital Scrapbooking
2018-08-19 15:30 - 2018-08-19 15:30 - 000000000 ____D C:\Users\Miki\Documents\CyberLink
2018-08-19 15:29 - 2018-08-20 10:03 - 000000000 ____D C:\Users\Miki\Documents\AirDroid
2018-08-19 15:29 - 2018-08-20 09:54 - 000000000 ____D C:\Users\Miki\Documents\0_Scrapbooking Supplies
2018-08-19 15:29 - 2018-08-19 15:29 - 000000000 ____D C:\Users\Miki\Documents\Adobe Scripts
2018-08-19 15:28 - 2018-08-20 07:26 - 000000000 ____D C:\Users\Miki\Desktop\Travel
2018-08-19 15:28 - 2018-08-20 07:26 - 000000000 ____D C:\Users\Miki\Desktop\Tax
2018-08-19 15:28 - 2018-08-20 07:26 - 000000000 ____D C:\Users\Miki\Desktop\Scans
2018-08-19 15:28 - 2018-08-20 07:25 - 000000000 ____D C:\Users\Miki\Desktop\Prod
2018-08-19 15:28 - 2018-08-20 07:24 - 000000000 ____D C:\Users\Miki\Desktop\MLS Documents
2018-08-19 15:28 - 2018-08-19 15:29 - 000000000 ____D C:\Users\Miki\Documents\0-goodies
2018-08-19 15:27 - 2018-08-20 07:24 - 000000000 ____D C:\Users\Miki\Desktop\Misc
2018-08-19 15:27 - 2018-08-20 07:01 - 000000000 ____D C:\Users\Miki\Desktop\MH
2018-08-19 15:27 - 2018-08-20 07:01 - 000000000 ____D C:\Users\Miki\Desktop\MCHS
2018-08-19 15:27 - 2018-08-20 07:01 - 000000000 ____D C:\Users\Miki\Desktop\Job search
2018-08-19 15:27 - 2018-08-20 07:00 - 000000000 ____D C:\Users\Miki\Desktop\iMedX
2018-08-19 15:27 - 2018-08-20 06:59 - 000000000 ____D C:\Users\Miki\Desktop\Golden
2018-08-19 15:26 - 2018-08-20 06:59 - 000000000 ____D C:\Users\Miki\Desktop\file
2018-08-19 15:26 - 2018-08-20 06:59 - 000000000 ____D C:\Users\Miki\Desktop\Comp
2018-08-19 15:26 - 2018-08-20 03:54 - 000000000 ____D C:\Users\Miki\Desktop\camera
2018-08-19 15:26 - 2018-08-19 15:26 - 000000000 ___RD C:\Users\Miki\Creative Cloud Files
2018-08-19 15:08 - 2018-08-19 15:19 - 000000000 ____D C:\Users\Miki\Carbonite Restored OLD User Settings
2018-08-19 15:08 - 2018-08-19 15:08 - 000000000 ____D C:\Users\Miki\.unlimitedftp
2018-08-19 15:07 - 2018-08-21 13:05 - 000000000 ____D C:\Users\Miki\Documents\Carbonite Restore Reports
2018-08-19 15:04 - 2018-08-24 20:44 - 000008228 _____ C:\windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2018-08-19 15:04 - 2018-08-19 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2018-08-19 15:04 - 2018-08-19 15:04 - 000000000 ____D C:\ProgramData\Carbonite
2018-08-19 15:04 - 2018-08-19 15:04 - 000000000 ____D C:\Program Files\Carbonite
2018-08-19 15:04 - 2018-08-19 15:04 - 000000000 ____D C:\Program Files (x86)\Carbonite
2018-08-19 15:03 - 2018-08-19 15:04 - 017266664 _____ (Carbonite, Inc.) C:\Users\Miki\Downloads\CarboniteSetup-personal-client.exe
2018-08-19 15:02 - 2018-08-19 15:02 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-08-19 15:01 - 2018-08-19 15:01 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Google
2018-08-19 15:01 - 2018-08-19 15:01 - 000000000 ____D C:\Users\Miki\AppData\Roaming\AVG
2018-08-19 15:00 - 2018-08-19 15:00 - 000000000 ____D C:\Users\Miki\Documents\Bluetooth Exchange Folder
2018-08-19 15:00 - 2018-08-19 15:00 - 000000000 ____D C:\Users\Miki\AppData\Local\Broadcom
2018-08-19 14:59 - 2018-08-24 20:44 - 000003922 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{74EFFEDF-F15F-4AB8-A83D-C726B5FD8C7D}
2018-08-19 14:59 - 2018-08-24 20:04 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Raptr
2018-08-19 14:59 - 2018-08-22 17:50 - 000000000 ____D C:\Users\Miki\AppData\Local\Google
2018-08-19 14:59 - 2018-08-19 17:28 - 000000000 ____D C:\Users\Miki\AppData\Roaming\iolo
2018-08-19 14:59 - 2018-08-19 14:59 - 000001415 _____ C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Roaming\PlaysTV
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Roaming\InternetSpeedTracker_9t
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Roaming\FromDocToPDF_65
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Adobe
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Local\VirtualStore
2018-08-19 14:59 - 2018-08-19 14:59 - 000000000 ____D C:\Users\Miki\AppData\Local\CEF
2018-08-19 14:58 - 2018-08-24 20:04 - 000000000 ____D C:\Users\Miki
2018-08-19 14:58 - 2018-08-19 15:00 - 000000000 ____D C:\Users\Miki\AppData\Local\AVG
2018-08-19 14:58 - 2018-08-19 14:58 - 000000020 ___SH C:\Users\Miki\ntuser.ini
2018-08-19 14:58 - 2018-08-19 14:58 - 000000000 ____D C:\Users\Miki\AppData\Roaming\ioloGovernor
2018-08-19 14:58 - 2018-08-19 14:58 - 000000000 ____D C:\Users\Miki\AppData\Local\TouchSmartData
2018-08-19 14:58 - 2012-05-09 22:43 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Macromedia
2018-08-19 14:58 - 2012-05-09 22:33 - 000000000 ____D C:\Users\Miki\AppData\Local\Hewlett-Packard
2018-08-19 14:58 - 2010-11-21 03:16 - 000000000 ____D C:\Users\Miki\AppData\Roaming\Media Center Programs
2018-08-15 05:12 - 2018-08-03 11:55 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2018-08-15 05:12 - 2018-08-03 11:39 - 000084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2018-08-15 05:12 - 2018-08-01 23:20 - 000708272 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-08-15 05:12 - 2018-08-01 23:18 - 000096864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-08-15 05:12 - 2018-08-01 23:07 - 000263776 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-08-15 05:12 - 2018-08-01 23:06 - 000156256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-08-15 05:12 - 2018-08-01 23:05 - 005553760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-08-15 05:12 - 2018-08-01 23:02 - 001665320 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-08-15 05:12 - 2018-08-01 23:00 - 000633080 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-08-15 05:12 - 2018-08-01 22:59 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-08-15 05:12 - 2018-08-01 22:59 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-08-15 05:12 - 2018-08-01 22:58 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:45 - 004054192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-08-15 05:12 - 2018-08-01 22:45 - 003959984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-08-15 05:12 - 2018-08-01 22:43 - 001315512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-08-15 05:12 - 2018-08-01 22:42 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-08-15 05:12 - 2018-08-01 22:41 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:26 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-08-15 05:12 - 2018-08-01 22:26 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-08-15 05:12 - 2018-08-01 22:26 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-08-15 05:12 - 2018-08-01 22:25 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-08-15 05:12 - 2018-08-01 22:22 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-08-15 05:12 - 2018-08-01 22:21 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-08-15 05:12 - 2018-08-01 22:21 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-08-15 05:12 - 2018-08-01 22:17 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-08-15 05:12 - 2018-08-01 22:17 - 000160256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-08-15 05:12 - 2018-08-01 22:17 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-08-15 05:12 - 2018-08-01 22:16 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-08-15 05:12 - 2018-08-01 22:16 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-08-15 05:12 - 2018-08-01 22:16 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-08-15 05:12 - 2018-08-01 22:16 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-08-15 05:12 - 2018-08-01 22:16 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-08-15 05:12 - 2018-08-01 22:16 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-08-15 05:12 - 2018-08-01 22:16 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-08-15 05:12 - 2018-08-01 22:11 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-08-15 05:12 - 2018-08-01 22:11 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-08-15 05:12 - 2018-08-01 22:11 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-08-15 05:12 - 2018-08-01 22:11 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-08-15 05:12 - 2018-08-01 22:10 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-08-15 05:12 - 2018-08-01 22:10 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:10 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:10 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 05:12 - 2018-08-01 22:10 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 05:12 - 2018-07-19 19:53 - 000396936 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-08-15 05:12 - 2018-07-19 18:58 - 000350272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-08-15 05:12 - 2018-07-19 02:15 - 025745408 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-08-15 05:12 - 2018-07-19 00:48 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-08-15 05:12 - 2018-07-19 00:47 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-08-15 05:12 - 2018-07-19 00:35 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-08-15 05:12 - 2018-07-19 00:34 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-08-15 05:12 - 2018-07-19 00:33 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-08-15 05:12 - 2018-07-19 00:33 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-08-15 05:12 - 2018-07-19 00:33 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-08-15 05:12 - 2018-07-19 00:32 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-08-15 05:12 - 2018-07-19 00:30 - 005778432 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-08-15 05:12 - 2018-07-19 00:26 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-08-15 05:12 - 2018-07-19 00:25 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-08-15 05:12 - 2018-07-19 00:23 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-08-15 05:12 - 2018-07-19 00:22 - 020286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-08-15 05:12 - 2018-07-19 00:22 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-08-15 05:12 - 2018-07-19 00:22 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-08-15 05:12 - 2018-07-19 00:22 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-08-15 05:12 - 2018-07-19 00:21 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-08-15 05:12 - 2018-07-19 00:16 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-08-15 05:12 - 2018-07-19 00:14 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-08-15 05:12 - 2018-07-19 00:11 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-08-15 05:12 - 2018-07-19 00:05 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-08-15 05:12 - 2018-07-19 00:05 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 05:12 - 2018-07-19 00:04 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-08-15 05:12 - 2018-07-19 00:04 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-08-15 05:12 - 2018-07-19 00:04 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-08-15 05:12 - 2018-07-19 00:04 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-08-15 05:12 - 2018-07-19 00:03 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-08-15 05:12 - 2018-07-19 00:03 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-08-15 05:12 - 2018-07-19 00:01 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-08-15 05:12 - 2018-07-19 00:00 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-08-15 05:12 - 2018-07-19 00:00 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-08-15 05:12 - 2018-07-18 23:58 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-08-15 05:12 - 2018-07-18 23:58 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-08-15 05:12 - 2018-07-18 23:57 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-08-15 05:12 - 2018-07-18 23:56 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-08-15 05:12 - 2018-07-18 23:56 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-08-15 05:12 - 2018-07-18 23:55 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-08-15 05:12 - 2018-07-18 23:55 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-08-15 05:12 - 2018-07-18 23:54 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-08-15 05:12 - 2018-07-18 23:47 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-08-15 05:12 - 2018-07-18 23:46 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-08-15 05:12 - 2018-07-18 23:46 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-08-15 05:12 - 2018-07-18 23:45 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-08-15 05:12 - 2018-07-18 23:45 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-08-15 05:12 - 2018-07-18 23:43 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-08-15 05:12 - 2018-07-18 23:43 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-08-15 05:12 - 2018-07-18 23:42 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-15 05:12 - 2018-07-18 23:41 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-08-15 05:12 - 2018-07-18 23:41 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-08-15 05:12 - 2018-07-18 23:39 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-08-15 05:12 - 2018-07-18 23:38 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-08-15 05:12 - 2018-07-18 23:37 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-08-15 05:12 - 2018-07-18 23:35 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-08-15 05:12 - 2018-07-18 23:32 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-08-15 05:12 - 2018-07-18 23:31 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-08-15 05:12 - 2018-07-18 23:30 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-08-15 05:12 - 2018-07-18 23:28 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-08-15 05:12 - 2018-07-18 23:28 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-08-15 05:12 - 2018-07-18 23:28 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-08-15 05:12 - 2018-07-18 23:27 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-08-15 05:12 - 2018-07-18 23:20 - 001554944 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-08-15 05:12 - 2018-07-18 23:09 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-08-15 05:12 - 2018-07-18 23:09 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-08-15 05:12 - 2018-07-18 23:06 - 001329152 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-08-15 05:12 - 2018-07-18 23:04 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-08-15 05:12 - 2018-07-13 15:19 - 001894080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-08-15 05:12 - 2018-07-13 15:19 - 000377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-08-15 05:12 - 2018-07-13 15:19 - 000287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 05:12 - 2018-07-08 12:08 - 000383680 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-08-15 05:12 - 2018-07-08 12:02 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-08-15 05:12 - 2018-07-08 12:02 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-08-15 05:12 - 2018-07-08 12:02 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-08-15 05:12 - 2018-07-08 12:01 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-08-15 05:12 - 2018-07-08 12:01 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-08-15 05:12 - 2018-07-08 11:47 - 000309440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2018-08-15 05:12 - 2018-07-08 11:42 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-08-15 05:12 - 2018-07-08 11:42 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2018-08-15 05:12 - 2018-07-08 11:41 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-08-15 05:12 - 2018-07-08 11:41 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2018-08-15 05:12 - 2018-07-08 11:13 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2018-08-15 05:12 - 2018-07-07 11:24 - 003226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-08-15 05:12 - 2018-07-06 12:09 - 000947904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2018-08-15 05:12 - 2018-07-06 12:03 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-08-15 05:12 - 2018-07-06 12:03 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2018-08-15 05:12 - 2018-07-06 11:48 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-08-15 05:12 - 2018-07-06 11:48 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2018-08-15 05:12 - 2018-06-29 11:55 - 000045568 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
2018-08-15 05:12 - 2018-06-29 11:55 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
2018-08-15 05:12 - 2018-06-29 11:40 - 000023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
2018-08-15 05:12 - 2018-06-29 11:09 - 000034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
2018-08-15 05:12 - 2018-06-27 12:01 - 000114368 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2018-08-15 05:12 - 2018-06-27 11:55 - 003246592 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2018-08-15 05:12 - 2018-06-27 11:55 - 000504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2018-08-15 05:12 - 2018-06-27 11:55 - 000484864 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2018-08-15 05:12 - 2018-06-27 11:55 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2018-08-15 05:12 - 2018-06-27 11:54 - 001942016 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2018-08-15 05:12 - 2018-06-27 11:54 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2018-08-15 05:12 - 2018-06-27 11:43 - 000363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2018-08-15 05:12 - 2018-06-27 11:42 - 002366464 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2018-08-15 05:12 - 2018-06-27 11:42 - 000337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2018-08-15 05:12 - 2018-06-27 11:42 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2018-08-15 05:12 - 2018-06-27 11:41 - 001806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2018-08-15 05:12 - 2018-06-27 11:21 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2018-08-15 05:12 - 2018-06-27 11:16 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2018-08-15 05:12 - 2018-06-20 23:33 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2018-08-15 05:12 - 2018-06-20 23:09 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2018-07-31 09:19 - 2018-07-31 09:19 - 000000218 _____ C:\Users\shane\Downloads\v3-6-0 (1).ccip
2018-07-31 09:17 - 2018-07-31 09:17 - 000000217 _____ C:\Users\shane\Downloads\60100-201503092107.ccip
2018-07-31 09:16 - 2018-07-31 09:16 - 000000217 _____ C:\Users\shane\Downloads\8-0-1 (1).ccip
2018-07-31 09:14 - 2018-07-31 09:14 - 000000218 _____ C:\Users\shane\Downloads\v3-6-0.ccip
2018-07-31 09:13 - 2018-07-31 09:13 - 000000218 _____ C:\Users\shane\Downloads\4-46-1.ccip
2018-07-31 09:13 - 2018-07-31 09:13 - 000000217 _____ C:\Users\shane\Downloads\v8-0-1a (1).ccip
2018-07-31 09:12 - 2018-07-31 09:12 - 000000217 _____ C:\Users\shane\Downloads\v8-0-1a.ccip
2018-07-31 09:12 - 2018-07-31 09:12 - 000000217 _____ C:\Users\shane\Downloads\8-0-1.ccip
2018-07-26 20:31 - 2018-07-26 09:13 - 000048640 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\uxtuneup.dll
2018-07-26 20:31 - 2018-07-26 09:13 - 000041472 _____ (AVG Technologies CZ, s.r.o.) C:\windows\SysWOW64\uxtuneup.dll
2018-07-26 20:30 - 2018-07-26 20:30 - 000000000 ____D C:\Users\Default\AppData\Local\AVG
2018-07-26 20:30 - 2018-07-26 20:30 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-25 13:54 - 2017-02-09 21:04 - 000000000 ____D C:\Users\shane\AppData\Roaming\Curse Client
2018-08-25 13:54 - 2014-02-17 20:33 - 000000000 ____D C:\Users\shane\AppData\Roaming\Raptr
2018-08-25 13:53 - 2018-04-03 14:18 - 000003600 _____ C:\windows\System32\Tasks\AVG EUpdate Task
2018-08-25 04:32 - 2009-07-14 00:45 - 000024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-25 04:32 - 2009-07-14 00:45 - 000024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-25 03:29 - 2009-07-13 23:20 - 000000000 ____D C:\windows\rescache
2018-08-24 20:56 - 2009-07-14 01:13 - 000006214 _____ C:\windows\system32\PerfStringBackup.INI
2018-08-24 20:51 - 2017-11-01 10:46 - 000000332 _____ C:\windows\Tasks\HPCeeScheduleForshane.job
2018-08-24 20:51 - 2014-08-14 09:33 - 000000000 ____D C:\windows\Minidump
2018-08-24 20:51 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082418-24070-01.dmp
2018-08-24 20:51 - 2009-07-14 01:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-08-24 20:48 - 2014-02-16 22:22 - 000000000 ____D C:\Users\shane\AppData\Local\Battle.net
2018-08-24 20:44 - 2018-05-13 08:27 - 000003138 _____ C:\windows\System32\Tasks\{576BC2CB-B2F6-4941-ABCE-C7E7AA170A74}
2018-08-24 20:44 - 2018-05-13 08:22 - 000003266 _____ C:\windows\System32\Tasks\{1B0C56D5-E110-447E-B4B0-371BC5A8B159}
2018-08-24 20:44 - 2018-05-10 16:33 - 000003126 _____ C:\windows\System32\Tasks\{935AC8A3-E007-448B-8C43-8F8F662052F1}
2018-08-24 20:44 - 2018-04-14 16:23 - 000004324 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-08-24 20:44 - 2018-04-03 14:29 - 000004462 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-24 20:44 - 2018-04-03 14:28 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-08-24 20:44 - 2018-04-03 14:12 - 000003904 _____ C:\windows\System32\Tasks\Antivirus Emergency Update
2018-08-24 20:44 - 2017-11-01 10:46 - 000003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForshane
2018-08-24 20:44 - 2017-01-06 09:59 - 000002790 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-08-24 20:44 - 2016-01-28 17:04 - 000003148 _____ C:\windows\System32\Tasks\SidebarExecute
2018-08-24 20:44 - 2016-01-28 17:04 - 000003134 _____ C:\windows\System32\Tasks\iolo Process Governor
2018-08-24 20:44 - 2015-04-04 00:08 - 000003034 _____ C:\windows\System32\Tasks\{068BEC20-6A19-437E-9CC2-CEEC75FEB70E}
2018-08-24 20:44 - 2015-01-14 13:04 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-08-24 20:44 - 2012-09-18 07:27 - 000003332 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-24 20:44 - 2012-09-18 07:27 - 000003204 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-24 20:44 - 2012-09-17 21:11 - 000003114 _____ C:\windows\System32\Tasks\{7797CF74-A748-43BE-A175-9C3A4FED8967}
2018-08-24 20:44 - 2012-09-17 19:06 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-08-24 20:44 - 2012-09-17 18:58 - 000003926 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E7F8CB58-C2A9-4C69-ACF4-20016A3B5CF4}
2018-08-24 20:38 - 2014-02-16 22:21 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-08-24 20:04 - 2018-04-19 12:01 - 000000000 ____D C:\windows\System32\Tasks\AVG
2018-08-24 20:04 - 2018-04-03 14:13 - 000000000 ____D C:\Users\shane\AppData\Local\Avg
2018-08-24 20:04 - 2015-04-24 12:31 - 000000000 ____D C:\ProgramData\Visan
2018-08-24 20:04 - 2014-02-16 22:22 - 000000000 ____D C:\Users\shane\AppData\Roaming\Battle.net
2018-08-24 20:04 - 2012-05-09 22:31 - 000000000 ____D C:\Program Files\IDT
2018-08-24 20:04 - 2010-11-21 03:16 - 000000000 ____D C:\windows\ShellNew
2018-08-24 20:04 - 2009-07-13 23:20 - 000000000 ____D C:\windows\inf
2018-08-24 20:04 - 2009-07-13 23:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-08-24 20:03 - 2009-07-13 23:20 - 000000000 ____D C:\windows\registration
2018-08-24 19:15 - 2012-09-17 06:50 - 000000000 ____D C:\Users\shane
2018-08-24 16:50 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082418-26020-01.dmp
2018-08-24 16:41 - 2015-10-21 10:04 - 000109944 _____ C:\Users\shane\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-24 16:29 - 2015-11-09 19:45 - 000412688 _____ C:\windows\system32\FNTCACHE.DAT
2018-08-24 03:13 - 2012-05-09 23:07 - 000287037 ____N C:\windows\Minidump\082418-48360-01.dmp
2018-08-24 03:04 - 2009-07-13 22:34 - 000000478 _____ C:\windows\win.ini
2018-08-24 00:59 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082418-31325-01.dmp
2018-08-24 00:47 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082418-32448-01.dmp
2018-08-24 00:34 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082418-29484-01.dmp
2018-08-23 17:04 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082318-29296-01.dmp
2018-08-23 13:12 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082318-24242-01.dmp
2018-08-23 10:34 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082318-25802-01.dmp
2018-08-23 10:03 - 2018-04-03 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2018-08-23 10:02 - 2014-02-16 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-08-23 03:48 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082318-24648-01.dmp
2018-08-23 03:25 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082318-36925-01.dmp
2018-08-22 22:05 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082218-25006-01.dmp
2018-08-22 21:44 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082218-26301-01.dmp
2018-08-22 21:18 - 2015-05-17 19:33 - 000000000 ____D C:\ProgramData\Browser
2018-08-22 20:59 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082218-28158-01.dmp
2018-08-22 20:46 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082218-30981-01.dmp
2018-08-22 19:43 - 2012-05-09 23:07 - 000286653 ____N C:\windows\Minidump\082218-32245-01.dmp
2018-08-22 19:20 - 2012-05-09 23:07 - 000288061 ____N C:\windows\Minidump\082218-29109-01.dmp
2018-08-22 19:11 - 2012-11-22 16:06 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2018-08-22 18:21 - 2018-04-03 14:12 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSnx.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSP.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgVmm.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbloga.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsdrivera.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000207192 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsha.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArPot.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRdr2.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRvrt.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbuniva.sys
2018-08-22 18:21 - 2018-04-03 14:12 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgHwid.sys
2018-08-22 18:03 - 2012-05-09 23:07 - 000288317 ____N C:\windows\Minidump\082218-44819-01.dmp
2018-08-22 18:00 - 2012-05-09 22:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-21 21:38 - 2012-09-20 18:24 - 000000000 ____D C:\Users\shane\AppData\Roaming\HpUpdate
2018-08-19 15:38 - 2013-07-29 21:38 - 000000000 ____D C:\Users\Public\CyberLink
2018-08-19 13:43 - 2018-04-19 07:24 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-08-17 10:11 - 2017-06-18 10:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-16 03:09 - 2015-04-24 11:45 - 000000000 ____D C:\windows\system32\MRT
2018-08-16 03:04 - 2015-04-24 11:44 - 137343192 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-08-08 18:51 - 2014-03-06 22:11 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-02 13:33 - 2014-03-25 12:20 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-07-31 12:26 - 2012-09-17 20:01 - 000000000 ____D C:\Users\shane\AppData\Local\CrashDumps
2018-07-26 20:31 - 2018-04-03 14:23 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2018-07-26 09:18 - 2018-04-03 14:23 - 000045568 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\TURegOpt.exe
2018-07-26 09:13 - 2018-04-03 14:23 - 000036864 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\authuitu.dll
2018-07-26 09:13 - 2018-04-03 14:23 - 000034816 _____ (AVG Technologies CZ, s.r.o.) C:\windows\SysWOW64\authuitu.dll
 
==================== Files in the root of some directories =======
 
2011-06-21 00:17 - 2014-09-07 20:48 - 000000034 _____ () C:\Users\Miki\jagex_runescape_preferences.dat
2011-06-21 00:18 - 2014-09-07 20:49 - 000000129 _____ () C:\Users\Miki\jagex_runescape_preferences2.dat
2015-06-09 10:28 - 2016-05-26 15:01 - 000000027 _____ () C:\Users\shane\AppData\Roaming\mbam.context.scan
 
Some files in TEMP:
====================
2018-08-22 19:10 - 2018-08-22 04:01 - 000858912 _____ (Malwarebytes) C:\Users\Miki\AppData\Local\Temp\mb-clean.exe
2018-08-22 20:06 - 2018-08-22 20:06 - 082738216 _____ (Malwarebytes                                                ) C:\Users\Miki\AppData\Local\Temp\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6455 (1).exe
2018-08-22 19:10 - 2018-08-22 19:10 - 082738216 _____ (Malwarebytes                                                ) C:\Users\Miki\AppData\Local\Temp\mb3-setup-consumer-3.5.1.2522-1.0.421-1.0.6455.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-08-16 03:56
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by shane (25-08-2018 14:01:06)
Running from C:\Users\shane\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-17 10:50:17)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2944518736-501353301-3337814941-500 - Administrator - Disabled)
Guest (S-1-5-21-2944518736-501353301-3337814941-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2944518736-501353301-3337814941-1002 - Limited - Enabled)
Miki (S-1-5-21-2944518736-501353301-3337814941-1009 - Administrator - Enabled) => C:\Users\Miki
shane (S-1-5-21-2944518736-501353301-3337814941-1001 - Administrator - Enabled) => C:\Users\shane
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{F0A7F6FC-97BC-4D27-B33B-6E1EFE1BB42D}) (Version: 16.78.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.78.3.33194 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (HKLM-x32\...\WTA-9a6fe393-ccae-48c9-ac80-dc5b76105801) (Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WTA-00e84bab-07c2-43fe-a94b-fcb41e8eb643) (Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.232 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.143 - Broadcom Corporation)
Carbonite (HKLM-x32\...\{ADD4D4D2-4489-43A7-A141-7EDF2C5FB68E}) (Version: 6.3.3 build 7602 (Feb-02-2018) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-a19e19b9-84b5-4030-bc65-e6ea592edebf) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-121f74aa-1ec4-45bb-82a8-e7eb91cd5ea8) (Version: 2.2.0.98 - WildTangent) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (HKLM-x32\...\WTA-59427dac-08d9-4991-ad8a-a21dcd561496) (Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (HKLM-x32\...\WTA-d205721a-06b5-45e3-9072-311491547ab2) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-95f94c66-206a-4dbe-a57f-d01c15032059) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-15e67304-d3aa-4676-982c-c7def420927c) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WTA-a7e07716-121a-47d5-a2ac-a8374bbb6010) (Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-b84f1379-ca65-4832-8e6a-59f991f5cb6d) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6374.0 - IDT)
iolo technologies' System Mechanic Premium (HKLM-x32\...\{9C67F7FB-5E42-42CF-98FD-2D42514F127B}_is1) (Version: 15.5.0 - iolo technologies, LLC)
Jewel Match 3 (HKLM-x32\...\WTA-3e485624-05a5-4f44-8976-14c66c4c5f46) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-c46edc42-9c08-4b3d-a63b-02eedefa75c7) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-05c6b978-97b8-4dd4-8e83-ba0a172aaa27) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
Letters from Nowhere 2 (HKLM-x32\...\WTA-0003aa36-f943-4eda-9337-bbd3b8b64b8a) (Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (HKLM-x32\...\WTA-5c8aa18b-f6c6-4698-976b-f9f83b9953b0) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-3980ea7b-de67-497e-af1c-ef8aad83d5e4) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{63243F5C-E941-4461-A4B0-2689A9A3BF13}) (Version: 1.2.10 - Thorvald Natvig)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (HKLM-x32\...\WTA-98c30844-2205-4f4f-911d-38a725708896) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-4b35194a-9d32-40bd-9eab-014f5eeef9cb) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-c609ac77-aae5-4b56-b929-3bcb23cb23e2) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-56efed73-eed8-4f11-a3c7-6fddf2b5efcf) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-6b28b8a9-3fa2-439c-904c-02c180efe49b) (Version: 2.2.0.98 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-a51343ad-6493-45bf-8993-35a4df89464a) (Version: 2.2.0.98 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-a01a1255-fead-4eb7-ac46-099da878f472) (Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (HKLM-x32\...\WTA-a87a520b-e8c0-429c-828d-aaf905e0a2a2) (Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-826e86c5-d765-48d3-895c-b6a04e70cc90) (Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zuma's Revenge (HKLM-x32\...\WTA-5cb3c0e2-21cf-4b99-bbcd-a99cca7f32de) (Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2944518736-501353301-3337814941-1001_Classes\CLSID\{74a9e2da-3bd0-476d-850d-0e1890e0a78f}\InprocServer32 -> C:\windows\SYSTEM32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2944518736-501353301-3337814941-1001_Classes\CLSID\{d13e0bc4-5694-41e1-85cb-d70ffbc9230d}\InprocServer32 -> C:\windows\SYSTEM32\dfshim.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [    Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [    Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [    Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [    Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [    Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-08-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\windows\system32\Incinerator64.dll [2016-02-19] (iolo technologies, LLC)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [LinkUpMenuExt] -> {B793E5EA-5344-488E-B98D-A18E2E5938AB} => C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\LinkUpExt64.dll [2011-05-06] (Hewlett-Packard)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-07-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\windows\system32\Incinerator64.dll [2016-02-19] (iolo technologies, LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-08-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01F2003D-F597-4380-B656-CA46168CC11D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)
Task: {03ECA2BB-074A-4F78-B88D-2B19374D6035} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {0864DAFF-18CE-4E1B-9460-73F0460D85EF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-14] (Adobe Systems Incorporated)
Task: {0D912071-6528-4FE9-A511-16CFC350691A} - System32\Tasks\{7797CF74-A748-43BE-A175-9C3A4FED8967} => C:\windows\system32\pcalua.exe -a C:\Users\shane\Downloads\setup.exe -d C:\Users\shane\Desktop
Task: {1A594F86-F6C8-407B-B627-98888D9FF8DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {1F56B973-681A-40DF-B2A6-67961E15CC87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {283B4FE1-E044-40B7-B183-2CFB55088EB8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {3AFD9ECE-EA80-47E7-BF02-DD373A6C05DF} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-08-19] (AVG Technologies CZ, s.r.o.)
Task: {3F130165-1BF0-4454-A24C-9DFD3475E422} - System32\Tasks\{068BEC20-6A19-437E-9CC2-CEEC75FEB70E} => C:\windows\system32\pcalua.exe -a E:\PNY_CD.exe -d E:\
Task: {41A8D2F2-9E5C-4A68-A10A-C30F91E8B0C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {66D5780D-CB77-484D-B9C6-0E7A67E1073C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-14] (Adobe Systems Incorporated)
Task: {6BB5B42F-06F9-491C-A2F8-2F3963CDBFEC} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {6EE99281-1C65-4598-8382-051D0CED722B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2944518736-501353301-3337814941-1001
Task: {75B6327D-5E98-4B5A-9253-A774686FC885} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {77C24651-71BB-423F-8709-D1A3FCD4E58C} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {7AF6FD7D-64EE-499A-9F9E-259928DF8886} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-06-28] (HP Inc.)
Task: {822B9CB8-840B-4DF7-BE4C-C4B0BF7BFDEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {8739C2D3-B8A0-48FD-A032-433FAC1885E4} - System32\Tasks\Open URL by RoboForm => C:\windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?aaa=KICMPMJJLMNJOJJJNMGMCNJJLMJJKJCNLMLJJJPMCNGMMMLMKJCNNJMJNMNJHMMJNJKMHMPMJMMMJNJICMHMCNKMCNOMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMPMJNHICMEKMICNJJCKJNBJCMCLGJEJGJJNKJCMJNNICMJNDJCMKJBJJNMJCMPMFMPMFMPMJNFICMNIJJI (the data entry has 22 more characters).
Task: {9A3ECE3C-6EBA-4D70-BF33-F1FBB370D9AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {A6701457-AF10-4EB9-A10A-B3BDCEB10131} - System32\Tasks\{1B0C56D5-E110-447E-B4B0-371BC5A8B159} => C:\windows\system32\pcalua.exe -a "C:\Users\shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76AQULOE\TwitchSetup.exe" -d C:\Users\shane\Desktop
Task: {AB636F7B-0730-47DD-8E86-C725F0C03B02} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B5248977-31FD-4FCA-8BB7-6FA1B9E4DA61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BAC1DE46-AAE6-4B49-BDC1-AEFA97F09240} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Premium\iologovernor64.exe [2016-02-19] (iolo technologies, LLC)
Task: {D8E1E929-F536-4989-A216-2C81E062ADD9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DA65C3B0-69CA-4394-9B0A-ED1022D04360} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath =  $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).
Task: {E0177E2C-28F0-421B-8684-D94ACD7C1741} - System32\Tasks\HPCeeScheduleForshane => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {F81130C2-E7B4-48A9-88FE-505CE5AF8B6C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {F9EC567B-7F89-4DC0-9F42-7EF325D2F493} - System32\Tasks\{935AC8A3-E007-448B-8C43-8F8F662052F1} => C:\windows\system32\pcalua.exe -a C:\Users\shane\Downloads\TwitchSetup.exe -d C:\Users\shane\Desktop
Task: {FC31D41A-75CD-4585-BE8C-977A40853760} - System32\Tasks\{576BC2CB-B2F6-4941-ABCE-C7E7AA170A74} => C:\windows\system32\pcalua.exe -a "C:\Users\shane\Downloads\TwitchSetup (1).exe" -d C:\Users\shane\Desktop
Task: {FEDA742E-85AC-4AC5-8699-925E4FD3F96D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-07-26] (AVG Technologies CZ, s.r.o.)
Task: {FEEDDDFE-09D4-409D-A30E-7E5A1A185FC6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-08-22] (AVG Technologies CZ, s.r.o.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\HPCeeScheduleForshane.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-07-15 21:38 - 2015-07-15 21:38 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2018-08-22 20:10 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-22 20:10 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-22 18:21 - 2018-08-22 18:21 - 000700144 _____ () c:\Program Files\AVG\Antivirus\x64\StreamBack.dll
2015-08-19 12:20 - 2015-08-19 12:20 - 000055576 _____ () C:\Program Files\CCleaner\branding.dll
2018-08-08 18:51 - 2018-08-07 20:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 18:51 - 2018-08-07 20:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-08-22 18:21 - 2018-08-22 18:21 - 000574192 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2018-08-24 16:22 - 2018-08-24 16:22 - 005675248 _____ () C:\Program Files\AVG\Antivirus\defs\18082404\algo.dll
2018-08-22 18:21 - 2018-08-22 18:21 - 000897264 _____ () C:\Program Files\AVG\Antivirus\anen.dll
2018-08-22 18:21 - 2018-08-22 18:21 - 000542448 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
2018-08-22 18:21 - 2018-08-22 18:21 - 000987888 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
2018-08-25 13:54 - 2018-08-25 13:54 - 005675248 _____ () C:\Program Files\AVG\Antivirus\defs\18082504\algo.dll
2018-04-03 14:18 - 2018-04-03 14:17 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-04-03 14:12 - 2018-04-03 14:12 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 15:01 - 2017-05-04 15:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-07 21:38 - 2015-05-07 21:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-07 21:49 - 2015-05-07 21:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-07 21:39 - 2015-05-07 21:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-07 21:37 - 2015-05-07 21:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 17:59 - 2015-11-13 17:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 17:59 - 2015-11-13 17:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-07 21:37 - 2015-05-07 21:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-07 21:39 - 2015-05-07 21:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 13:33 - 2017-05-04 13:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-07 21:49 - 2015-05-07 21:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-07 21:55 - 2015-05-07 21:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-07 21:49 - 2015-05-07 21:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2944518736-501353301-3337814941-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\shane\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{334943E4-C2EF-4B11-9799-6AC3EC96A7FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{61A39629-B17D-44FD-A37A-86C155BD642C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{C157D25C-7EBF-4D54-91B5-A456DC427D87}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{AC8F6D56-F614-4F6F-B1E8-1CA6369F2C6B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{CA6060AF-D16A-4288-8811-653929983DFC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{1785C6CA-5DE7-4BFF-9845-E1AC9DD77809}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{DA47DBCC-0E0E-4B10-97C2-765BFD7A1E9E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{CD50727A-2B4D-4FDD-81CD-9E8E470BF162}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{9DA82350-3AA8-4119-BB94-3800300FBFB3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{45C9A2BE-7F5C-4C27-B893-1CD31B647989}] => (Allow) LPort=2869
FirewallRules: [{EAE719C6-2891-4B62-BF7C-95816A6D2429}] => (Allow) LPort=1900
FirewallRules: [{F6C90419-6CDC-438A-B220-0C0408168206}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A55E8136-0DF0-4748-9EF9-870CBAC4A90A}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{49981915-2870-4699-A5E6-CE56C5FCC9C0}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{A3DF9999-269E-43A1-A1C5-4B320BE37211}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{40C7CB78-1613-405C-AE4C-FFF834B4ED27}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{190E4B95-F6D4-4E1D-95B4-C2FAF5474BF5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0D2F28FA-2A1C-45D1-9BA5-5A7F9A0950E4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EBC84525-3211-4B21-9FD7-BDCD28F6C15A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{73B07812-F11C-4C47-A1B6-E215ED47993C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{47ACD18F-0209-47D7-9EBF-3DE1726DA2B0}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{2F0C6B9F-5BF3-479B-AFF1-2A7E3DFE7D83}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{3C895FD3-DA70-4EB9-BDCF-834238EAFC0C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{03BB201D-82D0-4670-A01E-61017B2571D2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{620AA61A-9BD9-4538-B501-3E1ED22A0E54}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{63015A4A-47BB-4A7A-9425-C8612CBBC8CB}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [{3B1DA7CF-3857-48D9-8FF2-D05D55F78AC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{81AF41D4-6B60-4AA5-ABB4-D1255FED7AEB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{E8AB0AD8-F0B3-4CC9-8E3B-CA61567656E2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{42482A48-241A-4917-A511-4806825BD662}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{DA871525-92FD-47A6-9D0B-C2A5C3790AFE}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
 
==================== Restore Points =========================
 
22-08-2018 17:48:49 Installed Microsoft Office Professional 2010
22-08-2018 18:01:01 Configured Microsoft Office Professional 2010
23-08-2018 03:00:40 Windows Update
23-08-2018 03:15:18 Windows Update
24-08-2018 03:00:45 Windows Update
24-08-2018 03:23:22 Windows Update
24-08-2018 16:54:38 Restore Operation
25-08-2018 03:00:50 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: EPSON Scanner
Description: EPSON Scanner
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/25/2018 04:27:22 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
 
Error: (08/25/2018 03:38:36 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
 
Error: (08/25/2018 03:14:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
 
Error: (08/24/2018 08:56:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (08/24/2018 08:56:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (08/24/2018 08:28:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (08/24/2018 08:28:55 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (08/24/2018 08:27:28 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
 
 
System errors:
=============
Error: (08/24/2018 08:54:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The GamesAppIntegrationService service terminated with the following error: 
Unspecified error
 
Error: (08/24/2018 08:52:38 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (08/24/2018 08:52:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
The system cannot find the path specified.
 
Error: (08/24/2018 08:51:50 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa80083a1028, 0x00000000b6000000, 0x0000000000100153). A dump was saved in: C:\windows\Minidump\082418-24070-01.dmp. Report Id: 082418-24070-01.
 
Error: (08/24/2018 08:51:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:50:20 PM on ‎8/‎24/‎2018 was unexpected.
 
Error: (08/24/2018 08:26:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The GamesAppIntegrationService service terminated with the following error: 
Unspecified error
 
Error: (08/24/2018 08:24:21 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
 
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 0
 
The details view of this entry contains further information.
 
Error: (08/24/2018 08:23:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
The system cannot find the path specified.
 
 
Windows Defender:
===================================
Date: 2018-02-08 21:21:28.849
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Misleading:Win32/Chekuem
ID:241969
Severity:High
Category:Potentially Unwanted Software
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{40310869-27A4-42
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\windows\System32\svchost.exe
 
Date: 2018-02-08 21:18:11.653
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Misleading:Win32/Chekuem
ID:241969
Severity:High
Category:Potentially Unwanted Software
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{40310869-27A4-42
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\windows\System32\svchost.exe
 
Date: 2018-02-08 20:42:56.881
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Misleading:Win32/Chekuem
ID:241969
Severity:High
Category:Potentially Unwanted Software
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{40310869-27A4-42
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\windows\System32\svchost.exe
 
Date: 2018-02-08 18:40:19.692
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Misleading:Win32/Chekuem
ID:241969
Severity:High
Category:Potentially Unwanted Software
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{40310869-27A4-42
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\windows\System32\svchost.exe
 
Date: 2018-02-08 16:51:24.273
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Misleading:Win32/Chekuem
ID:241969
Severity:High
Category:Potentially Unwanted Software
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9081C77F-9FAF-4551-A878-10A4249CD1FA};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{D90EF6CF-32CB-476D-B57C-1A71E58E8301};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{E8215BEA-3290-4C73-964B-75502B9B41B2};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F148A78C-91B1-45DC-83A9-291108F3B245};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{40310869-27A4-42
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\windows\System32\svchost.exe
 
==================== Memory info =========================== 
 
Processor: AMD A8-5500 APU with Radeon™ HD Graphics 
Percentage of memory in use: 34%
Total physical RAM: 7606.94 MB
Available physical RAM: 4981.41 MB
Total Virtual: 15212.03 MB
Available Virtual: 11982.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:914.46 GB) (Free:634.66 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:16.83 GB) (Free:2.1 GB) NTFS
Drive e: (AMERICAN_SNIPER) (CDROM) (Total:6.3 GB) (Free:0 GB) UDF
 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AE350076)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


Edited by mikison, 25 August 2018 - 12:22 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 

 

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Near the bottom of the page click on:

Download BlueScreenView with full install/uninstall support

 

Right click on the downloaded file and Run As Admin to install the program.  Follow the prompts and it should open the program..
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

 

 

Crashes are often heat related and Speccy's temperature check is not reliable so let's get a second opinion.  Get Speedfan:

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  With no other programs running what is the highest temp you see?  Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes.  What is the highest temp now?
 


  • 0

#3
mikison

mikison

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 97.01 0 K 24 K 0
procexp64.exe 1.86 28,644 K 47,192 K 6104 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.37 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.20 38,032 K 47,796 K 2884 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 0.12 152 K 544 K 4
csrss.exe 0.12 2,808 K 4,320 K 596 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.10 200,564 K 303,916 K 4732 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
ccsvchst.exe 0.05 22,120 K 10,884 K 2104 Symantec Service Framework Symantec Corporation (Verified) Symantec Corporation
chrome.exe 0.04 54,044 K 105,588 K 4412 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
CCC.exe 0.03 110,472 K 23,188 K 4112 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
HPSFMsgr.exe 0.02 95,236 K 27,904 K 5504 HP Support Assistant Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
chrome.exe 0.02 78,772 K 78,032 K 4568 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
explorer.exe 0.02 27,916 K 57,648 K 3956 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
MOM.exe 0.01 39,604 K 5,696 K 3984 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
NOBuAgent.exe 0.01 2,576 K 1,436 K 1244 Norton Online Backup Service Symantec Corporation (Verified) Symantec Corporation
svchost.exe 0.01 26,896 K 28,700 K 492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 10,228 K 14,008 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 18,900 K 9,904 K 1760 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 15,880 K 11,968 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPTouchSmartSyncCalReminderApp.exe < 0.01 28,088 K 22,816 K 212 HP TouchSmart Calendar Service Hewlett-Packard (No signature was present in the subject) Hewlett-Packard
ccsvchst.exe < 0.01 13,564 K 10,240 K 3696 Symantec Service Framework Symantec Corporation (Verified) Symantec Corporation
svchost.exe < 0.01 7,212 K 10,624 K 1944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HPAuto.exe < 0.01 4,060 K 5,180 K 2052 HP Usage Improvement Tracking Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
BTStackServer.exe < 0.01 23,340 K 18,256 K 1316 Bluetooth Stack COM Server Broadcom Corporation. (Verified) Broadcom Corporation
svchost.exe < 0.01 99,560 K 98,940 K 304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
stacsv64.exe < 0.01 11,932 K 3,496 K 796 IDT PC Audio IDT, Inc. (No signature was present in the subject) IDT, Inc.
csrss.exe < 0.01 2,556 K 2,584 K 496 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 64,048 K 15,988 K 3120 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 2,528 K 2,608 K 2564 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe 4,488 K 7,140 K 5760 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,828 K 6,584 K 5180 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 1,512 K 796 K 2160 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 6,112 K 7,196 K 1940 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
wlanext.exe 1,924 K 2,608 K 1612 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3,132 K 4,008 K 808 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,656 K 336 K 568 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 3,124 K 6,344 K 2960 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,400 K 6,172 K 5200 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,592 K 6,016 K 892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 25,100 K 15,936 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,668 K 4,592 K 772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,056 K 1,840 K 2388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12,132 K 9,676 K 1776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,636 K 2,980 K 2556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 8,744 K 18,968 K 3912 IDT PC Audio IDT, Inc. (No signature was present in the subject) IDT, Inc.
spoolsv.exe 7,284 K 4,716 K 1748 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 524 K 388 K 276 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 5,764 K 5,340 K 628 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SeaPort.EXE 4,048 K 1,728 K 1864 Microsoft SeaPort Search Enhancement Broker Microsoft Corporation (Verified) Microsoft Corporation
rundll32.exe 1,472 K 4,864 K 516 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 2,312 K 7,312 K 5192 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 26,256 K 16,824 K 3212 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
pdfsvc.exe 2,292 K 2,572 K 1356 Dispatcher PDF Complete Inc (Verified) PDF Complete
lsm.exe 2,552 K 2,444 K 672 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 4,532 K 5,476 K 664 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
hpwuschd2.exe 1,056 K 3,560 K 1628 hpwuSchd Application Hewlett-Packard (A certificate was explicitly revoked by its issuer) Hewlett-Packard
hpsysdrv.exe 984 K 3,472 K 3304 hpsysdrv Hewlett-Packard (Verified) Hewlett-Packard Company
HPSA_Service.exe 24,088 K 4,832 K 1340 HP Support Assistant Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
HPDrvMntSvc.exe 1,068 K 776 K 2028 HP Quick Synchronization Service Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
HPClientServices.exe 3,960 K 2,132 K 1984 HP Client Services Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
GoogleCrashHandler64.exe 1,648 K 916 K 732 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1,528 K 884 K 1376 Google Crash Handler Google Inc. (Verified) Google Inc
GCalService.exe 19,096 K 7,480 K 2876 HP TouchSmart Calendar Hewlett-Packard (No signature was present in the subject) Hewlett-Packard
dllhost.exe 2,408 K 5,996 K 4360 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,080 K 460 K 1624 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 13,484 K 19,896 K 5604 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
chrome.exe 21,704 K 32,936 K 184 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
chrome.exe 2,576 K 5,968 K 4420 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
chrome.exe 2,684 K 6,520 K 4452 Google Chrome Google Inc. (The timestamp signature and/or certificate could not be verified or is malformed) Google Inc.
btwdins.exe 2,556 K 3,316 K 1904 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
BTTray.exe 7,256 K 13,344 K 3512 Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
BluetoothHeadsetProxy.exe 1,048 K 3,560 K 4232 Bluetooth Headset Skype Proxy Broadcom Corporation. (Verified) Broadcom Corporation
Beats64.exe 2,388 K 5,324 K 3268 HP Beats Hewlett-Packard (No signature was present in the subject) Hewlett-Packard 
audiodg.exe 14,788 K 16,100 K 1720 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,720 K 1,336 K 956 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,568 K 3,844 K 1468 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
 

  • 0

#4
mikison

mikison

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       276 N/A                                         
csrss.exe                      496 N/A                                         
wininit.exe                    568 N/A                                         
csrss.exe                      596 N/A                                         
services.exe                   628 N/A                                         
lsass.exe                      664 KeyIso, SamSs                               
lsm.exe                        672 N/A                                         
svchost.exe                    772 DcomLaunch, PlugPlay, Power                 
winlogon.exe                   808 N/A                                         
svchost.exe                    892 RpcEptMapper, RpcSs                         
atiesrxx.exe                   956 AMD External Events Utility                 
svchost.exe                   1016 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                    304 AudioEndpointBuilder, hidserv, Netman,      
                                   PcaSvc, SysMain, TrkWks, UxSms,             
                                   WdiSystemHost, Wlansvc, WPDBusEnum, wudfsvc 
svchost.exe                    492 AeLookupSvc, Appinfo, BITS, EapHost, gpsvc, 
                                   IKEEXT, iphlpsvc, LanmanServer, MMCSS,      
                                   ProfSvc, Schedule, SENS, ShellHWDetection,  
                                   Themes, Winmgmt, wuauserv                   
stacsv64.exe                   796 STacSV                                      
svchost.exe                   1188 EventSystem, fdPHost, netprofm, nsi,        
                                   WdiServiceHost, WinHttpAutoProxySvc         
svchost.exe                   1396 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
atieclxx.exe                  1468 N/A                                         
wlanext.exe                   1612 N/A                                         
conhost.exe                   1624 N/A                                         
spoolsv.exe                   1748 Spooler                                     
svchost.exe                   1776 BFE, DPS, MpsSvc                            
SeaPort.EXE                   1864 BBUpdate                                    
btwdins.exe                   1904 btwdins                                     
svchost.exe                   1944 FDResPub, FontCache, SSDPSRV, wcncsvc       
HPClientServices.exe          1984 HPClientSvc                                 
HPDrvMntSvc.exe               2028 HPDrvMntSvc.exe                             
NOBuAgent.exe                 1244 NOBU                                        
pdfsvc.exe                    1356 pdfcDispatcher                              
WLIDSVC.EXE                   1940 wlidsvc                                     
HPAuto.exe                    2052 HPAuto                                      
WLIDSVCM.EXE                  2160 N/A                                         
svchost.exe                   2388 bthserv                                     
svchost.exe                   2556 PolicyAgent                                 
WUDFHost.exe                  2564 N/A                                         
GCalService.exe               2876 CalendarSynchService                        
GoogleCrashHandler.exe        1376 N/A                                         
HPSA_Service.exe              1340 HP Support Assistant Service                
GoogleCrashHandler64.exe       732 N/A                                         
ccsvchst.exe                  2104 NIS                                         
SearchIndexer.exe             1760 WSearch                                     
svchost.exe                   3120 WinDefend                                   
taskhost.exe                  2960 N/A                                         
dwm.exe                       2884 N/A                                         
explorer.exe                  3956 N/A                                         
ccsvchst.exe                  3696 N/A                                         
Beats64.exe                   3268 N/A                                         
sttray64.exe                  3912 N/A                                         
hpsysdrv.exe                  3304 N/A                                         
BTTray.exe                    3512 N/A                                         
hpwuschd2.exe                 1628 N/A                                         
audiodg.exe                   1720 N/A                                         
MOM.exe                       3984 N/A                                         
CCC.exe                       4112 N/A                                         
chrome.exe                    4412 N/A                                         
chrome.exe                    4420 N/A                                         
chrome.exe                    4452 N/A                                         
chrome.exe                    4568 N/A                                         
HPTouchSmartSyncCalRemind      212 N/A                                         
BTStackServer.exe             1316 N/A                                         
rundll32.exe                   516 N/A                                         
PresentationFontCache.exe     3212 FontCache3.0.0.0                            
BluetoothHeadsetProxy.exe     4232 N/A                                         
wmpnetwk.exe                  5760 WMPNetworkSvc                               
chrome.exe                    4732 N/A                                         
taskeng.exe                   5200 N/A                                         
HPSFMsgr.exe                  5504 N/A                                         
WmiPrvSE.exe                  5180 N/A                                         
chrome.exe                     184 N/A                                         
procexp.exe                   5192 N/A                                         
procexp64.exe                 6104 N/A                                         
notepad.exe                   5920 N/A                                         
chrome.exe                    3252 N/A                                         
chrome.exe                    4696 N/A                                         
software_reporter_tool.ex     1508 N/A                                         
software_reporter_tool.ex     3464 N/A                                         
software_reporter_tool.ex     4528 N/A                                         
chrome.exe                    5556 N/A                                         
taskeng.exe                   4524 N/A                                         
cmd.exe                       2848 N/A                                         
conhost.exe                   3340 N/A                                         
tasklist.exe                  2860 N/A                                         
WmiPrvSE.exe                  4892 N/A                                         

  • 0

#5
mikison

mikison

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts

Text file from Speccy attached


  • 0

#6
mikison

mikison

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts
==================================================
Dump File         : 082818-16676-01.dmp
Crash Time        : 8/28/2018 5:37:10 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`079658f8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082818-16676-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/28/2018 5:37:14 PM
==================================================
 
==================================================
Dump File         : 082818-16192-01.dmp
Crash Time        : 8/28/2018 2:01:22 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`077ee028
Parameter 3       : 00000000`b6000000
Parameter 4       : 00000000`00100153
Caused By Driver  : 
Caused By Address : 
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : 
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082818-16192-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 287,685
Dump File Time    : 8/28/2018 2:02:50 PM
==================================================
 
==================================================
Dump File         : 082818-18174-01.dmp
Crash Time        : 8/28/2018 11:18:28 AM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0759d8f8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082818-18174-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/28/2018 11:18:31 AM
==================================================
 
==================================================
Dump File         : 082718-17908-01.dmp
Crash Time        : 8/27/2018 9:36:43 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0792e8f8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082718-17908-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/27/2018 9:36:46 PM
==================================================
 
==================================================
Dump File         : 082718-21902-01.dmp
Crash Time        : 8/27/2018 9:31:57 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`0799b8f8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082718-21902-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/27/2018 9:32:02 PM
==================================================
 
==================================================
Dump File         : 082718-23758-01.dmp
Crash Time        : 8/27/2018 4:41:32 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`08250028
Parameter 3       : 00000000`b6000000
Parameter 4       : 00000000`00100153
Caused By Driver  : 
Caused By Address : 
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : 
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082718-23758-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 286,917
Dump File Time    : 8/27/2018 4:42:42 PM
==================================================
 
==================================================
Dump File         : 082718-16723-01.dmp
Crash Time        : 8/27/2018 4:03:38 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`083316e8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082718-16723-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/27/2018 4:03:40 PM
==================================================
 
==================================================
Dump File         : 082718-26800-01.dmp
Crash Time        : 8/27/2018 3:58:22 PM
Bug Check String  : 
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : fffffa80`079728f8
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4b2aec
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Processor         : x64
Crash Address     : ntoskrnl.exe+4b2aec
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\windows\Minidump\082718-26800-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 262,144
Dump File Time    : 8/27/2018 3:58:28 PM
==================================================

  • 0

#7
mikison

mikison

    Member

  • Topic Starter
  • Member
  • PipPip
  • 94 posts

Thank you for replying.l I have posted all the requested information. Temperature on Speedfan is good. Max temp stays at 0 C?


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,316 posts
  • MVP

Speccy log did not attach.  Please try again.

 

Temp of 0 C is unlikely unless it's in a freezer.  Normal reading on a desktop is about 45 C, Notebook around 50 C.  Make sure you right click and Run As Admin.

 

You need to reinstall Chrome.  It's either corrupt or infected.  Once you do that rerun Process Explorer and post the new log.

 

Several of your HP applications are out of date.  If you use them then get the latest from HP.  If you don't use them just uninstall.

 

 

BlueScreenView shows a problem with a standard Windows File.  This means we have either a temp problem, bad RAM, or perhaps a failing hard drive.

 

To test the RAM:

 

https://www.howtogee...m-for-problems/

 

Option 2 is the better test but Option 1 is OK.

 

Speccy will tell us a bit about your HD but you can also run HD Tune

 

https://www.hdtune.com/

 

Click on Downloads

 

Then look for HD Tune

and you will see:

 

hdtune_255.exe  

 

Download, Save, Right click and Run As Admin.  I think it gives you a shortcut on your desktop.  Right click on it and Run As Admin.   Then click on Error Scan and then Start.  Takes a few minutes.  Does it complain about errors?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP