Been working on this computer for over a week. It keeps deleting the net card, ad if the net card is there then I don't have internet....Last night I tried again after running both AVG and Malware Bytes to see if that helped. Neither one of them came up with anything in there.
I have done the FRST for you and I will attach it at the end of this request. If we can`t get google working for whatever reason. Is there a way for me to get my saved favorites, bookmarks, and all my saved password. I do have a few of them written down, just not sure ones are there that I need.
Thank you so much for your help and expertise
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05.2019
Ran by Dragonsgrl (administrator) on DRAGONSGRL-PC (Acer Aspire 5552) (09-05-2019 07:59:20)
Running from C:\Users\Dragonsgrl\Desktop
Loaded Profiles: Dragonsgrl (Available Profiles: Dragonsgrl)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Adobe Systems Incorporated -> Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\...\MountPoints2: {4131879e-c31e-11e8-903f-1c75080899c1} - E:\windows\AutoRun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-09] (Google LLC -> Google Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3EFDED95-C945-4D5D-B367-6D391B171A15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-09] (Google Inc -> Google Inc.)
Task: {60553A67-C09C-4DE9-8918-8EA744C6AA63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-09] (Google Inc -> Google Inc.)
Task: {62F61FAF-AE2B-40F5-8396-ED7D693759C2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {76525926-B807-48E8-96F0-7428D0A98D67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8B7F4956-7EB4-45D4-8B40-8B4765E4FAE7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B8FB64B6-A962-42FA-90CA-5EF1C3E5B335} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [1454592 2018-09-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C4F13FC6-4202-4B86-977B-1A4DC68B3184} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {E06C451E-89AF-4EE9-9DDD-70943149601D} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [24480 2016-06-08] (Acer Incorporated -> Acer Incorporated)
Task: {E37B5C17-A2D8-4CC7-A344-468D2A3FF1C0} - System32\Tasks\Core Temp Autostart Dragonsgrl => C:\Program Files\Core Temp\Core Temp.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.122
Tcpip\..\Interfaces\{5AE284F5-3F40-4BA8-AD39-FD777996F789}: [DhcpNameServer] 192.168.1.254 75.153.171.122
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_18_11¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyE0CtD0FyC0EtCtBtDtD0DyBzzyBtByBtN0D0Tzu0StBtByCyDtN1L2XzuyEtFtBtCtFtDtFtCtBtAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0FyDtBzz0EyDyCtGtAyBtB0CtGtD0A0A0DtGtBtBzyyEtG0BtAtC0AyE0AtCzyyC0BzzyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE1TtCtB1QtC1TyBtG1R1R1PyDtGyEtA1P1QtG1S1Q1QtDtG1R1RyCtA1Ozzzy1RtB1P1Tzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtBtCtCyEzzzzyEtA%26cr%3D567869070%26a%3Dwbf_anvsft_18_11%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://ca.yahoo.com/
CHR StartupUrls: Default -> "hxxps://ca.yahoo.com/"
CHR DefaultSearchURL: Default -> hxxps://ca.search.yahoo.com/search{google:pathWildcard}?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSearchKeyword: Default -> ca.yahoo.com
CHR DefaultSuggestURL: Default -> hxxps://ca.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default [2019-05-09]
CHR Extension: (Slides) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Docs) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (Flash Playlist) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanagokoaogopceablgmpndejhedkjjb [2018-04-03]
CHR Extension: (Sheets) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Google Docs Offline) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Save to Facebook) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2019-01-17]
CHR Extension: (Popup Blocker Pro) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2019-05-06]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2019-05-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-28]
CHR Profile: C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-08]
CHR Profile: C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-08]
CHR Extension: (Slides) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-31]
CHR Extension: (Docs) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-31]
CHR Extension: (Google Drive) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-31]
CHR Extension: (YouTube) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-31]
CHR Extension: (Sheets) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-31]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-01-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-31]
CHR Extension: (Gmail) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-31]
CHR Profile: C:\Users\Dragonsgrl\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-08]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-05-10] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox64; C:\Windows\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96896 2012-05-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6037504 2009-08-18] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-08-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 dc3d; C:\Windows\System32\DRIVERS\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [54216 2018-05-15] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [384040 2010-05-14] (Broadcom Corporation -> Broadcom Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2019-05-08] (Malwarebytes Corporation -> Malwarebytes)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-09 07:59 - 2019-05-09 08:03 - 000025427 _____ C:\Users\Dragonsgrl\Desktop\FRST.txt
2019-05-09 07:59 - 2019-05-09 07:59 - 000000000 ____D C:\FRST
2019-05-09 07:56 - 2019-05-09 07:56 - 002430976 _____ (Farbar) C:\Users\Dragonsgrl\Desktop\FRST64.exe
2019-05-09 06:29 - 2019-05-09 06:29 - 000003304 ____N C:\bootsqm.dat
2019-05-09 00:12 - 2019-05-08 19:26 - 057770752 _____ (Google LLC) C:\Users\Dragonsgrl\Downloads\ChromeStandaloneSetup64.exe
2019-05-08 23:56 - 2019-05-09 00:56 - 000241330 _____ C:\Windows\ntbtlog.txt
2019-05-08 17:49 - 2019-05-09 01:33 - 000002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-26 10:25 - 2019-05-08 17:32 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-24 12:45 - 2019-04-24 12:44 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-04-12 13:57 - 2019-04-24 12:47 - 000000077 _____ C:\Windows\system32\Drivers\avgSP.sys.sum
2019-04-11 13:25 - 2019-04-01 18:57 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-11 13:25 - 2019-03-26 17:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-11 13:25 - 2019-03-25 23:14 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-11 13:25 - 2019-03-25 22:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-04-11 13:25 - 2019-03-25 22:05 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-11 13:25 - 2019-03-25 22:00 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-11 13:25 - 2019-03-25 21:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-04-11 13:25 - 2019-03-25 21:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-04-11 13:25 - 2019-03-11 14:41 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-11 13:25 - 2019-03-11 14:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-11 13:25 - 2019-02-12 09:08 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-11 13:24 - 2019-03-28 18:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-11 13:24 - 2019-03-27 20:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-04-11 13:24 - 2019-03-27 18:55 - 000397120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-11 13:24 - 2019-03-25 23:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-11 13:24 - 2019-03-25 23:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-11 13:24 - 2019-03-25 22:52 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-11 13:24 - 2019-03-25 22:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-11 13:24 - 2019-03-25 22:51 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-11 13:24 - 2019-03-25 22:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-11 13:24 - 2019-03-25 22:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-11 13:24 - 2019-03-25 22:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-11 13:24 - 2019-03-25 22:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-11 13:24 - 2019-03-25 22:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-11 13:24 - 2019-03-25 22:41 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-11 13:24 - 2019-03-25 22:40 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-11 13:24 - 2019-03-25 22:40 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-11 13:24 - 2019-03-25 22:40 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-11 13:24 - 2019-03-25 22:40 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-11 13:24 - 2019-03-25 22:40 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-11 13:24 - 2019-03-25 22:35 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-11 13:24 - 2019-03-25 22:31 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-11 13:24 - 2019-03-25 22:26 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-11 13:24 - 2019-03-25 22:26 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-11 13:24 - 2019-03-25 22:25 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-11 13:24 - 2019-03-25 22:22 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-11 13:24 - 2019-03-25 22:22 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-11 13:24 - 2019-03-25 22:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-11 13:24 - 2019-03-25 22:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-11 13:24 - 2019-03-25 22:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-11 13:24 - 2019-03-25 22:08 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-11 13:24 - 2019-03-25 22:08 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-11 13:24 - 2019-03-25 22:07 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-11 13:24 - 2019-03-25 22:06 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-11 13:24 - 2019-03-25 22:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-04-11 13:24 - 2019-03-25 21:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-04-11 13:24 - 2019-03-25 21:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-04-11 13:24 - 2019-03-25 21:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-04-11 13:24 - 2019-03-25 21:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-11 13:24 - 2019-03-25 21:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-11 13:24 - 2019-03-25 21:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-04-11 13:24 - 2019-03-25 21:48 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-11 13:24 - 2019-03-25 21:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-04-11 13:24 - 2019-03-25 21:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-04-11 13:24 - 2019-03-25 21:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-04-11 13:24 - 2019-03-25 21:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-04-11 13:24 - 2019-03-25 21:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-11 13:24 - 2019-03-25 21:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-04-11 13:24 - 2019-03-25 21:36 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-11 13:24 - 2019-03-25 21:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-04-11 13:24 - 2019-03-25 21:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-04-11 13:24 - 2019-03-25 21:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-11 13:24 - 2019-03-25 21:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-04-11 13:24 - 2019-03-25 21:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-04-11 13:24 - 2019-03-25 21:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-11 13:24 - 2019-03-25 21:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-04-11 13:24 - 2019-03-25 21:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-04-11 13:24 - 2019-03-25 21:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-04-11 13:24 - 2019-03-25 21:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-04-11 13:24 - 2019-03-25 21:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-04-11 13:24 - 2019-03-25 21:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-04-11 13:24 - 2019-03-25 21:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-11 13:24 - 2019-03-25 21:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-04-11 13:24 - 2019-03-25 21:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-04-11 13:24 - 2019-03-20 19:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-11 13:24 - 2019-03-20 19:13 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-04-11 13:24 - 2019-03-20 19:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-04-11 13:24 - 2019-03-20 19:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-11 13:24 - 2019-03-20 19:13 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-11 13:24 - 2019-03-20 19:12 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-11 13:24 - 2019-03-20 19:12 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-11 13:24 - 2019-03-20 19:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-04-11 13:24 - 2019-03-20 19:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-04-11 13:24 - 2019-03-20 19:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-04-11 13:24 - 2019-03-20 19:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 19:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 18:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-11 13:24 - 2019-03-20 18:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-11 13:24 - 2019-03-20 18:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-11 13:24 - 2019-03-20 18:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-11 13:24 - 2019-03-20 18:41 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-11 13:24 - 2019-03-20 18:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-11 13:24 - 2019-03-20 18:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-11 13:24 - 2019-03-20 18:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-04-11 13:24 - 2019-03-20 18:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-04-11 13:24 - 2019-03-20 18:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-11 13:24 - 2019-03-20 18:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-11 13:24 - 2019-03-20 18:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-11 13:24 - 2019-03-20 18:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-11 13:24 - 2019-03-20 18:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-11 13:24 - 2019-03-20 18:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-11 13:24 - 2019-03-20 18:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-11 13:24 - 2019-03-20 18:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-11 13:24 - 2019-03-20 18:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-04-11 13:24 - 2019-03-20 18:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-04-11 13:24 - 2019-03-20 18:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-04-11 13:24 - 2019-03-20 18:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-04-11 13:24 - 2019-03-20 18:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-04-11 13:24 - 2019-03-20 18:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 18:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 18:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-04-11 13:24 - 2019-03-20 18:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-04-11 13:24 - 2019-03-15 21:11 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-11 13:24 - 2019-03-15 21:09 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-11 13:24 - 2019-03-15 21:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-11 13:24 - 2019-03-15 21:08 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-11 13:24 - 2019-03-15 21:08 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-04-11 13:24 - 2019-03-15 20:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-04-11 13:24 - 2019-03-15 20:42 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-11 13:24 - 2019-03-15 20:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-04-11 13:24 - 2019-03-15 20:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-04-11 13:24 - 2019-03-13 08:09 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-11 13:24 - 2019-03-13 08:02 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-04-11 13:24 - 2019-03-13 07:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-04-11 13:24 - 2019-03-13 07:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-04-11 13:24 - 2019-03-12 07:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-04-11 13:24 - 2019-03-12 07:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-04-11 13:24 - 2019-03-12 07:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-04-11 13:24 - 2019-03-11 14:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-11 13:24 - 2019-03-11 14:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-11 13:24 - 2019-03-11 14:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-11 13:24 - 2019-03-11 14:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-11 13:24 - 2019-03-11 14:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-04-11 13:24 - 2019-03-11 14:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-04-11 13:24 - 2019-02-21 08:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-11 13:24 - 2019-02-21 08:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-04-11 13:24 - 2019-02-21 08:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-11 13:24 - 2019-02-12 09:08 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-11 13:24 - 2019-02-12 08:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-04-11 13:24 - 2019-02-12 08:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-04-11 13:24 - 2019-02-08 09:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-11 13:24 - 2019-02-08 09:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-09 07:57 - 2009-07-13 21:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-09 07:57 - 2009-07-13 21:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-09 06:58 - 2009-07-13 22:13 - 000782744 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-09 06:58 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2019-05-09 06:53 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-09 01:33 - 2017-11-09 22:22 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-08 17:31 - 2018-06-01 11:23 - 000000000 ____D C:\Users\Dragonsgrl\Documents\computer fix
2019-05-08 17:26 - 2017-11-10 01:17 - 000004162 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-05-05 22:05 - 2018-01-21 21:19 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Roaming\PhotoScape
2019-05-03 20:36 - 2019-02-21 11:00 - 000003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2019-05-03 20:36 - 2018-10-27 14:39 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-03 20:36 - 2018-10-27 14:39 - 000002810 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-03 20:36 - 2018-09-05 19:06 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-03 20:36 - 2017-11-13 14:08 - 000003980 _____ C:\Windows\System32\Tasks\UALU notificatin
2019-05-03 20:36 - 2017-11-09 22:21 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-03 20:36 - 2017-11-09 22:21 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-30 23:09 - 2018-03-12 12:58 - 000000000 ____D C:\Users\Dragonsgrl\AppData\Roaming\SoftGrid Client
2019-04-24 12:47 - 2018-11-27 15:45 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-04-24 12:47 - 2018-11-27 15:45 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-04-24 12:44 - 2018-11-27 15:45 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-04-24 12:44 - 2018-11-27 15:44 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-04-24 12:44 - 2018-11-27 15:44 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-04-24 12:44 - 2018-11-27 15:44 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-04-24 12:44 - 2018-11-27 15:44 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-04-24 12:43 - 2019-01-14 19:05 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-04-24 12:43 - 2019-01-10 13:05 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblog.sys
2019-04-24 12:43 - 2019-01-10 13:05 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-04-24 12:43 - 2019-01-10 13:05 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-04-24 12:43 - 2019-01-10 13:05 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-04-24 12:43 - 2018-11-27 15:44 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-04-24 12:43 - 2018-11-27 15:44 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-04-11 18:12 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2019-04-11 14:55 - 2009-07-13 21:45 - 000269128 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-11 13:35 - 2017-11-09 22:20 - 000000000 ____D C:\Windows\system32\MRT
2019-04-11 13:27 - 2017-11-09 22:19 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-11 12:55 - 2009-07-13 22:08 - 000032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2017-12-22 05:15 - 2017-12-22 05:15 - 000000000 _____ () C:\Users\Dragonsgrl\AppData\Local\{65ECEA2F-444A-4E8D-BCE3-1F1A2EBEB15A}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-05-04 19:37
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05.2019
Ran by Dragonsgrl (09-05-2019 08:04:32)
Running from C:\Users\Dragonsgrl\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-11-10 05:11:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3326494740-2715231408-2236335189-500 - Administrator - Disabled)
Dragonsgrl (S-1-5-21-3326494740-2715231408-2236335189-1001 - Administrator - Enabled) => C:\Users\Dragonsgrl
Guest (S-1-5-21-3326494740-2715231408-2236335189-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3326494740-2715231408-2236335189-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
18 Wheels of Steel - American Long Haul (HKLM-x32\...\WT088649) (Version: 2.2.0.95 - WildTangent) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer Game Console (HKLM-x32\...\Acer Game Console) (Version: - WildTangent) Hidden
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3504 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.82.76 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WT088295) (Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.7.0 - Auslogics Labs Pty Ltd)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT088300) (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT088373) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT088310) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT088312) (Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3216.50 - CyberLink Corp.)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT088318) (Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (HKLM-x32\...\WT088393) (Version: 2.2.0.95 - WildTangent) Hidden
EaseUS Todo Backup Free 11.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.0 - CHENGDU YIWO Tech Development Co., Ltd)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
FATE (HKLM-x32\...\WT088413) (Version: 2.2.0.95 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.0.16811 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Jewel Quest - Heritage (HKLM-x32\...\WT088653) (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT088350) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WT088445) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Media Player 10 (HKLM-x32\...\Media Player 10) (Version: 10.0.0 - CodeTechno)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MyWinLocker (HKLM-x32\...\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}) (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
Penguins! (HKLM-x32\...\WT088449) (Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies (HKLM-x32\...\WT088364) (Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (HKLM-x32\...\WT088453) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT088457) (Version: 2.2.0.95 - WildTangent) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
SyncDroid version 1.2.5 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.5 - JunTu Software, Inc.)
Syncios 6.5.4 (HKLM-x32\...\Syncios) (Version: 6.5.4 - Anvsoft)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT088553) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B06 - ZTE Corporation)
Zuma's Revenge (HKLM-x32\...\WT088517) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-05-26] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2010-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-05-26] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-05-24] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dragonsgrl\Desktop\[email protected] - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2018-07-30 07:26 - 2016-03-07 18:08 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2018-07-30 07:26 - 2004-10-05 03:08 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 000073728 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-29 23:03 - 2013-04-29 23:03 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-29 23:02 - 2013-04-29 23:02 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 000361984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2018-07-30 07:26 - 2017-02-21 17:19 - 000083136 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2018-07-30 07:26 - 2008-11-25 17:18 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2018-09-18 02:51 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2018-09-18 02:51 - 2017-06-21 09:24 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2018-09-18 02:51 - 2017-06-21 09:24 - 000198144 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2019-01-07 10:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x86;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-3326494740-2715231408-2236335189-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dragonsgrl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254 - 75.153.171.122
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BackupRemind.lnk => C:\Windows\pss\BackupRemind.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Chromium => "c:\users\dragonsgrl\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: Syncios device service => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{969402E1-A538-4399-8E87-2E5123D3B9B1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{95460CE1-933A-4158-91FC-BFCF88262CD6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15DFC08E-364B-46B8-889E-B0949D5B6B2C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F50BBD29-40B1-4DF4-9AED-396C42819C32}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4C7EC1A7-1E67-4FD6-8372-EBB7E63D4E4C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C71915D-F770-41E7-BEEF-F389249E4EDA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{39F03C0D-8A65-487F-9D0D-840348AFEC9D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{7B269E72-49DA-47E7-BE5A-4A50ED67EC7E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{475A4BC4-B6BE-494B-AB55-27F0555AE4CA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{08FD9D80-7811-4DAB-975F-73432308DE99}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{D2D1A24A-1067-4D79-9CFE-CA1DCCD21E13}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{54DD3CBA-F93C-4CB3-8C0A-59A71D76B210}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{FC6B24A8-C9C4-4FCA-8C86-06EAA4184782}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{DFD4FB5C-9B1B-484C-8644-12DD5BF353CA}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe (Anvsoft Inc. -> Syncios Data Transfer)
FirewallRules: [{5F7E0229-E646-4EFB-BCE4-F6E8B4C78958}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AE9D01DD-F3CC-415D-8BE4-0E6B079220FE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C9D908BC-E9A1-40E6-978C-A5DBD8DB66C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/09/2019 07:04:03 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/09/2019 06:54:04 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=E98}
The client was unable to connect to an Application Virtualization Server (rc 24604E0A-40000193)
Error: (05/09/2019 06:54:04 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=E98}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7224.5000.sft'(rc 24604E0A-40000193, original rc 24604E0A-40000193).
Error: (05/09/2019 06:40:47 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/09/2019 01:46:45 AM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=F88}
The client was unable to connect to an Application Virtualization Server (rc 24604E0A-40000193)
Error: (05/09/2019 01:46:45 AM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=12:app=OfficeVirt 9014006604090000:tid=F88}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft....7224.5000.sft'(rc 24604E0A-40000193, original rc 24604E0A-40000193).
Error: (05/09/2019 01:33:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (05/09/2019 12:35:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (05/09/2019 06:53:14 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (05/09/2019 06:53:14 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (05/09/2019 06:53:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:51:31 AM on 09/05/2019 was unexpected.
Error: (05/09/2019 06:48:56 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (05/09/2019 06:48:56 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (05/09/2019 06:48:56 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (05/09/2019 06:48:56 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
Error: (05/09/2019 06:48:56 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.
CodeIntegrity:
===================================
Date: 2017-11-13 23:26:17.741
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-13 23:26:17.741
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-13 17:50:48.416
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-13 17:50:48.416
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-13 13:15:06.562
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-13 13:15:06.562
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-10 02:39:30.499
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-10 02:39:30.499
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Acer V2.01 09/13/2010
Motherboard: Acer JE51_DN
Processor: AMD Athlon II P340 Dual-Core Processor
Percentage of memory in use: 93%
Total physical RAM: 2810.9 MB
Available physical RAM: 186.71 MB
Total Virtual: 5619.94 MB
Available Virtual: 1835.9 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:201.79 GB) NTFS
\\?\Volume{da946445-c5b5-11e7-883c-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{da946444-c5b5-11e7-883c-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:1.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 7E675493)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================