# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-08-27.1 (Local)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-09-2019
# Duration: 00:00:54
# OS: Windows 8.1
# Scanned: 35522
# Detected: 70
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.PCOptimizer C:\ProgramData\AUTO-PC-CLEANER2019 FOR NEWMAN-HP-2000
Adware.PCOptimizer C:\Users\Harvey\AppData\Roaming\AUTO-PC-CLEANER2019 FOR NEWMAN-HP-2000
PUP.Optional.ByteFence C:\ProgramData\ByteFence
PUP.Optional.Legacy C:\Program Files\WinZip Smart Monitor
PUP.Optional.Legacy C:\Users\Harvey\AppData\Local\Downloaded Installers
PUP.Optional.Legacy C:\Users\Harvey\AppData\Local\YSearchUtil
PUP.Optional.MarketScore C:\Program Files (x86)\RelevantKnowledge
PUP.Optional.Reimage C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
PUP.Optional.Reimage C:\ProgramData\Reimage Protector
PUP.Optional.SlimCleanerPlus C:\Users\Harvey\AppData\Local\slimware utilities inc
PUP.Optional.WebBar C:\Program Files (x86)\WebDiscoverBrowser
PUP.Optional.WebBar C:\Users\Harvey\AppData\Roaming\WebDiscoverBrowser
PUP.Optional.WebBar C:\Windows\SysWOW64\config\systemprofile\AppData\Local\WebDiscoverBrowser
PUP.Optional.WinTonic C:\ProgramData\pctonics.com
PUP.Optional.WinTonic C:\Users\Harvey\AppData\Roaming\pctonics.com
PUP.Optional.WinZipDriverUpdater C:\Program Files\WinZip Driver Updater
***** [ Files ] *****
PUP.Optional.Reimage C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Adware.Heuristic C:\Windows\System32\Tasks\Start WinZip Registry Optimizer with delay for Newman-HP-2000@Harvey
PUP.Adware.Heuristic C:\Windows\Tasks\Start WinZip Registry Optimizer with delay for
[email protected]
***** [ Registry ] *****
Adware.PCOptimizer HKLM\Software\Auto-PC-Cleaner2019 For NEWMAN-HP-2000
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B69E9EA-F291-429F-8ADC-342CABB87F8B}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B69E9EA-F291-429F-8ADC-342CABB87F8B}
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start WinZip Registry Optimizer with delay for Newman-HP-2000@Harvey
PUP.Optional.AdvancedSystemCare HKLM\Software\scd-pr
PUP.Optional.BoostMyPC HKCU\Software\AppCleaner.com
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.bytefence.com
PUP.Optional.ByteFence HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
PUP.Optional.ByteFence HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
PUP.Optional.ByteFence HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
PUP.Optional.ByteFence HKU\.DEFAULT\Software\ByteFence
PUP.Optional.ByteFence HKU\S-1-5-18\Software\ByteFence
PUP.Optional.DocToPDFConverter HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pdfconverterhub.com
PUP.Optional.Driverdetails HKLM\Software\driverdetails.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\driverupdate.net
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hp.myway.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.driverupdate.net
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hp.myway.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKCU\Software\WebDiscoverBrowser
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Opera Browser Assistant
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WebDiscoverBrowser
PUP.Optional.Legacy HKLM\Software\WebDiscoverBrowser
PUP.Optional.Legacy HKLM\Software\Wow6432Node\WebDiscoverBrowser
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKU\.DEFAULT\Software\WebDiscoverBrowser
PUP.Optional.Legacy HKU\S-1-5-18\Software\WebDiscoverBrowser
PUP.Optional.MyWebSearch HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\myway.com
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.QuickMaps HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hquickmapsanddirections.com
PUP.Optional.Reimage HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
PUP.Optional.Reimage HKLM\Software\Reimage
PUP.Optional.Reimage HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
PUP.Optional.SlimCleanerPlus HKCU\Software\SlimWare Utilities Inc
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.TheBrightTag HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thebrighttag.com
PUP.Optional.WinTonic HKCU\Software\pctonics.com
PUP.Optional.WinTonic HKLM\Software\cGN0b25pY3MuY29t
PUP.Optional.WinTonic HKLM\Software\pctonics.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner_Debug.log - [16703 octets] - [09/09/2019 23:00:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Harvey (administrator) on NEWMAN-HP-2000 (Hewlett-Packard HP 2000 Notebook PC) (09-09-2019 23:09:26)
Running from C:\Users\Harvey\Desktop
Loaded Profiles: Harvey (Available Profiles: Harvey)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Facebook, Inc. -> Facebook) C:\Users\Harvey\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Facebook, Inc. -> The CefSharp Authors) C:\Users\Harvey\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Harvey\Desktop\adwcleaner_7.4.1.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKU\S-1-5-21-3523502841-1804454589-1998046877-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\On Hand Software\Treasures of the Ancients\callatla\Call of Atlantis Screensaver.scr [143360 2008-11-05] () [File not signed]
Startup: C:\Users\Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2019-07-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Harvey\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {24B17BC4-A6DC-45F6-BF64-9F626D55EBF7} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {2565302E-506C-4A0C-BDF7-C7FA63F5D133} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {2B315F2D-5EEB-45CA-89FA-5DDB0AA37FF3} - System32\Tasks\Norton Security Scan for Harvey => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.179\Nss.exe [848912 2019-02-15] (Symantec Corporation -> Symantec Corporation)
Task: {3BD0DF9F-B064-4B64-838F-0598C852A9A6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {624551F7-FE7B-4685-BB8B-BD167F479235} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {71FC84D5-38A0-4E7D-B230-86EFF20125E9} - System32\Tasks\Opera scheduled assistant Autoupdate 1547662973 => C:\Users\Harvey\AppData\Local\Programs\Opera\launcher.exe
Task: {74DCFCD5-9361-4B29-84ED-4EAC6462095A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {7B69E9EA-F291-429F-8ADC-342CABB87F8B} - System32\Tasks\Start WinZip Registry Optimizer with delay for Newman-HP-2000@Harvey => C:\Program Files\WinZip Registry Optimizer\RegistryOptimizer.exe
Task: {82090254-1899-4221-B0CB-CD402837FA80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {8E4908DF-6781-4762-AB33-5DC4EE0F2188} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {BA6BF6BC-D850-4FAB-A59A-4D5A869BDA10} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {CB36CE38-5737-4E02-8622-CC6F725FB6F7} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3523502841-1804454589-1998046877-1001UA => C:\Users\Harvey\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [160200 2019-01-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D4ADDC3C-D2A9-4AE0-8A9A-413E07EF522F} - System32\Tasks\Opera scheduled Autoupdate 1547662293 => C:\Users\Harvey\AppData\Local\Programs\Opera\launcher.exe
Task: {F479AE57-01F3-4CA1-9F70-89B9F08B858A} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3523502841-1804454589-1998046877-1001Core => C:\Users\Harvey\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [160200 2019-01-16] (Brave Software, Inc. -> BraveSoftware Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Start WinZip Registry Optimizer with delay for
[email protected] => C:\Program Files\WinZip Registry Optimizer\RegistryOptimizer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{635851A6-1FB3-493E-8470-BC1B763A936A}: [DhcpNameServer] 192.168.22.1
Tcpip\..\Interfaces\{E52F945D-DC68-4071-A3C2-79B3EEBAD3D0}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=US&ver=22.17.2.47&locale=US_en&guid=EA5B0F3D-C175-414E-94F5-96BA32D8052E&doi=2019-01-03&o=APN11913&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001 -> {76843778-46A2-4A37-900A-AFC1F58A6F43} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_hp&type=oo_hpset
SearchScopes: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=US&ver=22.17.2.47&locale=US_en&guid=EA5B0F3D-C175-414E-94F5-96BA32D8052E&doi=2019-01-03&o=APN11913&gct=kwd&qsrc=2869
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-25] (Google Inc -> Google Inc.)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Harvey\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2019-02-13] (Dashlane USA, Inc. -> Dashlane, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-25] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-25] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Harvey\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2019-02-13] (Dashlane USA, Inc. -> Dashlane, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FireFox:
========
FF HKU\S-1-5-21-3523502841-1804454589-1998046877-1001\...\Firefox\Extensions: [ff_hpset@jetpack] - C:\Users\Harvey\AppData\Local\Yahoo\yset\
[email protected]
FF Extension: (Yahoo Homepage) - C:\Users\Harvey\AppData\Local\Yahoo\yset\
[email protected] [2019-06-14]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3523502841-1804454589-1998046877-1001: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Users\Harvey\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-01-16] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin HKU\S-1-5-21-3523502841-1804454589-1998046877-1001: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Users\Harvey\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-01-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209552 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263008 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [282768 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169408 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [478096 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387176 2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2016-05-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows ® Win 7 DDK provider)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2013-02-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-09 23:05 - 2019-09-09 23:05 - 000007904 _____ C:\Users\Harvey\Desktop\AdwCleaner[S00].txt
2019-09-09 23:00 - 2019-09-09 23:01 - 000000000 ____D C:\AdwCleaner
2019-09-09 23:00 - 2019-09-09 22:30 - 007636680 _____ (Malwarebytes) C:\Users\Harvey\Desktop\adwcleaner_7.4.1.exe
2019-09-09 21:58 - 2019-09-09 21:58 - 000000000 ____D C:\Users\Harvey\AppData\Local\mbam
2019-09-09 21:57 - 2019-09-09 21:57 - 000000000 ____D C:\Users\Harvey\AppData\Local\mbamtray
2019-09-09 21:56 - 2019-09-09 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-09 21:55 - 2019-09-08 21:44 - 066395016 _____ (Malwarebytes ) C:\Users\Harvey\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12373.exe
2019-09-08 17:46 - 2019-09-08 17:46 - 000363912 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-09-08 17:46 - 2019-09-08 17:46 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-09-08 17:46 - 2019-09-08 17:46 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-09-08 13:56 - 2019-09-08 13:56 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-09-08 13:37 - 2019-09-08 13:41 - 000010800 _____ C:\Users\Harvey\Desktop\Fixlog.txt
2019-09-08 10:50 - 2019-09-08 10:50 - 000004216 _____ C:\Windows\System32\Tasks\Norton Security Scan for Harvey
2019-09-08 10:50 - 2019-09-08 10:50 - 000001484 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2019-09-08 10:50 - 2019-09-08 10:50 - 000000000 ____D C:\Windows\system32\Drivers\NSSx64
2019-09-08 10:50 - 2019-09-08 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2019-09-08 10:50 - 2019-09-08 10:50 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2019-09-08 10:50 - 2019-09-08 10:50 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2019-09-08 10:27 - 2019-09-09 23:09 - 000000000 ____D C:\Users\Harvey\Desktop\FRST-OlderVersion
2019-09-08 09:08 - 2019-09-08 09:11 - 000000362 _____ C:\Windows\Tasks\Start WinZip Registry Optimizer with delay for
[email protected]
2019-09-08 09:08 - 2019-09-08 09:08 - 000002760 _____ C:\Windows\System32\Tasks\Start WinZip Registry Optimizer with delay for Newman-HP-2000@Harvey
2019-09-03 17:06 - 2019-09-03 17:10 - 000028944 _____ C:\Users\Harvey\Desktop\Addition.txt
2019-09-03 17:01 - 2019-09-09 23:10 - 000016194 _____ C:\Users\Harvey\Desktop\FRST.txt
2019-09-03 17:01 - 2019-09-09 23:09 - 000000000 ____D C:\FRST
2019-09-03 16:52 - 2019-09-09 23:09 - 001614848 _____ (Farbar) C:\Users\Harvey\Desktop\FRST64.exe
2019-08-31 19:36 - 2019-09-08 08:41 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2019-08-19 16:20 - 2019-02-20 22:53 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll
2019-08-19 16:20 - 2019-02-20 22:53 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll
2019-08-19 16:19 - 2019-03-28 05:11 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2019-08-19 16:19 - 2019-03-28 05:09 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2019-08-19 16:19 - 2019-02-20 22:53 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll
2019-08-19 16:19 - 2019-02-20 22:53 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll
2019-08-19 16:18 - 2019-03-28 05:11 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2019-08-19 16:18 - 2019-03-28 05:09 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2019-08-19 16:17 - 2019-02-20 22:53 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll
2019-08-19 16:17 - 2019-02-20 22:53 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll
2019-08-13 17:23 - 2019-08-03 23:37 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-13 17:23 - 2019-08-03 22:02 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-13 17:23 - 2019-08-03 21:54 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-08-13 17:23 - 2019-08-03 21:51 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-13 17:23 - 2019-08-03 21:22 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-08-13 17:23 - 2019-08-03 21:21 - 020291584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-13 17:23 - 2019-08-03 21:14 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-13 17:23 - 2019-08-03 21:11 - 015390720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-13 17:23 - 2019-08-03 21:04 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-13 17:23 - 2019-08-03 21:01 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-13 17:23 - 2019-08-03 20:54 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-13 17:23 - 2019-08-03 20:50 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-08-13 17:23 - 2019-08-03 20:40 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-08-13 17:23 - 2019-08-03 20:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-08-13 17:23 - 2019-08-03 20:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-08-13 17:23 - 2019-08-03 20:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-13 17:23 - 2019-08-03 20:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-13 17:23 - 2019-08-03 20:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-13 17:23 - 2019-08-03 20:06 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-08-13 17:23 - 2019-08-03 20:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-08-13 17:23 - 2019-07-09 23:46 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-13 17:23 - 2019-07-09 23:11 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-13 17:23 - 2019-07-09 23:11 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-08-13 17:23 - 2019-07-09 23:09 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-08-13 17:23 - 2019-07-09 23:09 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2019-08-13 17:23 - 2019-07-09 22:58 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-08-13 17:23 - 2019-07-09 22:56 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-13 17:23 - 2019-07-09 22:56 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-13 17:23 - 2019-07-09 22:53 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-13 17:23 - 2019-07-09 22:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-08-13 17:23 - 2019-07-09 22:47 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2019-08-13 17:23 - 2019-07-09 22:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-08-13 17:23 - 2019-07-09 22:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-08-13 17:23 - 2019-07-09 22:38 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-13 17:23 - 2019-07-09 22:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-13 17:23 - 2019-07-06 11:02 - 006217216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-13 17:23 - 2019-07-06 10:58 - 007035392 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-08-13 17:22 - 2019-07-19 01:59 - 004169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-08-13 17:22 - 2019-07-15 22:46 - 001368288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-08-13 17:22 - 2019-07-15 22:40 - 002535456 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-13 17:22 - 2019-07-15 22:35 - 007363048 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-13 17:22 - 2019-07-15 22:35 - 001902960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-13 17:22 - 2019-07-15 22:30 - 001136760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-13 17:22 - 2019-07-15 21:42 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-08-13 17:22 - 2019-07-13 17:28 - 001385912 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-13 17:22 - 2019-07-13 15:44 - 001124800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-13 17:22 - 2019-07-11 02:07 - 000804872 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-13 17:22 - 2019-07-11 02:02 - 002446072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-13 17:22 - 2019-07-11 00:21 - 000611656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-13 17:22 - 2019-07-10 23:58 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2019-08-13 17:22 - 2019-07-10 23:58 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2019-08-13 17:22 - 2019-07-10 23:35 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-13 17:22 - 2019-07-10 23:30 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
2019-08-13 17:22 - 2019-07-10 23:04 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2019-08-13 17:22 - 2019-07-10 22:58 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 17:22 - 2019-07-10 22:54 - 001756672 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-13 17:22 - 2019-07-10 22:54 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-13 17:22 - 2019-07-10 22:52 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-13 17:22 - 2019-07-10 22:49 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-13 17:22 - 2019-07-10 22:46 - 000391168 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-13 17:22 - 2019-07-10 22:46 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-13 17:22 - 2019-07-10 22:44 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 17:22 - 2019-07-10 22:43 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-13 17:22 - 2019-07-10 22:42 - 001492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-13 17:22 - 2019-07-10 22:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-13 17:22 - 2019-07-10 22:39 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-13 17:22 - 2019-07-10 22:32 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-13 17:22 - 2019-07-10 20:43 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-13 17:22 - 2019-07-10 20:43 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-13 17:22 - 2019-07-10 20:43 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-13 17:22 - 2019-07-10 10:06 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-13 17:22 - 2019-07-10 10:06 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-13 17:22 - 2019-07-10 09:44 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-13 17:22 - 2019-07-10 09:44 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-13 17:22 - 2019-07-09 23:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-08-13 17:22 - 2019-07-09 22:48 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-08-13 17:22 - 2019-07-09 13:13 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-08-13 17:22 - 2019-07-09 13:13 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-08-13 17:22 - 2019-07-09 13:13 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2019-08-13 17:22 - 2019-07-09 13:13 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2019-08-13 17:22 - 2019-07-09 12:58 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-08-13 17:22 - 2019-07-09 12:58 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-08-13 17:22 - 2019-07-09 12:58 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2019-08-13 17:22 - 2019-07-09 12:58 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2019-08-13 17:22 - 2019-07-06 11:58 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2019-08-13 17:22 - 2019-07-06 11:43 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2019-08-13 17:22 - 2019-07-06 11:02 - 003277824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-08-13 17:22 - 2019-07-06 10:58 - 003825152 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-08-13 17:22 - 2019-07-06 10:58 - 003551232 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-08-13 17:22 - 2019-06-29 14:07 - 000230752 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-13 17:22 - 2019-06-29 13:50 - 000186024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-09 22:12 - 2017-12-07 19:16 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3523502841-1804454589-1998046877-1001
2019-09-09 21:55 - 2014-11-21 04:44 - 000053526 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-09 21:55 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2019-09-09 21:53 - 2019-01-15 00:51 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-09-09 21:51 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-08 17:47 - 2019-01-15 00:50 - 000478096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-09-08 17:46 - 2019-02-22 11:02 - 000282768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000387176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000263008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-09-08 17:46 - 2019-01-15 00:50 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-09-08 13:42 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-09-08 10:50 - 2017-12-08 16:32 - 000000000 ____D C:\ProgramData\Norton
2019-09-08 09:55 - 2019-01-16 12:59 - 000000000 ____D C:\Program Files\WinZip Smart Monitor
2019-09-08 09:55 - 2019-01-16 12:58 - 000000000 ____D C:\Program Files\WinZip Driver Updater
2019-09-08 09:36 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2019-09-08 08:41 - 2013-08-22 11:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-09-08 08:41 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-09-08 08:39 - 2017-12-08 16:34 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-09-04 06:58 - 2017-12-07 22:11 - 000000000 ____D C:\Users\Harvey
2019-09-03 00:32 - 2019-01-19 14:04 - 000000036 _____ C:\Users\Harvey\AppData\Roaming\WB.CFG
2019-09-02 11:21 - 2019-01-16 14:22 - 000004338 _____ C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1547662973
2019-09-01 12:01 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2019-08-29 20:06 - 2019-01-17 10:35 - 000000000 ____D C:\Users\Harvey\Downloads\opera autoupdate
2019-08-28 16:21 - 2019-01-16 12:57 - 000002563 _____ C:\Users\Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2019-08-28 16:21 - 2019-01-16 12:57 - 000002526 _____ C:\Users\Harvey\Desktop\Brave.lnk
2019-08-23 19:06 - 2017-12-08 14:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-22 10:52 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2019-08-17 11:06 - 2017-12-08 17:16 - 000000000 ____D C:\Program Files\Common Files\AV
2019-08-15 19:30 - 2017-12-08 14:19 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-08-15 18:06 - 2013-08-22 10:44 - 000337808 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-15 18:01 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-08-15 17:33 - 2017-12-07 23:10 - 000000000 ____D C:\Windows\system32\MRT
2019-08-15 17:27 - 2017-12-07 23:09 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-13 10:29 - 2018-03-13 18:33 - 000000000 ____D C:\Users\Harvey\AppData\Local\CrashDumps
==================== Files in the root of some directories ================
2019-01-19 14:04 - 2019-09-03 00:32 - 000000036 _____ () C:\Users\Harvey\AppData\Roaming\WB.CFG
2019-07-18 13:22 - 2019-07-18 13:22 - 000000000 _____ () C:\Users\Harvey\AppData\Local\BIT385B.tmp
2019-05-10 16:22 - 2019-05-10 16:22 - 000000000 _____ () C:\Users\Harvey\AppData\Local\{8E665055-A143-46F2-8D7B-A26296F83B6F}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-09 03:42
==================== End of FRST.txt ============================
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Harvey (09-09-2019 23:12:00)
Running from C:\Users\Harvey\Desktop
Windows 8.1 (Update) (X64) (2017-12-08 02:11:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3523502841-1804454589-1998046877-500 - Administrator - Disabled)
Guest (S-1-5-21-3523502841-1804454589-1998046877-501 - Limited - Disabled)
Harvey (S-1-5-21-3523502841-1804454589-1998046877-1001 - Administrator - Enabled) => C:\Users\Harvey
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Brave (HKU\S-1-5-21-3523502841-1804454589-1998046877-1001\...\BraveSoftware Brave-Browser) (Version: 76.0.68.132 - Brave Software Inc)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Dashlane (HKU\S-1-5-21-3523502841-1804454589-1998046877-1001\...\Dashlane) (Version: 6.1907.0.17833 - Dashlane, Inc.)
Facebook Gameroom 1.21.6907.27509 (HKLM-x32\...\{E34773A0-158F-4322-8849-2C13BBCD6C68}) (Version: 1.21.6907.27509 - Facebook)
Frankenstein - The Village (HKLM-x32\...\Frankenstein - The Village1.0) (Version: 1.0 - Digital Download)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.179 - Symantec Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Treasures of the Ancients (HKLM-x32\...\{AB033CC1-DDB1-4BAA-844C-EBE6A710A045}) (Version: 1.0.0 - On Hand Software)
Packages:
=========
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.212_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.212_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.212_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.213_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.212_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.212_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.214_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.320.0_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c [2019-02-17] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.344.0_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\Harvey\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\Harvey\AppData\Local\BraveSoftware\Brave-Browser\Application\76.0.68.132\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001_Classes\CLSID\{C08BA3C2-E6F8-4F89-A2AF-1719847F5570}\InprocServer32 -> C:\Users\Harvey\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-3523502841-1804454589-1998046877-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-08] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-07-04 22:33 - 2014-07-04 22:33 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 000774656 _____ () [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 001184256 _____ () [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\CefSharp.Core.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 071641088 _____ () [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\libcef.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 000078848 _____ () [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\libegl.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 003149824 _____ () [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\libglesv2.dll
2014-07-04 22:30 - 2014-07-04 22:30 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2014-07-04 22:30 - 2014-07-04 22:30 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2018-11-29 15:19 - 2018-11-29 15:19 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\Harvey\AppData\Local\Facebook\Games\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2019-09-08 09:43 - 000002105 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3523502841-1804454589-1998046877-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
MSCONFIG\startupreg: BraveSoftware Update => C:\Users\Harvey\AppData\Local\BraveSoftware\Update\1.3.99.0\BraveUpdateCore.exe
MSCONFIG\startupreg: Dashlane => "C:\Users\Harvey\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
MSCONFIG\startupreg: DashlanePlugin => "C:\Users\Harvey\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws
MSCONFIG\startupreg: Opera Browser Assistant => C:\Users\Harvey\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{87D08BCF-B722-4240-B063-9BDE96F10300}] => (Allow) C:\Users\Harvey\AppData\Local\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{B7287EF2-74E1-4AB6-B375-ADC8E3A5CEE2}] => (Allow) C:\Users\Harvey\AppData\Local\Programs\Opera\57.0.3098.91\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{09AF2562-6134-47FE-9D5F-2C72702C6CAA}] => (Allow) C:\Users\Harvey\AppData\Local\Programs\Opera\62.0.3331.99\opera.exe No File
FirewallRules: [{904CD01B-4EB9-493F-A7FF-A5DF55954793}] => (Allow) C:\Users\Harvey\AppData\Local\Programs\Opera\62.0.3331.116\opera.exe No File
==================== Restore Points =========================
19-08-2019 16:13:53 Windows Update
01-09-2019 11:56:47 Windows Update
08-09-2019 09:40:37 Removed DriverUpdate
08-09-2019 13:37:55 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/01/2019 10:04:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 4a4
Start Time: 01d5612ad621d4a2
Termination Time: 274
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: fc844190-cd25-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (09/01/2019 07:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a04
Start Time: 01d560f0ffeb4630
Termination Time: 501
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: b6c76297-cd11-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (09/01/2019 02:13:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: dbc
Start Time: 01d560f05421cd90
Termination Time: 1387
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 3b89429a-cce4-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (09/01/2019 02:08:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 18e0
Start Time: 01d560ee89625b72
Termination Time: 3430
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 8e9f11a0-cce3-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (09/01/2019 01:56:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1504
Start Time: 01d560ee5d5f01cd
Termination Time: 684
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: c64a6ac5-cce1-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (08/31/2019 02:51:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: e7c
Start Time: 01d5602cf40997bf
Termination Time: 3248
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 446949c0-cc20-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (08/31/2019 02:50:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: cc8
Start Time: 01d5602cdb25e13c
Termination Time: 80
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 314088a5-cc20-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
Error: (08/31/2019 02:49:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19036 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 544
Start Time: 01d5602cb85ef896
Termination Time: 749
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 16df545b-cc20-11e9-847e-2c59e5a50239
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/09/2019 03:43:52 AM) (Source: DCOM) (EventID: 10010) (User: Newman-HP-2000)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (09/09/2019 03:43:22 AM) (Source: DCOM) (EventID: 10010) (User: Newman-HP-2000)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (09/08/2019 01:37:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (09/08/2019 01:37:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/08/2019 01:37:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DigitalTrailEHF service failed to start due to the following error:
Access is denied.
Error: (09/08/2019 01:37:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/08/2019 01:37:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The DigitalTrailEHF service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
Error: (09/08/2019 01:37:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
===================================
Date: 2017-12-07 18:51:34.850
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
==================== Memory info ===========================
BIOS: Insyde F.22 10/25/2012
Motherboard: Hewlett-Packard 188B
Processor: AMD E2-1800 APU with Radeon HD Graphics
Percentage of memory in use: 41%
Total physical RAM: 3682.27 MB
Available physical RAM: 2144.96 MB
Total Virtual: 12386.27 MB
Available Virtual: 10860.94 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.25 GB) (Free:420.97 GB) NTFS
Drive e: (STORE N GO) (Removable) (Total:7.46 GB) (Free:7.45 GB) FAT32
\\?\Volume{018b6d98-1574-40ff-803b-7310637ece49}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 13440112)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: 5CAD41CF)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)
==================== End of Addition.txt ============================