Hi. I don't know how I picked it up but when I ran a scan with Adwcleaner it came up with 2 of them. It quarantined them but my question is does that mean it can no longer cause any problems? When I did a scan with Adwcleaner again it still showed up in the results. I scanned with Malwarebytes first also but it didn't come up with anything. I located the infections in the HKEY_LOCAL_MACHINE part of the registry but wasn't sure it would be safe to delete them or not because I don't have that kind of knowledge and know how. That's when I figured out that I needed to turn to the experts 
I included the FRST logs.Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by lilunit (administrator) on LILUNIT-PC (09-08-2018 19:14:16)
Running from C:\Users\lilunit\Desktop
Loaded Profiles: lilunit (Available Profiles: lilunit & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(HP Inc.) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\HP Button Manager\BM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\...\Run: [HP OfficeJet 4650 series (NET)] => C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (HP Inc.)
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\...\MountPoints2: G - G:\LaunchU3.exe
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Button Manager.lnk [2011-11-08]
ShortcutTarget: HP Button Manager.lnk -> C:\Program Files (x86)\HP Button Manager\BM.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk [2010-01-11]
ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2009-08-27]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5E915321-8DA2-4165-92F3-6FD74CEBA3CB}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\coIEPlg.dll [2018-08-05] (Symantec Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.15.0.88\coIEPlg.dll [2018-08-05] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\coIEPlg.dll [2018-08-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.15.0.88\coIEPlg.dll [2018-08-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3011760224-3171145470-2920118788-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\coIEPlg.dll [2018-08-05] (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2018-03-07] (Skype Technologies)
FireFox:
========
FF DefaultProfile: yphvjjyv.default-1432828552183-1531545634705
FF ProfilePath: C:\Users\lilunit\AppData\Roaming\Mozilla\Firefox\Profiles\yphvjjyv.default-1432828552183-1531545634705 [2018-08-09]
FF Extension: (Adblock Plus) - C:\Users\lilunit\AppData\Roaming\Mozilla\Firefox\Profiles\yphvjjyv.default-1432828552183-1531545634705\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-08-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-08-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-09-26] (SUPERAntiSpyware.com)
R3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 EFS; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 Netlogon; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation)
S3 ProtectedStorage; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
R2 SamSs; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VaultSvc; C:\Windows\SysWOW64\lsass.exe [0 2013-11-16] () <==== ATTENTION (zero byte File/Folder)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20180806.001\BHDrvx64.sys [1919568 2018-07-02] (Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\160F000.058\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-03-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153168 2018-07-12] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180808.063_db7\IDSvia64.sys [1298000 2018-05-22] (Symantec Corporation)
R1 JSWPSLWF; C:\Windows\SysWOW64\DRIVERS\jswpslwfx.sys [26624 2008-10-01] (Atheros Communications, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-09] (Malwarebytes)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\160F000.058\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\160F000.058\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\160F000.058\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation)
R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Symantec Corporation)
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [X]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\SDSDefs\20170416.007\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\SDSDefs\20170416.007\NAVEX15.SYS [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-09 19:14 - 2018-08-09 19:16 - 000017437 _____ C:\Users\lilunit\Desktop\FRST.txt
2018-08-09 19:14 - 2018-08-09 19:14 - 000000000 ____D C:\FRST
2018-08-09 19:12 - 2018-08-09 19:12 - 002412544 _____ (Farbar) C:\Users\lilunit\Desktop\FRST64.exe
2018-08-09 19:04 - 2018-08-09 19:04 - 000000416 _____ C:\DelFix.txt
2018-08-09 15:49 - 2018-08-09 15:49 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2018-08-09 03:15 - 2018-08-09 03:15 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2018-08-09 03:15 - 2018-08-09 03:15 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
2018-08-08 23:34 - 2018-08-09 03:49 - 000000000 ____D C:\Users\lilunit\AppData\Roaming\IObit
2018-08-08 23:34 - 2018-08-09 03:49 - 000000000 ____D C:\Users\lilunit\AppData\LocalLow\IObit
2018-08-08 23:34 - 2018-08-09 03:49 - 000000000 ____D C:\ProgramData\IObit
2018-08-08 23:34 - 2018-08-08 23:34 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2018-08-08 23:09 - 2018-08-08 23:10 - 000000000 ____D C:\1e20fd8f826e49ce890ba12ca5ecd3
2018-08-08 23:07 - 2018-08-09 18:52 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-08 23:00 - 2018-08-08 23:10 - 000002052 _____ C:\Windows\epplauncher.mif
2018-08-08 22:11 - 2018-08-08 22:11 - 000025567 _____ C:\ProgramData\agent.uninstall.1533784263.bdinstall.bin
2018-08-08 21:25 - 2018-08-08 22:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-08-08 21:07 - 2018-08-08 21:07 - 000042638 _____ C:\ProgramData\agent.1533780434.bdinstall.bin
2018-08-08 21:07 - 2018-08-08 21:07 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-08-08 19:03 - 2018-08-08 19:03 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2018-08-08 18:58 - 2018-08-08 18:58 - 000003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2018-08-08 18:57 - 2018-08-08 22:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2018-08-08 17:36 - 2018-08-08 17:42 - 000000000 ____D C:\ProgramData\Emsisoft
2018-08-08 17:34 - 2018-08-08 18:18 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-08-08 06:54 - 2018-08-08 06:54 - 000000000 ____D C:\Users\lilunit\AppData\Local\ESET
2018-08-08 03:09 - 2018-08-08 03:09 - 000000000 ____D C:\Users\lilunit\AppData\Local\Zemana
2018-08-08 02:54 - 2018-08-08 03:05 - 000000000 ____D C:\ProgramData\HitmanPro
2018-07-12 00:43 - 2018-07-12 00:43 - 000002697 _____ C:\Users\Public\Desktop\Skype.lnk
2018-07-12 00:43 - 2018-07-12 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-12 00:36 - 2018-07-12 00:40 - 058834376 _____ (Skype Technologies S.A.) C:\Users\lilunit\Downloads\SkypeSetupFull.exe
2018-07-11 12:01 - 2018-06-13 11:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-11 12:01 - 2018-06-13 11:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-11 12:01 - 2018-06-08 08:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-11 12:01 - 2018-06-08 08:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-11 12:00 - 2018-06-20 19:58 - 000398376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-11 12:00 - 2018-06-20 19:00 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-11 12:00 - 2018-06-16 12:07 - 025743872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-11 12:00 - 2018-06-16 11:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-07-11 12:00 - 2018-06-16 11:46 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-07-11 12:00 - 2018-06-16 11:36 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-11 12:00 - 2018-06-16 11:33 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-11 12:00 - 2018-06-16 11:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-07-11 12:00 - 2018-06-16 11:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-11 12:00 - 2018-06-16 11:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-07-11 12:00 - 2018-06-16 11:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-07-11 12:00 - 2018-06-16 11:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-07-11 12:00 - 2018-06-16 11:27 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-11 12:00 - 2018-06-16 11:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-07-11 12:00 - 2018-06-16 11:23 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-07-11 12:00 - 2018-06-16 11:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-07-11 12:00 - 2018-06-16 11:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-07-11 12:00 - 2018-06-16 11:19 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-07-11 12:00 - 2018-06-16 11:19 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-11 12:00 - 2018-06-16 11:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-07-11 12:00 - 2018-06-16 11:19 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-07-11 12:00 - 2018-06-16 11:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-07-11 12:00 - 2018-06-16 11:08 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-07-11 12:00 - 2018-06-16 11:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-11 12:00 - 2018-06-16 11:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-07-11 12:00 - 2018-06-16 11:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-07-11 12:00 - 2018-06-16 11:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-07-11 12:00 - 2018-06-16 11:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-07-11 12:00 - 2018-06-16 11:02 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-11 12:00 - 2018-06-16 11:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-07-11 12:00 - 2018-06-16 11:02 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-07-11 12:00 - 2018-06-16 11:01 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-07-11 12:00 - 2018-06-16 10:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-07-11 12:00 - 2018-06-16 10:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-07-11 12:00 - 2018-06-16 10:58 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-07-11 12:00 - 2018-06-16 10:57 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-07-11 12:00 - 2018-06-16 10:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-07-11 12:00 - 2018-06-16 10:56 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-11 12:00 - 2018-06-16 10:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-07-11 12:00 - 2018-06-16 10:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-07-11 12:00 - 2018-06-16 10:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-07-11 12:00 - 2018-06-16 10:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-07-11 12:00 - 2018-06-16 10:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-07-11 12:00 - 2018-06-16 10:46 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-11 12:00 - 2018-06-16 10:44 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-07-11 12:00 - 2018-06-16 10:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-11 12:00 - 2018-06-16 10:42 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-11 12:00 - 2018-06-16 10:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-07-11 12:00 - 2018-06-16 10:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-07-11 12:00 - 2018-06-16 10:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-07-11 12:00 - 2018-06-16 10:40 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-07-11 12:00 - 2018-06-16 10:39 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-11 12:00 - 2018-06-16 10:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-07-11 12:00 - 2018-06-16 10:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-07-11 12:00 - 2018-06-16 10:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-07-11 12:00 - 2018-06-16 10:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-07-11 12:00 - 2018-06-16 10:34 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-11 12:00 - 2018-06-16 10:32 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-11 12:00 - 2018-06-16 10:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-07-11 12:00 - 2018-06-16 10:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-11 12:00 - 2018-06-16 10:28 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-11 12:00 - 2018-06-16 10:27 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-11 12:00 - 2018-06-16 10:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-07-11 12:00 - 2018-06-16 10:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-11 12:00 - 2018-06-16 10:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-11 12:00 - 2018-06-16 10:05 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-11 12:00 - 2018-06-16 10:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-11 12:00 - 2018-06-16 10:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-11 12:00 - 2018-06-13 11:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-11 12:00 - 2018-06-13 11:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-11 12:00 - 2018-06-13 10:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-11 12:00 - 2018-06-13 10:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-11 12:00 - 2018-06-13 10:40 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-11 12:00 - 2018-06-08 11:27 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-11 12:00 - 2018-06-08 11:27 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-11 12:00 - 2018-06-08 11:27 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-07-11 12:00 - 2018-06-08 11:27 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-11 12:00 - 2018-06-08 11:27 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-11 12:00 - 2018-06-08 11:23 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-11 12:00 - 2018-06-08 11:22 - 001665344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-11 12:00 - 2018-06-08 11:21 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-11 12:00 - 2018-06-08 11:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-11 12:00 - 2018-06-08 11:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 11:02 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-07-11 12:00 - 2018-06-08 11:02 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-07-11 12:00 - 2018-06-08 10:57 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-07-11 12:00 - 2018-06-08 10:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-11 12:00 - 2018-06-08 10:44 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-11 12:00 - 2018-06-08 10:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-11 12:00 - 2018-06-08 10:44 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-11 12:00 - 2018-06-08 10:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-07-11 12:00 - 2018-06-08 10:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-11 12:00 - 2018-06-08 10:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-07-11 12:00 - 2018-06-08 10:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-07-11 12:00 - 2018-06-08 10:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-11 12:00 - 2018-06-08 10:34 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-11 12:00 - 2018-06-08 10:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-11 12:00 - 2018-06-08 10:33 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-07-11 12:00 - 2018-06-08 10:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-11 12:00 - 2018-06-08 10:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-11 12:00 - 2018-06-08 10:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-11 12:00 - 2018-06-08 10:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-07-11 12:00 - 2018-06-08 10:21 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-07-11 12:00 - 2018-06-08 10:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-07-11 12:00 - 2018-06-08 10:21 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-07-11 12:00 - 2018-06-08 10:21 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-07-11 12:00 - 2018-06-08 10:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-07-11 12:00 - 2018-06-08 10:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-07-11 12:00 - 2018-06-08 10:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-07-11 12:00 - 2018-06-07 11:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-11 12:00 - 2018-06-07 11:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-11 12:00 - 2018-06-07 11:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-11 12:00 - 2018-06-07 11:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-11 12:00 - 2018-06-07 10:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-11 12:00 - 2018-06-07 10:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-11 12:00 - 2018-06-07 10:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-11 12:00 - 2018-05-31 11:28 - 001893568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-11 12:00 - 2018-05-31 11:28 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-07-11 12:00 - 2018-05-31 11:28 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 12:00 - 2018-05-02 10:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-11 12:00 - 2018-05-02 10:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-11 12:00 - 2018-04-26 08:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-11 12:00 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-11 12:00 - 2018-04-25 11:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-11 12:00 - 2018-04-25 10:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-09 19:13 - 2016-11-15 11:28 - 000000000 ____D C:\Users\lilunit\AppData\LocalLow\Mozilla
2018-08-09 19:09 - 2009-07-13 23:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-09 19:09 - 2009-07-13 23:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-09 19:03 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-08-09 19:02 - 2011-12-08 02:32 - 000000000 ____D C:\Users\lilunit\AppData\Roaming\Skype
2018-08-09 18:52 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-09 15:47 - 2016-12-07 21:28 - 000000000 ____D C:\Users\lilunit\AppData\Local\CrashDumps
2018-08-09 15:34 - 2009-07-14 00:13 - 000819142 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-09 03:19 - 2015-12-14 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-08-09 03:19 - 2013-02-09 17:25 - 000000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2018-08-09 03:19 - 2009-08-27 23:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2018-08-09 02:51 - 2010-07-05 21:01 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-09 02:22 - 2009-07-14 00:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-08-08 22:09 - 2016-11-29 00:21 - 000002293 _____ C:\Users\Public\Desktop\Norton Security.lnk
2018-08-08 22:03 - 2016-06-06 23:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-08-08 19:23 - 2015-08-10 12:07 - 000000000 ____D C:\Program Files\Common Files\AV
2018-08-08 18:58 - 2018-02-27 12:37 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2018-08-08 18:55 - 2018-02-07 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-08 18:55 - 2015-05-28 10:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-08 18:44 - 2014-05-08 00:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-08 18:44 - 2012-02-18 16:14 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-08 18:42 - 2014-05-08 00:25 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-08-08 18:37 - 2018-04-24 19:23 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-08 18:37 - 2016-12-15 09:30 - 000000000 ____D C:\Users\lilunit\AppData\Local\Adobe
2018-08-08 18:37 - 2012-10-30 00:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-08 18:37 - 2012-01-03 01:16 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-08 18:37 - 2011-11-02 23:48 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-08 18:37 - 2009-08-27 23:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-08 18:35 - 2010-01-01 00:06 - 000000000 ____D C:\Users\lilunit
2018-08-08 18:15 - 2018-04-22 13:23 - 000000000 ____D C:\Users\DefaultAppPool
2018-08-08 18:15 - 2016-11-29 00:20 - 000000000 ____D C:\Program Files (x86)\Norton Security
2018-08-08 18:15 - 2015-05-12 14:54 - 000000000 ____D C:\ProgramData\RogueKiller
2018-08-08 18:15 - 2014-11-21 15:00 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-08-08 18:15 - 2010-01-03 21:45 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2018-08-08 18:15 - 2009-08-27 23:52 - 000000000 ____D C:\ProgramData\Norton
2018-08-08 18:15 - 2009-08-27 23:44 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-08-08 18:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-08 18:14 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2018-08-08 17:29 - 2017-01-12 03:22 - 000000000 ____D C:\Users\lilunit\AppData\Local\NPE
2018-08-08 17:26 - 2014-05-08 00:16 - 000000000 ____D C:\NPE
2018-08-08 03:55 - 2014-04-02 23:15 - 000000000 ____D C:\Windows\Minidump
2018-07-25 18:08 - 2011-11-08 19:04 - 000000000 ____D C:\Program Files (x86)\HP Button Manager
2018-07-19 23:46 - 2017-01-23 22:19 - 000000000 ____D C:\WebCam Media
2018-07-19 20:04 - 2014-02-27 04:04 - 000811264 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-13 14:28 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-07-12 20:52 - 2015-07-13 16:20 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-12 20:50 - 2017-12-22 10:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-12 20:28 - 2014-12-11 06:21 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-12 20:04 - 2013-08-15 03:01 - 000000000 ____D C:\Windows\system32\MRT
2018-07-12 00:43 - 2011-12-08 02:32 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-07-12 00:43 - 2011-12-08 02:32 - 000000000 ____D C:\ProgramData\Skype
2018-07-12 00:37 - 2018-03-22 20:21 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
==================== Files in the root of some directories =======
2016-11-29 00:20 - 2016-11-29 00:20 - 164634056 _____ (Symantec Corporation) C:\Users\lilunit\NS-ESD-Def-22.8.1.14-EN.exe
2017-01-12 02:47 - 2017-01-12 05:20 - 000007618 _____ () C:\Users\lilunit\AppData\Local\resmon.resmoncfg
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\winlogon.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-07 14:38
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by lilunit (09-08-2018 19:16:49)
Running from C:\Users\lilunit\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-01-01 05:06:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3011760224-3171145470-2920118788-500 - Administrator - Disabled)
Guest (S-1-5-21-3011760224-3171145470-2920118788-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3011760224-3171145470-2920118788-1002 - Limited - Enabled)
lilunit (S-1-5-21-3011760224-3171145470-2920118788-1000 - Administrator - Enabled) => C:\Users\lilunit
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Norton Security (Enabled - Up to date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{CF2371B6-8422-49DB-908B-14B67C074667}) (Version: 2.0.11.106 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{1A5B672C-66B6-43C4-8265-9B1D49462EA0}) (Version: 3.0.42.340 - ArcSoft)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Button Manager (HKLM-x32\...\{CA634931-0CC3-4067-ABCC-7182E1DC23B7}) (Version: 3.52 - Hewlett-Packard)
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3205 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP OfficeJet 4650 series Basic Device Software (HKLM\...\{F68DF314-BD12-4549-941C-521CB8D16DDE}) (Version: 40.11.1122.1796 - HP Inc.)
HP OfficeJet 4650 series Help (HKLM-x32\...\{20CA428A-0827-4441-BC64-5C577EA970AD}) (Version: 36.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.9.18.3 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Webcam User's Guide (HKLM-x32\...\{D31612BB-C6D7-4142-96AE-16DB062354CF}) (Version: - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1912 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.2 (x64 en-US)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerRecover (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1923 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WN111v2 (HKLM-x32\...\{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-11] (Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation)
FolderExtensions: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\p2pcollab.dll -> No File
FolderExtensions_S-1-5-21-3011760224-3171145470-2920118788-1000: [] -> {F6BF8414-962C-40FE-90F1-B80A7E72DB9A} => C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\p2pcollab.dll -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16682CBF-0DDD-4BB4-98AF-4AA4638295A9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\WSCStub.exe [2018-08-05] (Symantec Corporation)
Task: {25810E43-F895-4BFE-8E9C-2811C3F29C6E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-08-05] (Symantec Corporation)
Task: {29D9CEC3-0CE2-4E56-8A23-FADAB81D0D64} - System32\Tasks\{18893B81-B4A3-4AA1-930F-81C22B862023} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar
Task: {34AB0B5B-5C41-445B-98B5-E9BEFCB287B5} - System32\Tasks\{3D44EF6E-67E0-4378-8800-38FAC5B9E4BA} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar
Task: {35001F59-4F1F-499D-B293-306916F3E743} - \{327674D4-6037-429F-888E-4AC62FF04226} -> No File <==== ATTENTION
Task: {37B7E6F1-91C1-4D98-995B-76EC226E711F} - System32\Tasks\{5E9A133B-5034-4861-A19F-21BEC989200B} => C:\Windows\system32\pcalua.exe -a C:\Users\lilunit\Downloads\HPSupportSolutionsFramework-12.5.26.37.exe -d C:\Users\lilunit\Downloads
Task: {3D873ABF-E021-40ED-A409-FADB94D21732} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {43F66DFC-3874-4106-9582-699E3CA3484D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {6D2D3A05-FB73-4E9B-8174-FD3E3D1B4F18} - System32\Tasks\{34AAA631-D148-4997-888C-E8CCA30E40F9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.29.64.102/en/privacy
Task: {73019AA1-F28D-45A0-9F29-AFAE73E18EBA} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\SymErr.exe [2018-08-05] (Symantec Corporation)
Task: {7DC563A4-DB7F-44AB-946F-797F52F24A78} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.15.0.88\SymErr.exe [2018-08-05] (Symantec Corporation)
Task: {936EE1D9-DEAC-4E56-A201-2A344AD8C485} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {94AFBCCB-3FFC-40B0-8130-D4AD9217D74A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {961EAF3B-DC4F-4CFD-872E-AF9D9A7E116F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-08-08] (Adobe Systems Incorporated)
Task: {975B72C8-E5E6-48AD-A245-E4473BEE13E0} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-10-20] (CyberLink Corp.)
Task: {9904EC1E-A475-47AE-A1A5-A7B8927F29F8} - System32\Tasks\{78BA0FC2-4BA2-438A-A962-A94E6B4458C8} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.29.64.102/en/abandoninstall?page=tsMain
Task: {9EA02334-4762-4E22-9E90-59BF49E860CC} - System32\Tasks\{B5EDA45F-4DBC-4ED6-AEA2-FE8763D4BB0D} => C:\Windows\system32\pcalua.exe -a "C:\Users\lilunit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NVNY94S\startuplite-setup-1.07.exe" -d C:\Users\lilunit\Desktop
Task: {B66FA7B6-47E7-4E14-BB4A-EAC643E15547} - \{2E19D521-6368-4EE8-B2F4-B43E585FC1CD} -> No File <==== ATTENTION
Task: {CBB25689-B792-4775-8922-3924CC11C9B1} - System32\Tasks\{09518352-7C34-4D8A-B1B5-48123F44D166} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.6.0.105/en/abandoninstall?page=tsProgressBar
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-08-02 06:37 - 2005-03-12 00:07 - 000087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-22 20:21 - 2018-07-12 00:37 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2009-07-08 16:35 - 2009-07-08 16:35 - 000610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2011-11-08 19:04 - 2010-02-22 18:30 - 000266240 _____ () C:\Program Files (x86)\HP Button Manager\BM.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90029288.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90029288.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR430 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR521 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR521.SYS => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3011760224-3171145470-2920118788-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lilunit\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogitechVideoRepair => C:\Program Files (x86)\Logitech\Video\ISStart.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BF2941C7-414D-4C9F-A707-77E614B2F2D2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{3CA640A6-972C-4F5F-87B9-77155CDACE8C}] => (Allow) C:\Program Files (x86)\iWin Games\iWinGames.exe
FirewallRules: [{37905745-464A-4083-94F4-C3FBC0B623B7}] => (Allow) C:\Program Files (x86)\iWin Games\iWinGames.exe
FirewallRules: [{6418C5F4-B917-42B8-8946-637384A113B0}] => (Allow) C:\Program Files (x86)\iWin Games\WebUpdater.exe
FirewallRules: [{0FC2A718-9119-4787-9964-D89889907C8D}] => (Allow) C:\Program Files (x86)\iWin Games\WebUpdater.exe
FirewallRules: [{3E9AEDF5-B39F-497B-BFF2-088A54D8EE4E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{B24626F9-2150-41CB-BBF6-96C9FC81C2DC}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{D1A83D92-A298-48F9-9E1D-0C145C5B5545}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{0521C9B8-51FF-4215-A835-D8460E2D6D5D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{089B70F9-3A65-409B-ADAE-724CC4B47BCA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{4B69C1A1-3A9A-46BD-AA5D-96EBF8331CA0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{BC77F254-9C3A-4904-B146-906C0B28BEE5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{22C2ACAE-816D-4842-9061-66142381140D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{88D1FAD8-84EA-4B55-A78C-481ACCCB625D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{C83B49E5-28A0-4637-B55A-283A924CF277}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{F7BA0F6B-D306-4AA5-9805-5D6316FDF8CA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{D23A82D7-AD10-4AB3-9215-9B47EC1CC048}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1C8BE3D3-0785-42C3-803D-BA90A46E8882}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{25798EA7-34B0-4683-829E-33DD83309BE8}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{C3DC56DA-68E1-40C7-9C20-B282A3EBF6CF}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{FFE5C16A-F536-4F5F-AAEE-A4EBE9645183}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EE4BC948-69D4-4969-B4DB-EA64E2E88277}] => (Allow) LPort=2869
FirewallRules: [{4950DED4-DE1F-4D26-A513-5BDF2A232EAB}] => (Allow) LPort=1900
FirewallRules: [{93EA1CF5-5C50-43A0-9453-1B7554230B98}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{D65C73C7-6CAB-4190-B3BF-CC8A34318C6F}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{8FC5E8EA-1D87-4310-8E4D-F1800ECAE6BD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{001D7C63-66EF-4169-B743-160BA5037FB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4B85B24-DFF6-4F1C-B2C3-6166855C05BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F7C7DF44-5337-4AA8-8FF2-696F9DD4C690}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{020404B1-BC26-4C1C-AC55-39AE44E57744}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{9C11F414-8E39-4EA4-8721-25E2E5B477E2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{96592E35-C206-47FF-9184-FD64B360BD63}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{8BD404E6-E2F6-4B55-9BBD-7E2CD24CF277}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{85D098BE-EF4D-4206-B62C-C1CA630D3D39}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{8FE048A5-3938-455C-BB69-F9554214CEAC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [TCP Query User{B0FB209F-FB39-4F78-8D6A-CFE63428A73A}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [UDP Query User{4273CF12-9D2D-4909-A759-A6AA5D26AE4F}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Block) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [{2ED3052B-F1F7-4734-B45F-6B9140B4FCC0}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{2E3A2370-9B3E-4B2F-BB24-40DD7932BE95}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{ADA2FDF2-6E99-4803-ABB3-6BE427C0A0C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD76E5B4-D983-42D4-8D56-8098644634D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{49719052-DD93-4B86-9382-45A262899C08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F259A91-BE7A-466C-81E2-ACBB285DD807}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84022751-ACCC-4680-9EA6-885088241DB4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{A966FE0C-F44A-45A3-B12B-FD9308B30E7F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75E30D9A-B3D0-4CD7-9E36-2F954920CDD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7B93157D-2F9B-4249-A202-60FB9882727A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9F4DFC76-B57E-4E21-A531-5ACB0BDF7B9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BDA8BDA8-00FF-4940-B5ED-005303DBEC4B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{85AA19D0-E493-4FC6-A947-DA7654CD23FB}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zSCEB4.tmp\SymNRT.exe
FirewallRules: [{A2DC4BCF-0F24-42E6-B141-9411599AAAB2}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zSCEB4.tmp\SymNRT.exe
FirewallRules: [{69137ABB-BAAE-46CD-8AA1-2450716E4EE9}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS53F1\HPDiagnosticCoreUI.exe
FirewallRules: [{DF6F0650-14AA-4CC8-818E-8A450BA57FC2}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS53F1\HPDiagnosticCoreUI.exe
FirewallRules: [{4DE384D0-C501-4D53-A907-49EF4C781BF4}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS54B5\HPDiagnosticCoreUI.exe
FirewallRules: [{12A87AD4-7D5E-406F-927F-A6CE6F621786}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS54B5\HPDiagnosticCoreUI.exe
FirewallRules: [{72A33516-8722-49F9-A5DD-3F25002ECFE6}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS6FE7\HP.EasyStart.exe
FirewallRules: [{AFA867C6-480A-4B81-9926-6E315CB88316}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxPrinterUtility.exe
FirewallRules: [{B470A19C-66BF-4337-98BC-D3DC4A41DB18}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxApplications.exe
FirewallRules: [{D2DCABF9-B48D-4752-898F-121C289F407B}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\DigitalWizards.exe
FirewallRules: [{27C8F043-1E4A-4FB3-8C2E-980B23874DB7}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\SendAFax.exe
FirewallRules: [{8D48848C-2DE3-4C38-AC06-CC12468ACBAC}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\DeviceSetup.exe
FirewallRules: [{AA0D3735-4203-4BF7-84C8-ACD7E4212FA0}] => (Allow) LPort=5357
FirewallRules: [{BC23661E-3E8D-4C76-B054-E8D1D5A65C15}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{01A5680B-BDB0-4E1C-AAB1-655BE45EE28D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{185DC581-FFF7-4B9A-8699-62428877BD33}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS2471\HPDiagnosticCoreUI.exe
FirewallRules: [{AC10C49A-F1DE-4E2C-92B9-729EA46CCC9D}] => (Allow) C:\Users\lilunit\AppData\Local\Temp\7zS2471\HPDiagnosticCoreUI.exe
==================== Restore Points =========================
04-08-2018 18:17:13 Scheduled Checkpoint
08-08-2018 03:03:05 Checkpoint by HitmanPro
08-08-2018 03:04:22 Checkpoint by HitmanPro
08-08-2018 06:38:50 JRT Pre-Junkware Removal
08-08-2018 17:47:15 Removed Emsisoft Anti-Malware
08-08-2018 17:50:17 Removed Emsisoft Anti-Malware
08-08-2018 17:53:15 Removed Emsisoft Anti-Malware
08-08-2018 17:55:15 Removed Emsisoft Anti-Malware
08-08-2018 17:57:47 Removed Emsisoft Anti-Malware
08-08-2018 18:05:04 Restore Operation
09-08-2018 13:55:08 JRT Pre-Junkware Removal
09-08-2018 18:43:16 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Windows Defender:
===================================
Date: 2016-08-22 01:41:28.633
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0
Date: 2016-06-07 03:44:14.285
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0
Date: 2016-06-07 01:35:19.852
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0
CodeIntegrity:
===================================
Date: 2018-08-08 18:04:59.494
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-08-08 17:47:07.429
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 41%
Total physical RAM: 4085.18 MB
Available physical RAM: 2400.02 MB
Total Virtual: 8168.53 MB
Available Virtual: 6572.08 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:584.25 GB) (Free:520.99 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.83 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{8517215b-e372-11de-99f6-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Attached Files
-
FRST.txt 62.08KB
164 downloads
-
Addition.txt 35.93KB
161 downloads
Edited by RKinner, 10 August 2018 - 04:19 AM.
Sign In
Create Account
