Jump to content

fireman5214

Honorary Members
  • Content Count

    134
  • Joined

  • Last visited

About fireman5214

  • Rank
    Advanced Member

Profile Information

  • Location
    Nazareth, Pa
  • Interests
    firefighting, NASCAR, model railroading, tropical fish, weather watching/forecasting, christmas decorating - computer controlled synchronized to music.

Contact Methods

  • Yahoo
    fireman5214

Recent Profile Visitors

2,669 profile views
  1. Hello, sorry for the delay, I have been sick, I will try running these today. Plweq, we did clean out dust when we took it apart to replace the fan, it has not gotten hot since then.
  2. There was a checkmark at addition but I unclicked it because I have not run farbar before but I am not sure where to find addition unless it was supposed to stay checked at addition? Here is the FRST report Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Ran by Jason (administrator) on JASON-PC (19-03-2019 15:50:02) Running from C:\Users\Jason\Downloads Loaded Profiles: Jason (Available Profiles: Jason) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation - Mobile Wireless Group -> ) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [Yahoo Messenger Updater] => C:\Users\Jason\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-20] (Yahoo! Inc. -> Yahoo!, Inc.) HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc -> Google Inc.) HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\MountPoints2: {718ade95-c8cf-11e2-b8e8-806e6f6e6963} - D:\autoRcd.exe HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-05-30] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 Tcpip\..\Interfaces\{33986A70-BF88-4A33-84FC-A64FC9B2D145}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{97935873-5C3A-4108-8369-5B2A9A2A6417}: [NameServer] 0.0.0.0 Tcpip\..\Interfaces\{F22E2E44-18E0-468B-A226-3DA8887BF327}: [DhcpNameServer] 208.59.247.45 208.59.247.46 Internet Explorer: ================== HKU\S-1-5-21-3223599084-419352820-2031559519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/epawawx/?fref=ts&ref=br_tf URLSearchHook: HKU\S-1-5-21-3223599084-419352820-2031559519-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File SearchScopes: HKLM-x32 -> DefaultScope {A3B9F228-7740-4815-9302-D9BBB1DF3587} URL = SearchScopes: HKU\S-1-5-21-3223599084-419352820-2031559519-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.) DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-30] [Legacy] [not signed] FF HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [File not signed] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [No File] FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [No File] FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @talk.google.com/O1DPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2018-10-02] FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npo1d.dll [2018-10-02] Chrome: ======= CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default [2019-03-19] CHR Extension: (Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02] CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15] CHR Extension: (Adobe Acrobat) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-25] CHR Extension: (Sheets) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14] CHR Extension: (Cisco Webex Extension) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-05] CHR Extension: (Wikibuy) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2019-03-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02] CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-21] CHR Extension: (Chrome Media Router) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-06] CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-15] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-03-15] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] (Intel Corporation - Mobile Wireless Group -> ) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-10-20] (Techporch Incorporated -> Dell Inc.) R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-10-20] (Techporch Incorporated -> Dell Computer Corporation) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [79592 2013-07-25] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [86376 2013-07-25] (Future Technology Devices International Ltd -> FTDI Ltd.) R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12311904 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158976 2010-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [287232 2010-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [76912 2011-03-23] (Atheros Communications Inc. -> Atheros Communications, Inc.) S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (ManyCam LLC -> Visicom Media Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7680512 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) U3 aswbdisk; no ImagePath S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-19 15:50 - 2019-03-19 15:54 - 000023984 _____ C:\Users\Jason\Downloads\FRST.txt 2019-03-19 15:48 - 2019-03-19 15:48 - 002434048 _____ (Farbar) C:\Users\Jason\Downloads\FRST64.exe 2019-03-19 12:35 - 2019-03-19 12:38 - 000000000 ____D C:\AdwCleaner 2019-03-19 12:33 - 2019-03-19 12:34 - 007316688 _____ (Malwarebytes) C:\Users\Jason\Downloads\adwcleaner_7.2.7.0.exe 2019-03-17 16:06 - 2019-03-17 16:06 - 000000000 _____ C:\Users\Jason\AppData\Local\{0F538F10-5147-4870-A655-C72CFB3FC1A4} 2019-03-15 19:35 - 2019-03-15 19:35 - 002608120 _____ C:\Users\Jason\Downloads\R255577.exe 2019-03-15 19:20 - 2019-03-15 19:20 - 003039640 _____ C:\Users\Jason\Downloads\R301250.exe 2019-03-15 19:19 - 2019-03-15 19:19 - 000002119 _____ C:\Users\Public\Desktop\SupportAssist.lnk 2019-03-15 19:18 - 2019-03-15 19:18 - 000003812 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate 2019-03-15 19:18 - 2019-03-15 19:18 - 000000000 ____D C:\Users\Jason\AppData\Local\Dell Inc 2019-03-15 19:18 - 2019-03-15 19:18 - 000000000 ____D C:\ProgramData\SupportAssist 2019-03-15 19:17 - 2019-03-15 19:17 - 000391200 _____ (Dell Inc.) C:\Users\Jason\Downloads\SupportAssistLauncher.exe 2019-03-14 15:13 - 2019-03-15 08:34 - 000000000 ____D C:\Users\Jason\AppData\Local\Adobe 2019-03-12 14:25 - 2019-02-16 01:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-12 14:25 - 2019-02-16 01:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-03-12 14:25 - 2019-02-10 12:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2019-03-12 14:25 - 2019-02-10 12:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll 2019-03-12 14:25 - 2019-02-10 12:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2019-03-12 14:25 - 2019-02-10 12:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2019-03-12 14:25 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2019-03-12 14:25 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2019-03-12 14:25 - 2019-02-10 12:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2019-03-12 14:25 - 2019-02-10 12:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2019-03-12 14:25 - 2019-02-10 12:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-12 14:25 - 2019-02-10 12:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-12 14:25 - 2019-02-10 12:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-12 14:25 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-12 14:25 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-12 14:25 - 2019-02-10 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-12 14:25 - 2019-02-10 12:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-12 14:25 - 2019-02-10 12:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-12 14:25 - 2019-02-10 12:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-12 14:25 - 2019-02-10 12:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-12 14:25 - 2019-02-10 12:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-12 14:25 - 2019-02-10 11:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-12 14:25 - 2019-02-10 11:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-12 14:25 - 2019-02-10 11:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-12 14:25 - 2019-02-10 11:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-12 14:25 - 2019-02-10 11:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-12 14:24 - 2019-02-26 18:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-12 14:24 - 2019-02-26 17:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-03-12 14:24 - 2019-02-26 03:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-12 14:24 - 2019-02-26 03:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-03-12 14:24 - 2019-02-26 03:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-12 14:24 - 2019-02-26 03:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-03-12 14:24 - 2019-02-26 03:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-12 14:24 - 2019-02-26 03:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-03-12 14:24 - 2019-02-26 03:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-03-12 14:24 - 2019-02-26 03:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-03-12 14:24 - 2019-02-26 03:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-03-12 14:24 - 2019-02-26 03:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-03-12 14:24 - 2019-02-26 03:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-03-12 14:24 - 2019-02-26 03:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-12 14:24 - 2019-02-26 03:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-03-12 14:24 - 2019-02-26 03:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-03-12 14:24 - 2019-02-26 03:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-12 14:24 - 2019-02-26 03:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-03-12 14:24 - 2019-02-26 03:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-03-12 14:24 - 2019-02-26 03:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-03-12 14:24 - 2019-02-26 03:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-03-12 14:24 - 2019-02-26 03:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-03-12 14:24 - 2019-02-26 03:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2019-03-12 14:24 - 2019-02-26 03:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2019-03-12 14:24 - 2019-02-26 03:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2019-03-12 14:24 - 2019-02-26 03:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-03-12 14:24 - 2019-02-26 03:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-03-12 14:24 - 2019-02-26 03:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-03-12 14:24 - 2019-02-26 03:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-03-12 14:24 - 2019-02-26 03:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2019-03-12 14:24 - 2019-02-26 03:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2019-03-12 14:24 - 2019-02-26 02:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-03-12 14:24 - 2019-02-26 02:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2019-03-12 14:24 - 2019-02-26 02:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-12 14:24 - 2019-02-26 02:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-03-12 14:24 - 2019-02-26 02:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2019-03-12 14:24 - 2019-02-26 02:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2019-03-12 14:24 - 2019-02-26 02:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-12 14:24 - 2019-02-26 02:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-03-12 14:24 - 2019-02-26 02:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2019-03-12 14:24 - 2019-02-26 02:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-12 14:24 - 2019-02-26 02:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2019-03-12 14:24 - 2019-02-26 02:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2019-03-12 14:24 - 2019-02-26 02:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-12 14:24 - 2019-02-26 02:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-12 14:24 - 2019-02-26 02:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-03-12 14:24 - 2019-02-26 02:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2019-03-12 14:24 - 2019-02-26 02:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-12 14:24 - 2019-02-26 02:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-03-12 14:24 - 2019-02-26 02:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2019-03-12 14:24 - 2019-02-26 02:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2019-03-12 14:24 - 2019-02-26 02:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2019-03-12 14:24 - 2019-02-26 02:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2019-03-12 14:24 - 2019-02-26 02:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-03-12 14:24 - 2019-02-26 02:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-03-12 14:24 - 2019-02-26 02:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-03-12 14:24 - 2019-02-26 02:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-03-12 14:24 - 2019-02-26 02:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2019-03-12 14:24 - 2019-02-26 02:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-03-12 14:24 - 2019-02-26 02:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-12 14:24 - 2019-02-26 02:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-12 14:24 - 2019-02-26 02:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-03-12 14:24 - 2019-02-26 02:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-03-12 14:24 - 2019-02-26 02:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-03-12 14:24 - 2019-02-26 02:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-12 14:23 - 2019-03-05 23:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-12 14:23 - 2019-03-05 23:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-12 14:23 - 2019-03-05 23:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-03-12 14:23 - 2019-03-05 23:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-03-12 14:23 - 2019-03-05 23:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-12 14:23 - 2019-03-05 23:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-12 14:23 - 2019-03-05 23:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-03-12 14:23 - 2019-03-05 23:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-03-12 14:23 - 2019-03-05 23:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-03-12 14:23 - 2019-03-05 23:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 22:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-12 14:23 - 2019-03-05 22:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-12 14:23 - 2019-03-05 22:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-12 14:23 - 2019-03-05 22:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-12 14:23 - 2019-03-05 22:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-12 14:23 - 2019-03-05 22:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-12 14:23 - 2019-03-05 22:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-12 14:23 - 2019-03-05 22:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-12 14:23 - 2019-03-05 22:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-03-12 14:23 - 2019-03-05 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-03-12 14:23 - 2019-03-05 22:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-12 14:23 - 2019-03-05 22:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-12 14:23 - 2019-03-05 22:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-12 14:23 - 2019-03-05 22:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-12 14:23 - 2019-03-05 22:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-12 14:23 - 2019-03-05 22:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-12 14:23 - 2019-03-05 22:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-12 14:23 - 2019-03-05 22:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-12 14:23 - 2019-03-05 22:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-12 14:23 - 2019-03-05 22:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-12 14:23 - 2019-03-05 22:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-12 14:23 - 2019-03-05 22:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-12 14:23 - 2019-03-05 22:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-03-12 14:23 - 2019-03-05 22:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-03-12 14:23 - 2019-03-05 22:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-03-12 14:23 - 2019-03-05 22:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-03-12 14:23 - 2019-03-05 22:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-03-12 14:23 - 2019-03-05 22:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 22:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 22:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-03-12 14:23 - 2019-03-05 22:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-03-12 14:23 - 2019-03-04 22:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-12 14:23 - 2019-03-04 22:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-12 14:23 - 2019-03-04 22:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-12 14:23 - 2019-02-26 03:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-03-12 14:23 - 2019-02-26 03:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2019-03-12 14:23 - 2019-02-26 03:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2019-03-12 14:23 - 2019-02-21 23:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-12 14:23 - 2019-02-21 23:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-12 14:23 - 2019-02-21 22:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll 2019-03-12 14:23 - 2019-02-21 22:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-03-12 14:23 - 2019-02-21 22:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-03-12 14:23 - 2019-02-16 02:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-12 14:23 - 2019-02-16 02:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-12 14:23 - 2019-02-16 02:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-12 14:23 - 2019-02-16 02:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-12 14:23 - 2019-02-16 02:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-12 14:23 - 2019-02-16 02:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-12 14:23 - 2019-02-16 02:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-12 14:23 - 2019-02-16 01:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-03-12 14:23 - 2019-02-16 01:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-03-12 14:23 - 2019-02-16 01:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-03-12 14:23 - 2019-02-16 01:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2019-03-12 14:23 - 2019-02-16 01:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2019-03-12 14:23 - 2019-02-15 12:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-12 14:23 - 2019-02-15 12:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-12 14:23 - 2019-02-15 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-12 14:23 - 2019-02-15 11:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2019-03-12 14:23 - 2019-02-15 11:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2019-03-12 14:23 - 2019-02-15 11:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-12 14:23 - 2019-02-15 11:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-12 14:23 - 2019-02-15 11:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-12 14:23 - 2019-02-15 11:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2019-03-12 14:23 - 2019-02-15 11:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2019-03-12 14:23 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2019-03-12 14:23 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2019-03-12 14:23 - 2019-02-10 12:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-12 14:23 - 2019-02-10 11:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-12 14:23 - 2019-02-10 11:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-12 14:23 - 2019-02-10 11:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-12 14:23 - 2019-02-10 11:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-12 14:23 - 2019-02-08 12:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-12 14:23 - 2019-02-08 12:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-12 14:23 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-12 14:23 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-12 14:23 - 2019-02-08 12:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-03-12 14:23 - 2019-02-08 11:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-03-12 14:23 - 2019-02-08 11:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-03-12 14:23 - 2019-02-08 11:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2019-03-12 14:23 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2019-03-12 14:23 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2019-03-12 14:23 - 2019-02-07 12:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-12 14:23 - 2019-02-07 12:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-12 14:23 - 2019-02-07 12:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-12 14:23 - 2019-02-07 11:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-12 14:23 - 2019-02-03 11:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-12 14:23 - 2019-01-04 12:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-12 14:23 - 2019-01-04 12:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-03-12 14:23 - 2019-01-04 10:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-12 14:23 - 2019-01-04 10:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-12 14:23 - 2019-01-03 12:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-12 14:23 - 2019-01-03 11:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-03-12 08:23 - 2019-03-19 12:23 - 000001215 _____ C:\Users\Jason\Desktop\malware.txt 2019-03-11 23:25 - 2019-03-11 23:25 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-03-11 23:25 - 2019-03-11 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-03-11 23:24 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-03-10 09:53 - 2019-03-10 09:53 - 000000000 ____D C:\Users\Jason\AppData\LocalLow\Oracle 2019-03-10 09:44 - 2019-03-10 09:45 - 021159736 _____ (Piriform Software Ltd) C:\Users\Jason\Downloads\ccsetup554.exe 2019-03-08 16:14 - 2019-03-08 16:14 - 000582310 _____ C:\Users\Jason\Downloads\ihg-our-communities-rb2018.pdf 2019-03-07 12:11 - 2019-03-07 12:11 - 000064296 _____ C:\Users\Jason\Downloads\26288-106153-3446 2019-03-06 10:29 - 2019-03-06 10:29 - 000016306 _____ C:\Users\Jason\Downloads\RegistryPractitionerRecertificationRequirements.pdf 2019-03-01 13:27 - 2019-03-01 13:27 - 000006900 _____ C:\Users\Jason\Downloads\statement_20180101_20181231_all (1).csv 2019-02-28 22:27 - 2019-02-28 22:27 - 000798701 _____ C:\Users\Jason\Downloads\paid_staff_application.pdf 2019-02-27 09:55 - 2019-03-14 18:59 - 000000000 ____D C:\Users\Jason\Desktop\Matt Kilsdonk 2019-02-26 23:40 - 2019-02-26 23:40 - 000930238 _____ C:\Users\Jason\Desktop\2019 Contract.pdf 2019-02-26 15:06 - 2019-02-26 15:16 - 000014897 _____ C:\Users\Jason\Downloads\Local Guide Boost - Review Order # #781D3CA3_2.xlsx 2019-02-26 15:05 - 2019-02-26 15:26 - 000013137 _____ C:\Users\Jason\Downloads\Local Guide Boost - Review Order #6F0DCF27_2.xlsx 2019-02-22 21:47 - 2019-02-22 21:48 - 000468824 _____ C:\Users\Jason\Downloads\Application (1).pdf 2019-02-20 22:38 - 2019-02-20 22:39 - 003779640 _____ C:\Users\Jason\Downloads\Help guide Creality and others 12-2018.pdf 2019-02-19 13:55 - 2019-02-19 13:55 - 000006900 _____ C:\Users\Jason\Downloads\statement_20180101_20181231_all.csv ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-19 15:50 - 2015-10-14 08:59 - 000000000 ____D C:\FRST 2019-03-19 12:51 - 2009-07-14 00:45 - 000035440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-19 12:51 - 2009-07-14 00:45 - 000035440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-19 12:49 - 2018-08-11 09:35 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk 2019-03-19 12:49 - 2018-08-11 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-03-19 12:40 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-17 16:50 - 2013-05-29 23:57 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-03-15 19:44 - 2015-10-14 13:01 - 000000000 ____D C:\ProgramData\PCDr 2019-03-15 19:42 - 2009-07-14 01:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-15 19:42 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf 2019-03-15 19:28 - 2018-05-17 18:16 - 000241088 _____ C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT 2019-03-15 19:26 - 2018-05-17 18:14 - 005305848 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-15 19:19 - 2015-10-14 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2019-03-15 19:19 - 2015-10-14 13:00 - 000000000 ____D C:\Program Files\Dell 2019-03-15 19:18 - 2013-08-20 21:20 - 000000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2019-03-15 19:12 - 2015-03-12 14:31 - 000007635 _____ C:\Users\Jason\AppData\Local\Resmon.ResmonCfg 2019-03-14 15:15 - 2016-01-31 20:10 - 000000000 ____D C:\Users\Jason\Desktop\FB Page Images 2019-03-14 12:47 - 2013-06-10 10:38 - 000000000 ____D C:\Windows\Minidump 2019-03-13 04:50 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache 2019-03-13 03:30 - 2014-12-11 10:57 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-13 03:30 - 2014-05-06 08:16 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-13 03:30 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-03-13 03:30 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\Dism 2019-03-12 17:40 - 2016-08-31 18:06 - 000000000 ____D C:\Users\Jason\Desktop\Carnival Stuff 2019-03-12 08:17 - 2017-05-29 21:04 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-03-12 08:17 - 2017-05-25 21:02 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-03-12 08:17 - 2017-05-25 21:02 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-12 08:17 - 2017-05-25 21:02 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2019-03-12 08:16 - 2013-05-30 17:47 - 000000000 ____D C:\Windows\system32\Macromed 2019-03-11 23:25 - 2013-05-29 23:23 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-03-11 11:19 - 2016-03-22 18:50 - 000000000 ____D C:\Users\Jason\Desktop\Fire Grants 2019-03-10 20:55 - 2016-05-15 18:54 - 000020540 _____ C:\Users\Jason\Desktop\Grant Passwords.xlsx 2019-03-10 09:54 - 2013-08-01 10:39 - 000000000 ____D C:\Program Files (x86)\Java 2019-03-10 09:46 - 2018-01-11 09:46 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-03-10 09:46 - 2013-05-29 23:35 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-03-09 21:58 - 2017-05-29 20:22 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2019-03-09 21:58 - 2017-05-29 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-03-09 00:17 - 2016-06-12 00:39 - 000019485 _____ C:\Users\Jason\Desktop\Advertise FB & Calendars.xlsx 2019-03-08 12:11 - 2013-05-30 17:54 - 000000000 ____D C:\Users\Jason\AppData\Roaming\ZoomBrowser EX 2019-03-07 11:15 - 2013-05-29 23:29 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2019-03-06 14:35 - 2015-08-21 08:13 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-04 23:21 - 2013-06-20 17:06 - 000000000 ____D C:\Users\Jason\Documents\My Scans 2019-02-25 19:44 - 2016-08-21 17:30 - 000021423 _____ C:\Users\Jason\Desktop\2018 State & Fire Sub Grant.xlsx 2019-02-22 18:19 - 2018-09-18 20:14 - 000000000 ____D C:\Users\Jason\Desktop\Gui Sales 2019-02-22 11:01 - 2017-05-25 20:41 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-02-20 22:28 - 2019-02-06 21:59 - 000000000 ____D C:\Users\Jason\Desktop\Fund Drive Addreses ==================== Files in the root of some directories ======= 2016-10-04 21:10 - 2018-05-19 22:25 - 000000132 _____ () C:\Users\Jason\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-03-12 14:31 - 2019-03-15 19:12 - 000007635 _____ () C:\Users\Jason\AppData\Local\Resmon.ResmonCfg 2019-03-17 16:06 - 2019-03-17 16:06 - 000000000 _____ () C:\Users\Jason\AppData\Local\{0F538F10-5147-4870-A655-C72CFB3FC1A4} 2018-11-03 13:20 - 2018-11-03 13:20 - 000000000 _____ () C:\Users\Jason\AppData\Local\{A014614F-B96D-4442-B02E-B9C8BB0A0DBE} ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-14 00:28 ==================== End of FRST.txt ============================
  3. Updated malwarebytes scan. Also did the adw cleaner. I will do the Farbar later this evening. # ------------------------------- # Malwarebytes AdwCleaner 7.2.7.0 # ------------------------------- # Build: 01-30-2019 # Database: 2019-03-11.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 03-19-2019 # Duration: 00:00:07 # OS: Windows 7 Professional # Cleaned: 67 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Conduit Deleted C:\Program Files (x86)\Common Files\Tencent Deleted C:\Users\Jason\AppData\Roaming\Tencent Deleted C:\Users\Public\Documents\Tencent Deleted C:\Users\Jason\AppData\LocalLow\HPAppData Deleted C:\ProgramData\EmailNotifier Deleted C:\Users\Jason\AppData\Local\SwvUpdater Deleted C:\Program Files (x86)\Coupons Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService ***** [ Files ] ***** Deleted C:\Windows\System32\LavasoftTcpService64.dll Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted C:\END ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\AppDataLow\Software\Conduit Deleted HKLM\Software\Wow6432Node\Conduit Deleted HKCU\Software\AppDataLow\Software\Smartbar Deleted HKCU\Software\Yahoo\YFriendsBar Deleted HKCU\Software\AppDataLow\Software\Yahoo\Companion Deleted HKCU\Software\Yahoo\Companion Deleted HKLM\Software\Wow6432Node\Yahoo\Companion Deleted HKLM\Software\Wow6432Node\Email Notifier Deleted HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D} Deleted HKLM\Software\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD} Deleted HKLM\Software\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF} Deleted HKLM\Software\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957} Deleted HKLM\Software\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902} Deleted HKLM\Software\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902} Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208} Not Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{D8278076-BC68-4484-9233-6E7F1628B56C} Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Deleted HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{63C825A4-1715-487D-923C-B2C37FE2034D} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{ED7DB262-4273-4168-A5BE-EAD6AA4B4B6C} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0BFDFDCB-07A9-4514-8107-181045C5ED1E} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D0968209-123E-46B0-9CFD-8977BA124CFC} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2A95CCA9-1411-406F-9992-099BF56FB33C} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3E7E8793-4B52-416C-90DA-CC218D7EEE25} Deleted HKLM\Software\Classes\METNSD Deleted HKLM\Software\Classes\Sample.YTBPartnerSample Deleted HKLM\Software\Classes\Sample.BrowserHandler Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe Deleted HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [8062 octets] - [19/03/2019 12:37:25] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## malware.txt
  4. Hi Ron, The computer is back with a new fan, it has not shut down since the new fan has been installed. My neighbor also updated bios on it. I am going to run Super AntiSpyware tonight
  5. When you replied, I was at my neighbors, took the computer apart, he took the fan out, the other one he had isn't the same so he ordered one off amazon prime and it will be here Sunday. He is pretty sure it is the fan because when you turn the fan it doesn't spin freely. It only spins as far as you can move it with your finger. I will advise you when we get it back up and running.
  6. Hello Ron, I talked to my neighbor because he came home yesterday. He is going to take it apart with me but is pretty sure it is the fan that is going bad and not cooling the unit since it only shuts down when the fan does not run. If the fan runs it doesn't shut down. For a few months the fan has made noise like it was unbalanced. He told me to look for a fan because without looking at it, he was not sure if it was a universal fan or a special DELL only fan. I looked up a fan and found a few and I think they are universal but unsure. We are going to look tonight, if its a special order then we will order one and try that. He said his sons laptop had the same issue and that fixed it.
  7. I think I have taken it apart before to clean it. Do you think my neighbor who is good with computers could do it? He works with computers during his normal work but he is out of town for work right now, that is why I came here and also because I trust the services here. D you think it is malware making my hard drive run so hard that it overheats and shuts down? What about a system restore or the tweaking registry cleaner - do you think I need to do this?
  8. Ok after I posted, my fan was not moving on my laptop, it was getting hot so I tried restarting and it wouldnt restart, came up with this black screen saying windows failed to start, a recent hardware or software change might be the cause. then a blue screen came up : windows is loading files stop C00002E3 security error 0XC0000189 I have screenshot the blue screen report and attached it to this post. It did install windows updates though.
  9. It is actually a Dell Inspiron N7010 laptop. I did blow the dust out thinking that was the problem through the vent and the bottom grates. It seems when it runs with multiple applications it gets hot and the fan doesnt automatically kick in and run and it gets hot and shuts down. The fan, like i said in a previous post did seem off balance about 2 years now and sometimes vibrates and makes a loud noise. I ran a complete Microsoft Security Essentials scan with no threats found before I came here, also ran TFC, ATF and CCleaner as well and cleared browsing history. Do you think I need to do a system restore or use the Tweaking Registry cleaner I downloaded from this forum on my previous computer issue? Where else should I use the air duster at besides the fan area and where it gets hot?
  10. Here is the text report It should be noted that the first scan it got to 12 minutes and the computer shut down and it was extremely hot. The fan was not going. I waited about 2 minutes, restarted and did a scan and this is the report. The fan started up upon restart. The fan has been loud at times in the past year like it is not balanced correctly. malware.txt
  11. I am unsure on how to even do that. I am going to run another threat scan tonight and post the logs. When i did come back tonight, my SuperAnti Spyware did find 739 items and i removed that, but my keyboard would not work. I restarted the laptop and it still didn't work. I started pushing a few keys and it started to work in the K J area. Don't know if that could have something to do with this or not.
  12. Hello All, I believe my Windows Dell Inspiron 7010 laptop is infected. Over the last day and a half the left side of it on the bottom between the keyboard and the fan gets so hot to the touch it almost burns my hand. It is not all the time, just sometimes and it will shut down and restart and be back to a normal warmth. I used CCleaner and cleaned everything, ran ATF Cleaner and TFC thinking that would fix it. I also cleared my Chrome history. I did a Disk Cleanup at 4 but have not been on here much to find out if that fixed it (it removed 14.5 mb). I also did a threat scan today and it found nothing wrong. Earlier this afternoon it shut down and came back up with something about verifying the ac adapter is correct and plugged in correctly. I checked and that was fine but after that it did a Checking file system of file C (below are the results) The type of the file system is ntfs one of your disks needs to be checked for consistency. You may cancel the disk check but it is strongly recommended that you continue. Windows will now check the disk. chkdsk is verifying files: 1 of 3 1757 large file records processed 0 bad file records processed 2 ea records processed 44 reparse records processed 2 of 3 correcting error in index $I30 for file 122572 (this came up 3 times) starting index $i30 in file 122572 recovering orphaned file 3B21F4~1548971 into directory 3b21f408-ff44-44-17-8Fe5-8db5A9691606 (548971) into 122522 2 unindexed files scanned recovering orphaned file index.txt (573228) into directory file 122572 0 unindexed files recovered 3 of 3 chkdsk i verifying security descriptors couldnt read before it went off the screen but no other errors were found i know that. I am going to run Super AntiSpyware again, it ran earlier but before it could finish it shut down again and had 635 files it was going to get rid of. I have Microsoft security essentials that i did not run yet or the tweaking registry cleaner yet without advice from on this board. Thank-you for any help on this matter.
  13. Hello all, My moms laptop HP Pavilion g7-1117cl is running slow especially while on Internet Explorer 11. The most she uses it for is on Pogo.com games. i have run the following items: tweaking registry cleaner CCleaner ATF cleaner TFC windows defender microsoft security essentials malwarebytes super antispyware Also did a check on drive c disk defragmenter and it is 2% fragmented. I also did a disk cleanup and no real improvements have been made. I uninstalled IE 11 and restarted the computer, it went back to IE 8, the games on Pogo and all websites loaded great and fast. I reinstalled updates for IE 11 and it went back to the slow speeds. Also it is now showing drive E as 0 bytes full and 0 bytes space available. Autorun doesnt pick up on one cd that we have tried so far. The laptop is windows 7 home edition 64 bit. I did run the threat scan and have posted the log below for malwarebytes. Any help is appreciated and would like to thank-you in advance. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/6/17 Scan Time: 4:45 PM Log File: threat scan log.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2523 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: joy-HP\joy -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 349942 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 17 min, 58 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.