Jump to content

MbaliPC

Members
  • Content Count

    4
  • Joined

  • Last visited

About MbaliPC

  • Rank
    New Member
  1. Hi Nasdaq, sorry I have been unable to reply due to the forum thinking my replies are consistent with Spam. Above is the fixlog. I scanned with MalwareBytes again and it didn't detect the 8 infected trojan files anymore. Thanks
  2. Hi Nasdaq, Thank you so much for your reply and help. No, my default browse is not synced with other devices. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020 Ran by Administrator (administrator) on APELELE-PC (Hewlett-Packard HP G62 Notebook PC) (31-03-2020 17:50:30) Running from C:\Users\Administrator.Apelele-PC\Desktop\FRST Loaded Profiles: Administrator (Available Profiles: Apelele & Administrator) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Greyfirst Corporation) [File not signed] C:\Program Files (x86)\Celtx\celtx.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp.) [File not signed] C:\Program Files\Realtek\RtVOsd\RtVOsd.exe (Realtek Semiconductor Corp.) [File not signed] C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe (Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Thinking Man Software) [File not signed] C:\Program Files (x86)\D4\D4.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-04] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Dimension4] => C:\Program Files (x86)\D4\D4.exe [355840 2013-11-27] (Thinking Man Software) [File not signed] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3656845367-3278222974-3694736955-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3656845367-3278222974-3694736955-500\...\MountPoints2: {1e5cdadb-c5ff-11e9-a74e-e51fce0f80eb} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-3656845367-3278222974-3694736955-500\...\MountPoints2: {ae2fc1ee-6d8d-11ea-abee-99dd3e42daeb} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3656845367-3278222974-3694736955-500\...\MountPoints2: {e4cea567-d12c-11e9-b25d-952e35f96ff1} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3656845367-3278222974-3694736955-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3621.133\Installer\chrmstp.exe [2020-03-19] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-12-29] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A367C56-2DEB-4EAA-9984-5BD95390A5E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {15C78E9E-7A7D-496B-B7C1-0302E3709C75} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {1679FC0C-B5BA-4E81-87FE-B701FE8FF38C} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {1B3F917D-D53E-439B-AB25-ED9D3A4FB998} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1C38C2B4-2325-4DCE-A657-C19CF6E0D63F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe Task: {27F75543-B235-4ED0-BD9A-4E88D0E6CA61} - \WpsExternal_Administrator_20181208153121 -> No File <==== ATTENTION Task: {28B5C0AB-FC44-4D27-8E42-4C5974FE0008} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\AutoUpdate.exe [2369808 2020-03-06] (IObit Information Technology -> IObit) Task: {2A476521-F856-48B2-AD15-EEB8E06FC555} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-23] (Hewlett-Packard Company -> ) Task: {372D6E01-4B99-4400-A9E9-4EBE542B20F2} - \MicrosoftSearchIndexer -> No File <==== ATTENTION Task: {41091D8C-3D02-477C-9F31-7AD6CDF46A39} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-04] (Avast Software s.r.o. -> AVAST Software) Task: {41C0332F-CE49-4180-B63A-769AA517B3BF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {5C3A34E0-BCD2-40B2-BA98-EB5B9BDB25ED} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-17] (AVAST Software s.r.o. -> AVAST Software) Task: {5C87DBE8-BF25-4449-A0C3-B5B87FA10ACD} - \WpsExternal_Administrator_20190806162256 -> No File <==== ATTENTION Task: {5D0FBC1D-2633-47A2-BFF1-2B94C3E36BE4} - System32\Tasks\AdobeAAMUpdater-1.0-Apelele-PC-Administrator => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6436662E-1FF8-4D8D-973E-DE2DF7E6A578} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {6436662E-1FF8-4D8D-973E-DE2DF7E6A578} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {6436662E-1FF8-4D8D-973E-DE2DF7E6A578} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation) Task: {6D4A7BC2-80CC-42DF-B996-00924E6586EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation) Task: {6F1C560A-66C3-4CE2-B44E-2437CD3AA770} - System32\Tasks\Java(TM) Platform SE 6 U17 => C:\Program Files\Java\jre6\bin\jusched.exe Task: {7FC10A73-87F0-4C48-907D-94C1B2648F0E} - System32\Tasks\WpsUpdateTask_Administrator => C:\Users\Administrator.Apelele-PC\AppData\Local\Kingsoft\WPS Office\11.2.0.8641\office6\wpsupdate.exe [157352 2019-08-06] (Zhuhai Kingsoft Office Software Co., Ltd. -> ) Task: {82EAB02A-BEC8-443E-B576-B996C39597E6} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\Scheduler.exe [149776 2020-02-27] (IObit Information Technology -> IObit) Task: {87E6E767-6C7E-4D7D-AEF3-58E4F53A1E53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-25] (Google Inc -> Google Inc.) Task: {8B677B27-DAE3-405D-83B5-F2E82641B286} - System32\Tasks\HPCeeScheduleForAdministrator => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard) Task: {8D9CA4EF-45C0-4CBF-9190-45C51642488B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023832 2020-03-09] (Avast Software s.r.o. -> AVAST Software) Task: {922C3B1E-942B-4485-8ADD-D1FAF7C7FBD7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {95DA5963-2C82-4FDC-B14D-6AD62EB2A185} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-25] (Google Inc -> Google Inc.) Task: {9C4A0712-9DE7-4D3E-ADCB-7777AE22EDFD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {A61157BB-0A71-41A3-893F-2B5A462A333C} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-23] (Hewlett-Packard Company -> ) Task: {B20DFE3D-3FEF-4B17-A637-6230715C6CF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {B20DFE3D-3FEF-4B17-A637-6230715C6CF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation) Task: {C6FA4E4E-92CD-47B4-A556-2D404030E037} - \Driver Booster Installer -> No File <==== ATTENTION Task: {CD422FF6-661A-4043-B729-5DAFB4E4ED6C} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe [1997904 2019-11-04] (Smadsoft) [File not signed] Task: {D18D895F-E63B-47BC-9E87-7D89A0B04F34} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-17] (AVAST Software s.r.o. -> AVAST Software) Task: {DA3877E7-4AA1-47A8-9EE0-AC870B2E4486} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe Task: {DA6E08F5-C270-472D-A736-BE6CB846441E} - System32\Tasks\Driver Booster SkipUAC (Administrator) => C:\Program Files (x86)\IObit\Driver Booster\7.3.0\DriverBooster.exe [7892240 2020-03-06] (IObit Information Technology -> IObit) Task: {DB58861A-511A-4C89-AD47-75C52801534B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {DB58861A-511A-4C89-AD47-75C52801534B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation) Task: {E42C8940-791E-4812-A43E-C73816B2FD02} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023832 2020-03-09] (Avast Software s.r.o. -> AVAST Software) Task: {F2DAF99C-87AF-4C45-80BC-4DCC6D256E9C} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-23] (Hewlett-Packard Company -> ) Task: {FC61795B-B485-4812-B921-38C5D4D35FA6} - System32\Tasks\{A506F9F2-E014-4891-96D9-AFC53FA6EED2} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator.Apelele-PC\Downloads\windirstat1_1_2_setup.exe -d C:\Users\Administrator.Apelele-PC\Downloads (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\HPCeeScheduleForAdministrator.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{86BBFF66-F102-41D7-916A-D4A58B91D095}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{973A600A-B46D-4DEC-8522-30A8A042865C}: [DhcpNameServer] 192.168.43.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-3656845367-3278222974-3694736955-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/2 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0BE8BE18-CFCC-4B00-AE6C-93045AE94DEE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0BE8BE18-CFCC-4B00-AE6C-93045AE94DEE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-01-28] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-01-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-01-28] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: hdwlg5qh.default-1557861345676 FF ProfilePath: C:\Users\Administrator.Apelele-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hdwlg5qh.default-1557861345676 [2020-03-31] FF ProfilePath: C:\Users\Administrator.Apelele-PC\AppData\Roaming\Greyfirst\Celtx\Profiles\xne3mgfc.default [2020-03-31] FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2017-12-15] [Legacy] [not signed] FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2017-12-15] [Legacy] [not signed] FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2017-12-15] [Legacy] [not signed] FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2017-12-15] [Legacy] [not signed] FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2017-12-15] [Legacy] [not signed] FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2017-12-15] [Legacy] [not signed] FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2017-12-15] [Legacy] [not signed] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2020-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2020-03-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-01-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File] FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default [2020-03-31] CHR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkdflfgjdajbhocmfjolpjbebdkcjog [2019-06-24] CHR Extension: (Avira Browser Safety) - C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-03-17] CHR Extension: (Grammarly for Chrome) - C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-03-24] CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10] CHR Extension: (Chrome Media Router) - C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-24] CHR Profile: C:\Users\Administrator.Apelele-PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-24] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-04] (Avast Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-17] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-04] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-17] (AVAST Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3621.133\elevation_service.exe [1124080 2020-03-09] (Avast Software s.r.o. -> AVAST Software) S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation) R2 Dimension4; C:\Program Files (x86)\D4\D4.exe [355840 2013-11-27] (Thinking Man Software) [File not signed] S3 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS -> EasyBits Software AS) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-31] (Malwarebytes Inc -> Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268368 2019-08-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed] R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation) S3 wpscloudsvr; C:\Users\Administrator.Apelele-PC\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [363688 2019-08-06] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) S2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [130336 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-04] (Avast Software s.r.o. -> AVAST Software) R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [42888 2019-08-16] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-03-31] (Malwarebytes Corporation -> Malwarebytes) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-08-16] (Martin Malik - REALiX -> REALiX(tm)) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-31] (Malwarebytes Inc -> Malwarebytes) S3 nmwcdnsux64; C:\Windows\System32\drivers\nmwcdnsux64.sys [171008 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [225280 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584280 2019-08-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51808 2019-08-16] (Synaptics Incorporated -> Synaptics Incorporated) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2019-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB) R3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [35696 2017-11-25] (Beijing Wolicheng Technology Co., Ltd. -> Windows (R) Win 7 DDK provider) S3 WsResetDevice; C:\Windows\SysWOW64\DRIVERS\WsResetDevice.sys [33544 2016-03-18] (Shenzhen Wondershare Information Technology Co., Ltd. -> WonderShare Software) U1 aswbdisk; no ImagePath S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X] S3 MBAMProtection; \??\C:\Windows\system32\DRIVERS\mbam.sys [X] S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-03-31 17:50 - 2020-03-31 17:51 - 000000000 ____D C:\FRST 2020-03-31 17:49 - 2020-03-31 17:50 - 000000000 ____D C:\Users\Administrator.Apelele-PC\Desktop\FRST 2020-03-31 14:21 - 2020-03-31 14:21 - 000004174 _____ C:\Users\Administrator.Apelele-PC\Downloads\Dream Wedding.txt 2020-03-31 14:20 - 2020-03-31 14:20 - 000004190 _____ C:\Users\Administrator.Apelele-PC\Downloads\Dream Wedding.fountain 2020-03-31 13:39 - 2020-03-31 13:39 - 000002382 _____ C:\Users\Administrator.Apelele-PC\Desktop\Scan Results.txt 2020-03-31 12:58 - 2020-03-31 12:58 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-03-31 12:58 - 2020-03-31 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-03-31 12:57 - 2020-03-31 12:57 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-03-31 12:57 - 2020-03-31 12:56 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-03-30 14:28 - 2020-03-30 14:29 - 000002388 _____ C:\Users\Administrator.Apelele-PC\Desktop\Rkill.txt 2020-03-30 14:28 - 2020-03-30 14:28 - 000000000 ____D C:\Users\Administrator.Apelele-PC\Desktop\rkill 2020-03-30 14:12 - 2020-03-30 14:20 - 001957784 _____ (Malwarebytes) C:\Users\Administrator.Apelele-PC\Downloads\MBSetup (1).exe 2020-03-28 19:15 - 2020-03-28 19:15 - 000001853 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2020-03-28 10:26 - 2020-03-28 10:30 - 001191894 _____ C:\Users\Administrator.Apelele-PC\Downloads\Unconfirmed 296567.crdownload 2020-03-28 09:49 - 2020-03-28 10:00 - 000173555 _____ C:\Users\Administrator.Apelele-PC\Downloads\Unconfirmed 940966.crdownload 2020-03-25 20:15 - 2020-03-25 20:16 - 045733828 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E05_-_Here_Comes_Treble_a6452ce2bd3b7dd24353c9b308358875.mp4 2020-03-25 19:18 - 2020-03-25 19:19 - 059807479 _____ C:\Users\Administrator.Apelele-PC\Downloads\Awkwafina_Is_Nora_From_Queens_-_S01E02_-_Unknown_f866817bd92cd3406f5b0099a9839df0.mp4 2020-03-25 18:48 - 2020-03-25 18:49 - 040576318 _____ C:\Users\Administrator.Apelele-PC\Downloads\Awkwafina_Is_Nora_From_Queens_-_S01E02_-_Unknown_cbe58ae657ed151edaa056e2d04b2651.avi 2020-03-25 18:46 - 2020-03-25 18:47 - 045767433 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E04_-_Work_Bus_ad110c9bfde734c441340ea0a0566fd3.mp4 2020-03-25 17:50 - 2020-03-25 17:51 - 039974282 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Other_Two_-_S01E01_-_Pilot_b5d588fe44c55ce320211dcdd68e74b5.avi 2020-03-25 17:48 - 2020-03-25 17:49 - 050652652 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Other_Two_-_S01E10_-_Chase_Performs_at_the_VMAs_fde8a35576414e23a0d22e0479bbe7bb.avi 2020-03-25 07:50 - 2020-03-25 07:52 - 060153292 _____ C:\Users\Administrator.Apelele-PC\Downloads\Awkwafina_Is_Nora_From_Queens_-_S01E01_-_Unknown_23d86adbb103123582dabf97d6e97b88.mp4 2020-03-24 19:54 - 2020-03-24 19:55 - 047172890 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E03_-_Andys_Ancestry_a3546a14979b73f9aa0bfb946fe39bc5.mp4 2020-03-24 19:51 - 2020-03-24 19:52 - 045869592 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E02_-_Roys_Wedding_d062b386d8f1df2674fe19d75309126f (1).mp4 2020-03-24 19:51 - 2020-03-24 19:51 - 045869592 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E02_-_Roys_Wedding_d062b386d8f1df2674fe19d75309126f.mp4 2020-03-24 19:15 - 2020-03-24 19:17 - 045766205 _____ C:\Users\Administrator.Apelele-PC\Downloads\The_Office_(US)_-_S09E01_-_New_Guys_d0cc8c7bcedf1aa348d77af81a13b1c2.mp4 2020-03-24 19:00 - 2020-03-24 19:03 - 080134003 _____ C:\Users\Administrator.Apelele-PC\Downloads\Avenue_5_-_S01E05_-_Unknown_7587e112756a5ef296983c009f59f636.mp4 2020-03-24 18:50 - 2020-03-24 18:50 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Roaming\ADBDriverInstaller 2020-03-24 18:49 - 2020-03-24 18:50 - 009667561 _____ C:\Users\Administrator.Apelele-PC\Downloads\adbdriver.zip 2020-03-24 18:36 - 2017-11-25 20:35 - 000009899 _____ C:\Users\Administrator.Apelele-PC\Desktop\womic.cat 2020-03-24 18:34 - 2020-03-24 18:34 - 000154177 _____ C:\Users\Administrator.Apelele-PC\Downloads\womic-driver-package.zip 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\2C0A 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0C0A 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0C04 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0816 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0804 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0424 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\041F 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\041E 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\041D 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\041B 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0419 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0416 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0415 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0414 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0413 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0412 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0411 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0410 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\040E 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\040D 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\040C 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\040B 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\040A 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0408 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0407 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0406 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0405 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0404 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Windows\system32\0401 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics 2020-03-24 18:12 - 2020-03-24 18:12 - 000000000 ____D C:\Program Files (x86)\Renesas Electronics 2020-03-24 18:11 - 2020-03-24 18:11 - 007087616 _____ (Lenovo Group Limited ) C:\Users\Administrator.Apelele-PC\Downloads\8ay210ww.exe 2020-03-24 17:27 - 2020-03-31 12:52 - 000003130 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler 2020-03-24 17:27 - 2020-03-31 12:52 - 000003122 _____ C:\Windows\system32\Tasks\Driver Booster Update 2020-03-24 17:27 - 2020-03-31 12:52 - 000002878 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Administrator) 2020-03-24 17:27 - 2020-03-24 17:43 - 000002234 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk 2020-03-24 17:27 - 2020-03-24 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7 2020-03-24 17:16 - 2020-03-24 17:16 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Roaming\Sun 2020-03-24 17:15 - 2020-03-24 17:15 - 000098288 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2020-03-24 17:15 - 2020-03-24 17:15 - 000000000 ____D C:\ProgramData\Oracle 2020-03-24 17:15 - 2020-03-24 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-03-24 07:30 - 2020-03-24 07:32 - 024820296 _____ (IObit ) C:\Users\Administrator.Apelele-PC\Downloads\driver_booster_setup.exe 2020-03-19 19:14 - 2020-03-19 19:16 - 081286148 _____ C:\Users\Administrator.Apelele-PC\Downloads\Avenue_5_-_S01E04_-_Unknown_c4660a4446fedb1515ccf33259ea9655.mp4 2020-03-19 18:16 - 2020-03-19 18:35 - 094591069 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E08_-_Ghost-Like_894a8f8d7b6858b5c8f918d4ce2a3e95.mp4 2020-03-19 18:12 - 2020-03-19 22:12 - 000000516 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2020-03-18 21:28 - 2020-03-19 06:33 - 100759381 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E07_-_Obsessed-Like_42fad2164fe30c32ccd6b1ff383cfe30.mp4 2020-03-18 21:13 - 2020-03-18 21:15 - 087964824 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E06_-_Ready-Like_bed707f2ecbf8f96255fd84543da58a1.mp4 2020-03-18 20:03 - 2020-03-18 20:05 - 095226776 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E05_-_High-Like_9d0c61e4d477c67d1b2a7ed35ee48e81.mp4 2020-03-18 19:30 - 2020-03-18 19:31 - 087081046 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E04_-_Fresh-Like_6188c69df05fdba4a9f8f17e1047ff3d.mp4 2020-03-17 22:03 - 2020-03-17 22:05 - 084369775 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E03_-_Backwards-Like_9643250c5e8bf21c975962bb17c88681.mp4 2020-03-17 21:14 - 2020-03-17 21:15 - 083880184 _____ C:\Users\Administrator.Apelele-PC\Downloads\Insecure_-_S03E02_-_Familiar-Like_bc42d6ecf8b8b6b0293f3be0ebee850f.mp4 2020-03-16 19:51 - 2020-03-16 19:53 - 072462101 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E10_-_Unknown_a3b48d9747a6fc1392db1464bcb221fa.webm 2020-03-16 19:12 - 2020-03-16 19:14 - 078259563 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E09_-_Unknown_a0fea85001f78a18d689c51db4fd471f.webm 2020-03-15 20:09 - 2020-03-15 20:10 - 068985381 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E08_-_Unknown_2e55a6d54626752df20bbd4d4c38a6a0.webm 2020-03-15 19:08 - 2020-03-15 19:10 - 088752054 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E07_-_Unknown_616a432768b6e4a9fee3e4dc92d6f584.webm 2020-03-15 16:09 - 2020-03-30 20:30 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-03-15 16:09 - 2020-03-25 21:15 - 000002828 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-03-15 16:09 - 2020-03-15 16:09 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-03-15 16:09 - 2020-03-15 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-03-15 16:08 - 2020-03-25 07:36 - 000000000 ____D C:\Program Files\CCleaner 2020-03-15 16:05 - 2020-03-15 16:06 - 022195200 _____ (Piriform Software Ltd) C:\Users\Administrator.Apelele-PC\Downloads\cctrialsetup.exe 2020-03-15 12:54 - 2020-03-15 13:11 - 272998917 _____ C:\Users\Administrator.Apelele-PC\Downloads\Love_and_other_Drugs__(2010)_BluRay_high_(fzmovies.net)_77848ffdc7205026ab3b6e4ce57850ef.mp4 2020-03-15 12:47 - 2020-03-15 12:49 - 088379434 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E06_-_Unknown_8b86ba73f2b27fafb9d82edbd9184ba1.webm 2020-03-14 20:00 - 2020-03-14 20:34 - 201744671 _____ C:\Users\Administrator.Apelele-PC\Downloads\They_Came_Together_(2014)_BluRay_high_(fzmovies.net)_81e938e7ffab4035f4e12bfdbb1467f7.mp4 2020-03-14 11:15 - 2020-03-14 20:07 - 075124487 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E05_-_Unknown_6db6f273356c2a09c895abe7e896adbe.webm 2020-03-13 19:36 - 2020-03-13 19:37 - 084684116 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E04_-_Unknown_26c7bd69ee21a7cd49107a6c2e083d49.webm 2020-03-12 21:26 - 2020-03-12 21:28 - 066713060 _____ C:\Users\Administrator.Apelele-PC\Downloads\Avenue_5_-_S01E03_-_Unknown_7a159d82309a8a0d3cf88dbc5f7eca20.webm 2020-03-12 21:25 - 2020-03-12 21:27 - 075977248 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E03_-_Unknown_3de912e8371531a21a44a393e024ff02.webm 2020-03-12 21:22 - 2020-03-12 21:29 - 291499773 _____ C:\Users\Administrator.Apelele-PC\Downloads\Do_the_Right_Thing_(1989)_BluRay_high_(fzmovies.net)_f57a91e3f4e56618058a2f546fedc94b.mp4 2020-03-12 20:16 - 2020-03-12 20:17 - 075250605 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E02_-_Unknown_9aa7949f58998c262e7934b0a1717e1c.webm 2020-03-12 19:38 - 2020-03-12 19:39 - 068306088 _____ C:\Users\Administrator.Apelele-PC\Downloads\Avenue_5_-_S01E02_-_Unknown_749c737184edc9f54bb8c33b01d2f508.webm 2020-03-12 07:47 - 2020-03-12 19:05 - 076194127 _____ C:\Users\Administrator.Apelele-PC\Downloads\Avenue_5_-_S01E01_-_Unknown_f5623a5b39e64abc90480489fc975589.webm 2020-03-12 07:35 - 2020-03-12 07:37 - 093464392 _____ C:\Users\Administrator.Apelele-PC\Downloads\High_Fidelity_-_S01E01_-_Unknown_95b5e646c752d7c3f9900129cb4c9180.webm 2020-03-09 19:28 - 2020-03-09 19:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-03-05 07:09 - 2020-03-05 07:10 - 001928352 _____ (Malwarebytes) C:\Users\Administrator.Apelele-PC\Downloads\MBSetup.exe 2020-03-05 07:05 - 2020-03-04 06:42 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2020-03-04 06:43 - 2020-03-04 06:42 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2020-03-04 06:43 - 2020-03-04 06:42 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2020-03-02 18:51 - 2020-03-31 12:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-03-02 18:51 - 2020-03-25 21:15 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-03-31 16:32 - 2017-12-15 18:07 - 000000000 ____D C:\Program Files (x86)\Celtx 2020-03-31 15:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2020-03-31 13:14 - 2009-07-14 06:45 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-03-31 13:14 - 2009-07-14 06:45 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-03-31 13:05 - 2015-03-25 16:41 - 000000000 ____D C:\Users\Apelele 2020-03-31 12:52 - 2019-11-17 16:28 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2020-03-31 12:49 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-03-29 18:00 - 2017-12-18 15:42 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Local\ElevatedDiagnostics 2020-03-29 11:32 - 2017-12-15 20:39 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Roaming\vlc 2020-03-28 19:15 - 2020-02-24 18:07 - 000000000 ____D C:\Program Files\HitmanPro 2020-03-28 19:13 - 2017-12-15 20:32 - 000000000 ____D C:\Users\Administrator.Apelele-PC\Downloads\SHAREit 2020-03-28 19:12 - 2019-08-18 17:22 - 000004008 _____ C:\Windows\system32\Tasks\WpsUpdateTask_Administrator 2020-03-28 09:58 - 2019-08-07 11:00 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Local\Vysor 2020-03-28 09:57 - 2018-11-01 17:10 - 000000000 ____D C:\Program Files (x86)\Shortcut Virus Remover 2020-03-26 17:40 - 2018-05-01 22:13 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\LocalLow\Mozilla 2020-03-25 21:15 - 2019-11-17 16:30 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2020-03-25 21:15 - 2015-06-14 14:15 - 000003694 _____ C:\Windows\system32\Tasks\Adobe Reader and Acrobat Manager 2020-03-25 21:15 - 2015-06-14 14:15 - 000003616 _____ C:\Windows\system32\Tasks\Java(TM) Platform SE 6 U17 2020-03-25 21:15 - 2015-03-25 17:55 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-25 21:15 - 2015-03-25 17:55 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-25 21:15 - 2015-03-25 16:47 - 000003712 _____ C:\Windows\system32\Tasks\RecoveryCDWin7 2020-03-25 21:15 - 2015-03-25 16:47 - 000003412 _____ C:\Windows\system32\Tasks\ServicePlan 2020-03-24 18:14 - 2010-04-10 22:12 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information 2020-03-24 18:12 - 2009-07-14 07:37 - 000000000 ____D C:\Windows\system32\0409 2020-03-24 18:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-03-24 17:29 - 2019-08-16 15:53 - 000000000 ____D C:\ProgramData\ProductData 2020-03-24 17:29 - 2019-08-16 15:53 - 000000000 ____D C:\ProgramData\IObit 2020-03-24 17:17 - 2019-12-30 12:40 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-03-24 17:17 - 2010-04-11 00:47 - 000000000 ____D C:\Program Files\Java 2020-03-24 17:17 - 2010-04-11 00:47 - 000000000 ____D C:\Program Files (x86)\Java 2020-03-24 17:15 - 2010-04-11 00:47 - 000299504 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2020-03-24 17:10 - 2019-08-02 20:57 - 000000948 _____ C:\Users\Public\Desktop\Bandicam.lnk 2020-03-24 07:39 - 2019-08-02 20:57 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1 2020-03-24 07:39 - 2019-08-02 20:57 - 000000000 ____D C:\Program Files (x86)\Bandicam 2020-03-20 07:31 - 2019-08-16 10:50 - 000000000 ____D C:\ProgramData\AVAST Software 2020-03-19 18:42 - 2019-11-17 16:40 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2020-03-19 18:42 - 2019-11-17 16:40 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon) 2020-03-19 18:42 - 2019-11-17 16:40 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2020-03-19 18:42 - 2019-11-17 16:40 - 000002346 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2020-03-18 20:08 - 2015-03-25 18:06 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-18 20:08 - 2015-03-25 18:06 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-03-17 21:43 - 2018-03-05 18:51 - 000000364 _____ C:\Windows\Tasks\HPCeeScheduleForAdministrator.job 2020-03-15 16:54 - 2018-04-26 10:21 - 000000000 ____D C:\Users\Administrator.Apelele-PC\Documents\Sean Wedding 2020-03-15 16:23 - 2017-12-20 11:32 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Local\CrashDumps 2020-03-15 16:23 - 2017-12-15 18:14 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Roaming\uTorrent 2020-03-15 16:12 - 2020-02-20 18:59 - 000003248 _____ C:\Windows\system32\Tasks\{A506F9F2-E014-4891-96D9-AFC53FA6EED2} 2020-03-15 16:12 - 2019-11-17 16:38 - 000003372 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA 2020-03-15 16:12 - 2019-11-17 16:38 - 000003244 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore 2020-03-15 16:12 - 2019-11-16 12:52 - 000000000 ____D C:\Windows\pss 2020-03-15 16:12 - 2018-11-01 16:52 - 000003184 _____ C:\Windows\system32\Tasks\smadav 2020-03-15 16:12 - 2018-03-19 18:28 - 000003524 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-Apelele-PC-Administrator 2020-03-15 16:12 - 2018-03-05 18:51 - 000003236 _____ C:\Windows\system32\Tasks\HPCeeScheduleForAdministrator 2020-03-15 16:12 - 2018-02-17 15:22 - 000003726 _____ C:\Windows\system32\Tasks\Registration 2020-03-14 08:05 - 2017-12-17 19:02 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Local\Adobe 2020-03-12 21:07 - 2018-11-01 16:52 - 000000000 ____D C:\Users\Administrator.Apelele-PC\AppData\Roaming\Smadav 2020-03-11 07:42 - 2020-02-25 06:02 - 000000000 _____ C:\Windows\system32\last.dump 2020-03-11 07:25 - 2019-11-17 16:25 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2020-03-05 06:51 - 2019-11-17 16:34 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2020-03-04 06:42 - 2019-11-17 16:25 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2020-03-04 06:42 - 2019-11-17 16:25 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys ==================== Files in the root of some directories ======== 2018-02-19 16:32 - 2018-02-19 16:32 - 000000479 _____ () C:\Program Files (x86)\02201816320927.bat 2018-09-29 11:56 - 2018-09-29 11:56 - 000000000 _____ () C:\Users\Administrator.Apelele-PC\AppData\Local\oobelibMkey.log 2018-08-04 10:56 - 2018-08-04 10:56 - 000000017 _____ () C:\Users\Administrator.Apelele-PC\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-03-28 14:44 ==================== End of FRST.txt ======================== Addition.txt
  3. Good Day, I need help removing a cloudnet virus that keeps coming back which I have been attempting to remove for months but it keeps returning. I have been using MalwareBytes which detects the 8 infected files every time it scans after a reboot and have tried using other software such as HitmanPro but the virus keeps coming back. I recently saw a thread where somebody used something called FRST fixlist to fix such malware and wanted to know how it could be done and if I can do it as a beginner? Scan Results.txt
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.