Jump to content

Recommended Posts

I've installed Malwarebytes but It's not detecting the malware. While browsing On IE, Google Chrome, and Firefox, I randomly get redirected to unknown sites especially Deloton. I even tried other softwares like Hitman, AdwCleaner and few more. My mobile is also affected with the same malware- I even restored it completely but still.

I tried almost everything like I checked if there is unwanted extensions/programs, scheduled tasks or browsers' properties to see if the URL is being changed from google.com to something else. I even did Windows by formatting every drive but still it didn't go (In old window, malwarebytes was at least showing malware, although it used to show and say it has deleted the malware but it never happened). I've also checked the forum's thread earlier based on deloton virus and has done everything mentioned but still the malware not going.

 

P.S. Im already using Malwarebytes on mobile but it's also not detecting and malware. 

Screenshot_2.png

Screenshot_3.png

Link to post
Share on other sites

  • Root Admin

Hello @DeepakRana and :welcome:

Let me have you run the following please and we'll see about getting you fixed up.

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

Step 01 and step 02 are not working (not detecting the virus) so I followed the third step and here are the details of logs file being created.

FRST log file:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by Deepak (administrator) on DEEPAK-PC (11-01-2018 17:39:20)
Running from C:\Users\Deepak\Downloads
Loaded Profiles: Deepak (Available Profiles: Deepak)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Skillbrains) C:\Program Files\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(f.lux Software LLC) C:\Users\Deepak\AppData\Local\FluxSoftware\Flux\flux.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3322282323-1521124264-3092823622-1000\...\Run: [f.lux] => C:\Users\Deepak\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D9F0E7CB-1668-4D56-863E-20CC51A34CD1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3322282323-1521124264-3092823622-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2018-01-10] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-10] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: o1rqh4ku.default
FF ProfilePath: C:\Users\Deepak\AppData\Roaming\Mozilla\Firefox\Profiles\o1rqh4ku.default [2018-01-11]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-10] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default [2018-01-11]
CHR Extension: (Slides) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-01]
CHR Extension: (Docs) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-01]
CHR Extension: (Google Drive) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-01]
CHR Extension: (YouTube) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-01]
CHR Extension: (Flikover) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpchjdomogcnjcpiommjlhgmngalhppb [2018-01-10]
CHR Extension: (Sheets) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-01]
CHR Extension: (FlikoverTwo) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdgnchibkdnlcffkafniolmfiahehjh [2018-01-01]
CHR Extension: (Google Docs Offline) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-01]
CHR Extension: (Gmail) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-01]
CHR Extension: (Chrome Media Router) - C:\Users\Deepak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2016-05-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59896 2017-11-29] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [168376 2017-12-30] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [91576 2018-01-11] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40376 2018-01-11] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2018-01-11] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65824 2018-01-11] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-11 17:39 - 2018-01-11 17:41 - 000007934 _____ C:\Users\Deepak\Downloads\FRST.txt
2018-01-11 17:39 - 2018-01-11 17:39 - 000000000 ____D C:\FRST
2018-01-11 17:38 - 2018-01-11 17:38 - 001753600 _____ (Farbar) C:\Users\Deepak\Downloads\FRST.exe
2018-01-10 17:35 - 2018-01-10 17:35 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\BeamUsUp
2018-01-10 17:34 - 2018-01-10 17:34 - 000000000 ____D C:\Users\Deepak\AppData\LocalLow\Sun
2018-01-10 17:33 - 2018-01-10 17:33 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\Sun
2018-01-10 17:33 - 2018-01-10 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-10 17:33 - 2018-01-10 17:33 - 000000000 ____D C:\Program Files\Common Files\Java
2018-01-10 17:33 - 2018-01-10 17:32 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-01-10 17:32 - 2018-01-10 17:32 - 000000000 ____D C:\ProgramData\Oracle
2018-01-10 17:32 - 2018-01-10 17:32 - 000000000 ____D C:\Program Files\Java
2018-01-10 17:29 - 2018-01-10 17:29 - 001852992 _____ (Oracle Corporation) C:\Users\Deepak\Downloads\chromeinstall-8u151.exe
2018-01-10 17:27 - 2018-01-10 17:28 - 023652621 _____ (BeamUsUp) C:\Users\Deepak\Downloads\buu.exe
2018-01-09 10:33 - 2018-01-01 07:32 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001390080 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-09 10:33 - 2018-01-01 07:30 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:24 - 004013800 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-01-09 10:33 - 2018-01-01 07:24 - 003959016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-09 10:33 - 2018-01-01 07:24 - 001214184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-09 10:33 - 2018-01-01 07:24 - 000712936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-09 10:33 - 2018-01-01 07:24 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-09 10:33 - 2018-01-01 07:24 - 000198888 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-01-09 10:33 - 2018-01-01 07:24 - 000198888 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-09 10:33 - 2018-01-01 07:24 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-09 10:33 - 2018-01-01 07:24 - 000139496 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-01-09 10:33 - 2018-01-01 07:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-09 10:33 - 2018-01-01 07:24 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-09 10:33 - 2018-01-01 07:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-09 10:33 - 2018-01-01 07:20 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-09 10:33 - 2018-01-01 07:14 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-01-09 10:33 - 2018-01-01 07:13 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-09 10:33 - 2018-01-01 07:13 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-09 10:33 - 2018-01-01 07:13 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-09 10:33 - 2018-01-01 07:13 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-09 10:33 - 2018-01-01 07:13 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-09 10:33 - 2018-01-01 07:11 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-09 10:33 - 2018-01-01 07:10 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-09 10:33 - 2018-01-01 07:10 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-09 10:33 - 2018-01-01 07:10 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-09 10:33 - 2018-01-01 07:10 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-09 10:33 - 2018-01-01 07:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-09 10:33 - 2018-01-01 07:08 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-09 10:33 - 2018-01-01 07:07 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-09 10:33 - 2018-01-01 07:06 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-09 10:33 - 2018-01-01 07:06 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-09 10:33 - 2018-01-01 07:06 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-09 10:33 - 2018-01-01 07:05 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-09 10:33 - 2018-01-01 07:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-09 10:33 - 2018-01-01 07:05 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-09 10:33 - 2018-01-01 07:05 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-09 10:33 - 2018-01-01 07:05 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:05 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:05 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-09 10:33 - 2018-01-01 07:05 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-09 10:33 - 2017-12-30 12:12 - 000347328 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-09 10:33 - 2017-12-30 00:09 - 020274688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-09 10:33 - 2017-12-29 23:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-09 10:33 - 2017-12-29 23:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-09 10:33 - 2017-12-29 23:43 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-09 10:33 - 2017-12-29 23:43 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-09 10:33 - 2017-12-29 23:42 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-09 10:33 - 2017-12-29 23:42 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-09 10:33 - 2017-12-29 23:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-09 10:33 - 2017-12-29 23:39 - 002294272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-09 10:33 - 2017-12-29 23:36 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-09 10:33 - 2017-12-29 23:36 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-09 10:33 - 2017-12-29 23:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-09 10:33 - 2017-12-29 23:33 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-09 10:33 - 2017-12-29 23:33 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-09 10:33 - 2017-12-29 23:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-09 10:33 - 2017-12-29 23:33 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-09 10:33 - 2017-12-29 23:27 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-09 10:33 - 2017-12-29 23:25 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-09 10:33 - 2017-12-29 23:21 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-09 10:33 - 2017-12-29 23:20 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-09 10:33 - 2017-12-29 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-09 10:33 - 2017-12-29 23:17 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-09 10:33 - 2017-12-29 23:17 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-09 10:33 - 2017-12-29 23:16 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-09 10:33 - 2017-12-29 23:15 - 004508160 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-09 10:33 - 2017-12-29 23:14 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-09 10:33 - 2017-12-29 23:09 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-09 10:33 - 2017-12-29 23:08 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-09 10:33 - 2017-12-29 23:08 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-09 10:33 - 2017-12-29 23:07 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-09 10:33 - 2017-12-29 23:07 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-09 10:33 - 2017-12-29 23:06 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-09 10:33 - 2017-12-29 22:49 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-09 10:33 - 2017-12-29 22:45 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-09 10:33 - 2017-12-29 22:43 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-09 10:33 - 2017-12-21 11:57 - 000535656 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-09 10:33 - 2017-12-13 21:45 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-09 10:33 - 2017-12-13 21:41 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-09 10:33 - 2017-12-13 21:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-09 10:33 - 2017-12-13 21:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-09 10:33 - 2017-12-13 21:20 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-09 10:33 - 2017-12-05 22:38 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-09 10:33 - 2017-12-05 22:38 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-09 10:33 - 2017-12-05 21:20 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-09 10:33 - 2017-12-05 21:19 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-07 20:38 - 2018-01-07 20:43 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-07 20:36 - 2018-01-07 20:38 - 041329824 _____ (Microsoft Corporation) C:\Users\Deepak\Downloads\Windows-KB890830-V5.55.exe
2018-01-05 17:46 - 2018-01-05 17:46 - 000131072 ____N C:\Windows\Minidump\010518-15537-01.dmp
2018-01-03 22:21 - 2018-01-03 22:21 - 000131072 ____N C:\Windows\Minidump\010318-24492-01.dmp
2018-01-03 21:52 - 2018-01-03 21:52 - 000000000 ____D C:\Users\Deepak\AppData\Local\TeamViewer
2018-01-03 21:50 - 2018-01-03 22:27 - 000000000 ____D C:\Program Files\TeamViewer
2018-01-03 21:50 - 2018-01-03 21:50 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-01-03 21:50 - 2018-01-03 21:50 - 000000997 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-01-03 21:50 - 2018-01-03 21:50 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\TeamViewer
2018-01-03 21:48 - 2018-01-03 21:49 - 019315456 _____ (TeamViewer GmbH) C:\Users\Deepak\Downloads\TeamViewer_Setup.exe
2018-01-03 21:44 - 2018-01-09 19:51 - 000000000 ____D C:\Users\Deepak\Desktop\Songs
2018-01-02 11:26 - 2018-01-05 17:46 - 000000000 ____D C:\Windows\Minidump
2018-01-02 11:26 - 2018-01-02 11:26 - 000131072 ____N C:\Windows\Minidump\010218-19016-01.dmp
2018-01-01 09:59 - 2018-01-01 09:59 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\Google
2018-01-01 09:57 - 2018-01-09 10:38 - 000002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-01 09:57 - 2018-01-09 10:38 - 000002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-01 09:55 - 2018-01-01 10:07 - 000000000 ____D C:\Users\Deepak\AppData\Local\Google
2018-01-01 09:55 - 2018-01-01 09:57 - 000000000 ____D C:\Program Files\Google
2018-01-01 09:49 - 2018-01-01 09:50 - 001129816 _____ (Google Inc.) C:\Users\Deepak\Downloads\ChromeSetup.exe
2017-12-31 18:32 - 2018-01-01 09:44 - 000000000 ____D C:\Program Files\Zemana AntiMalware
2017-12-31 18:32 - 2017-12-31 19:05 - 000014077 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-12-31 18:32 - 2017-12-31 19:02 - 000028467 _____ C:\Windows\ZAM.krnl.trace
2017-12-31 18:32 - 2017-12-31 18:32 - 000000000 ____D C:\Users\Deepak\AppData\Local\Zemana
2017-12-31 18:30 - 2017-12-31 18:31 - 006625600 _____ (Zemana Ltd. ) C:\Users\Deepak\Downloads\Zemana.AntiMalware.Setup.exe
2017-12-31 18:17 - 2017-12-31 18:23 - 000000000 ____D C:\AdwCleaner
2017-12-31 18:12 - 2017-12-31 18:16 - 008198432 _____ (Malwarebytes) C:\Users\Deepak\Downloads\AdwCleaner.exe
2017-12-31 17:59 - 2017-12-31 17:59 - 000000000 ____D C:\Users\Deepak\Documents\Lightshot
2017-12-31 17:28 - 2017-12-31 18:00 - 000000000 ____D C:\Users\Deepak\Desktop\Images
2017-12-31 17:09 - 2017-12-31 17:09 - 000002089 _____ C:\Users\Deepak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-12-31 17:04 - 2017-12-31 17:04 - 000000000 ____D C:\Users\Deepak\AppData\Local\FluxSoftware
2017-12-31 17:03 - 2017-12-31 17:03 - 000766552 _____ C:\Users\Deepak\Downloads\flux-setup.exe
2017-12-31 16:21 - 2017-12-31 16:21 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-12-31 16:21 - 2017-12-31 16:21 - 000000000 ____D C:\Windows\system32\appraiser
2017-12-31 16:02 - 2017-04-28 04:20 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-12-31 15:55 - 2018-01-11 10:48 - 000000000 ____D C:\Users\Deepak\AppData\LocalLow\Mozilla
2017-12-31 15:55 - 2017-12-31 16:33 - 000000000 ____D C:\Users\Deepak\AppData\Local\Mozilla
2017-12-31 15:55 - 2017-12-31 15:55 - 000001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-31 15:55 - 2017-12-31 15:55 - 000001113 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-31 15:55 - 2017-12-31 15:55 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\Mozilla
2017-12-31 15:55 - 2017-12-31 15:55 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-31 15:55 - 2017-12-31 15:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-31 15:53 - 2017-12-31 15:53 - 000311232 _____ (Mozilla) C:\Users\Deepak\Downloads\Firefox Installer.exe
2017-12-31 15:18 - 2017-12-31 17:07 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-31 15:18 - 2017-12-31 15:18 - 000002021 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-12-31 15:17 - 2017-12-31 15:18 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-12-31 15:17 - 2017-12-31 15:17 - 000000000 ____D C:\Program Files\Adobe
2017-12-31 15:16 - 2017-12-31 16:42 - 000000000 ____D C:\ProgramData\Adobe
2017-12-31 15:09 - 2017-12-31 15:09 - 000000000 ____D C:\Users\Deepak\AppData\Local\ElevatedDiagnostics
2017-12-31 15:07 - 2017-12-31 15:08 - 000000000 ____D C:\Users\Deepak\AppData\Local\Deployment
2017-12-31 15:07 - 2017-12-31 15:07 - 000000000 ____D C:\Users\Deepak\AppData\Local\Apps\2.0
2017-12-31 14:59 - 2015-01-09 08:18 - 000635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2017-12-31 14:59 - 2015-01-09 08:18 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2017-12-31 14:59 - 2015-01-09 08:18 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2017-12-31 14:58 - 2016-05-11 20:49 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-12-31 14:57 - 2017-11-07 21:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-31 14:57 - 2017-11-04 20:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-31 14:57 - 2017-11-04 20:40 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-31 14:57 - 2017-11-02 20:41 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-31 14:57 - 2017-11-02 20:41 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-31 14:57 - 2017-11-02 20:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-31 14:57 - 2017-11-02 20:26 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-31 14:57 - 2017-10-18 07:25 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-12-31 14:57 - 2017-10-18 07:25 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-12-31 14:57 - 2017-10-17 04:16 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-31 14:57 - 2017-10-17 03:25 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-12-31 14:57 - 2017-10-12 06:07 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-12-31 14:57 - 2017-10-12 06:07 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-12-31 14:57 - 2017-10-12 05:56 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-12-31 14:57 - 2017-10-12 05:56 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-12-31 14:57 - 2017-10-12 05:55 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-12-31 14:57 - 2017-10-12 05:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-12-31 14:57 - 2017-10-12 05:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-12-31 14:57 - 2017-10-12 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-12-31 14:57 - 2017-10-12 05:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-12-31 14:57 - 2017-10-12 05:44 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-31 14:57 - 2017-10-12 05:44 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-12-31 14:57 - 2017-09-13 20:39 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-12-31 14:57 - 2017-09-13 20:39 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-12-31 14:57 - 2017-09-13 20:39 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-12-31 14:57 - 2017-09-13 20:39 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-12-31 14:57 - 2017-09-13 20:39 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-12-31 14:57 - 2017-09-13 20:39 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-12-31 14:57 - 2017-09-13 20:23 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-12-31 14:57 - 2017-09-08 20:39 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-12-31 14:57 - 2017-09-08 19:50 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-12-31 14:57 - 2017-09-08 19:50 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-12-31 14:57 - 2017-09-07 20:42 - 002755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-31 14:57 - 2017-09-07 18:35 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-31 14:57 - 2017-08-19 20:40 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-12-31 14:57 - 2017-08-19 20:40 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-12-31 14:57 - 2017-08-19 20:40 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-12-31 14:57 - 2017-08-19 20:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-12-31 14:57 - 2017-08-19 20:27 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-12-31 14:57 - 2017-08-19 20:27 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-12-31 14:57 - 2017-08-16 20:40 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-12-31 14:57 - 2017-08-14 23:05 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-12-31 14:57 - 2017-08-14 03:05 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-12-31 14:57 - 2017-08-14 03:00 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-12-31 14:57 - 2017-08-11 11:49 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-12-31 14:57 - 2017-08-11 11:49 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-12-31 14:57 - 2017-08-11 11:40 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-12-31 14:57 - 2017-08-11 11:39 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-12-31 14:57 - 2017-08-11 11:39 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-12-31 14:57 - 2017-08-11 11:39 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-12-31 14:57 - 2017-08-11 11:33 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-12-31 14:57 - 2017-08-11 11:25 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-12-31 14:57 - 2017-08-11 11:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-12-31 14:57 - 2017-07-29 20:20 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-12-31 14:57 - 2017-07-21 19:56 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2017-12-31 14:57 - 2017-07-21 19:56 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2017-12-31 14:57 - 2017-07-21 19:56 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2017-12-31 14:57 - 2017-07-21 19:56 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2017-12-31 14:57 - 2017-07-14 20:40 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-12-31 14:57 - 2017-07-14 20:20 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-12-31 14:57 - 2017-07-14 20:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-12-31 14:57 - 2017-07-08 20:49 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-12-31 14:57 - 2017-07-07 20:45 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-12-31 14:57 - 2017-07-07 20:40 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2017-12-31 14:57 - 2017-07-01 18:35 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2017-12-31 14:57 - 2017-06-13 03:59 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-12-31 14:57 - 2017-06-13 03:59 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-12-31 14:57 - 2017-06-13 03:59 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-12-31 14:57 - 2017-06-13 03:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-12-31 14:57 - 2017-06-13 03:36 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-12-31 14:57 - 2017-06-13 03:36 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-12-31 14:57 - 2017-06-13 03:36 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-12-31 14:57 - 2017-06-02 13:27 - 000497152 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-12-31 14:57 - 2017-05-30 10:09 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-12-31 14:57 - 2017-05-30 10:09 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-12-31 14:57 - 2017-05-30 10:09 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-12-31 14:57 - 2017-05-16 20:46 - 000730856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-12-31 14:57 - 2017-05-16 20:46 - 000218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-12-31 14:57 - 2017-05-16 20:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-12-31 14:57 - 2017-05-12 21:55 - 001251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-12-31 14:57 - 2017-05-12 21:55 - 000909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-12-31 14:57 - 2017-05-10 20:46 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-12-31 14:57 - 2017-05-10 20:42 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-12-31 14:57 - 2017-05-10 20:42 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-12-31 14:57 - 2017-05-10 20:40 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-12-31 14:57 - 2017-05-10 20:31 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-12-31 14:57 - 2017-05-10 20:30 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-12-31 14:57 - 2017-05-10 20:30 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-12-31 14:57 - 2017-05-10 20:30 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-12-31 14:57 - 2017-05-10 20:30 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-12-31 14:57 - 2017-05-10 20:30 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-12-31 14:57 - 2017-05-10 20:30 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-12-31 14:57 - 2017-05-10 20:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-12-31 14:57 - 2017-05-07 20:44 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-12-31 14:57 - 2017-05-07 20:23 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-12-31 14:57 - 2017-04-21 20:45 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-12-31 14:57 - 2017-04-17 20:42 - 000581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-12-31 14:57 - 2017-04-12 20:56 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-12-31 14:57 - 2017-04-12 20:55 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-12-31 14:57 - 2017-04-12 20:55 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-12-31 14:57 - 2017-04-12 20:55 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-12-31 14:57 - 2017-04-04 20:22 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-12-31 14:57 - 2017-03-30 20:28 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-12-31 14:57 - 2017-03-10 21:50 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-12-31 14:57 - 2017-03-10 21:50 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-12-31 14:57 - 2017-03-10 21:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-12-31 14:57 - 2017-03-10 21:21 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-12-31 14:57 - 2017-03-10 21:21 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-12-31 14:57 - 2017-03-07 21:47 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-12-31 14:57 - 2017-03-07 20:36 - 002746880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-12-31 14:57 - 2017-03-07 20:36 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-12-31 14:57 - 2017-03-07 20:36 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-12-31 14:57 - 2017-03-04 06:44 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-12-31 14:57 - 2017-03-04 06:44 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-12-31 14:57 - 2017-02-09 21:44 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-12-31 14:57 - 2017-02-09 21:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-12-31 14:57 - 2017-01-11 23:13 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-12-31 14:57 - 2017-01-11 23:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-12-31 14:54 - 2016-08-29 20:25 - 002972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-12-31 14:54 - 2016-07-22 20:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-12-31 14:53 - 2015-07-22 23:23 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-12-31 14:53 - 2015-05-25 23:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-12-31 14:53 - 2015-05-25 23:30 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-12-31 14:53 - 2015-05-25 23:30 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-12-31 14:53 - 2015-05-25 23:30 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-12-31 14:53 - 2015-05-25 23:30 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-12-31 14:53 - 2015-05-25 23:30 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-12-31 14:52 - 2016-02-06 00:14 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-12-31 14:52 - 2016-02-05 23:03 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-12-31 14:52 - 2015-06-04 01:52 - 000355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-12-31 14:45 - 2017-10-18 07:46 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-12-31 14:45 - 2017-10-18 07:41 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-12-31 14:45 - 2017-10-16 03:34 - 000313184 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-12-31 14:45 - 2017-10-04 18:34 - 001321472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 000509440 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-12-31 14:45 - 2017-10-04 18:34 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-12-31 14:44 - 2016-05-11 20:49 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-12-31 14:44 - 2016-05-11 20:49 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-12-31 14:44 - 2016-05-11 20:49 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-12-31 04:57 - 2017-12-31 04:57 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-12-31 04:57 - 2017-12-31 04:57 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-12-31 04:56 - 2017-12-31 04:56 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-12-31 04:51 - 2017-12-31 04:51 - 000008192 __RSH C:\BOOTSECT.BAK
2017-12-31 04:51 - 2017-12-30 15:32 - 000000000 ____D C:\Windows\Panther
2017-12-31 04:51 - 2016-10-17 00:12 - 000399860 __RSH C:\bootmgr
2017-12-30 16:00 - 2017-12-30 16:00 - 000000000 ____D C:\Users\Deepak\AppData\Local\CEF
2017-12-30 15:59 - 2017-12-30 15:59 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-30 15:58 - 2017-12-30 15:58 - 001142072 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-12-30 15:51 - 2018-01-11 17:40 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-12-30 15:51 - 2018-01-11 17:33 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-30 15:51 - 2018-01-11 17:33 - 000091576 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-12-30 15:51 - 2018-01-11 17:33 - 000040376 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-12-30 15:51 - 2017-12-30 15:51 - 000168376 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-12-30 15:51 - 2017-12-30 15:51 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-30 15:51 - 2017-12-30 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-30 15:51 - 2017-12-30 15:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-30 15:51 - 2017-12-30 15:51 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-30 15:51 - 2017-11-29 09:11 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
2017-12-30 15:47 - 2018-01-11 11:30 - 000000378 _____ C:\Windows\Tasks\update-S-1-5-21-3322282323-1521124264-3092823622-1000.job
2017-12-30 15:47 - 2018-01-10 20:30 - 000000378 _____ C:\Windows\Tasks\update-sys.job
2017-12-30 15:47 - 2018-01-01 09:44 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-30 15:47 - 2017-12-30 15:50 - 083316440 _____ (Malwarebytes ) C:\Users\Deepak\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-30 15:47 - 2017-12-30 15:47 - 007172032 _____ (AVAST Software) C:\Users\Deepak\Downloads\avast_free_antivirus_setup_online.exe
2017-12-30 15:47 - 2017-12-30 15:47 - 002731128 _____ (Skillbrains ) C:\Users\Deepak\Downloads\setup-lightshot.exe
2017-12-30 15:47 - 2017-12-30 15:47 - 000000413 _____ C:\Users\Deepak\AppData\Local\UserProducts.xml
2017-12-30 15:47 - 2017-12-30 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-12-30 15:47 - 2017-12-30 15:47 - 000000000 ____D C:\Program Files\Skillbrains
2017-12-30 15:33 - 2018-01-03 22:22 - 000058016 _____ C:\Users\Deepak\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-30 15:33 - 2017-12-30 15:33 - 000001429 _____ C:\Users\Deepak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-12-30 15:33 - 2017-12-30 15:33 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\Adobe
2017-12-30 15:32 - 2017-12-31 18:46 - 000000000 ____D C:\Users\Deepak
2017-12-30 15:32 - 2017-12-30 15:32 - 000000020 ___SH C:\Users\Deepak\ntuser.ini
2017-12-30 15:32 - 2017-12-30 15:32 - 000000000 ____D C:\Users\Deepak\AppData\Local\VirtualStore
2017-12-30 15:32 - 2011-04-12 07:54 - 000000000 ____D C:\Users\Deepak\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-11 17:38 - 2016-05-16 01:53 - 002104488 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-11 17:38 - 2016-04-19 03:44 - 000712990 _____ C:\Windows\system32\perfh00C.dat
2018-01-11 17:38 - 2016-04-19 03:44 - 000451526 _____ C:\Windows\system32\perfh001.dat
2018-01-11 17:38 - 2016-04-19 03:44 - 000135864 _____ C:\Windows\system32\perfc00C.dat
2018-01-11 17:38 - 2016-04-19 03:44 - 000083124 _____ C:\Windows\system32\perfc001.dat
2018-01-11 17:38 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\inf
2018-01-11 17:33 - 2009-07-14 10:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-11 11:33 - 2009-07-14 10:04 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-11 11:33 - 2009-07-14 10:04 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-09 16:56 - 2009-07-14 10:03 - 000269104 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-07 20:39 - 2014-02-14 13:52 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-01 12:43 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\rescache
2018-01-01 09:59 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\AppCompat
2017-12-31 16:21 - 2009-07-14 10:22 - 000000000 ____D C:\Program Files\DVD Maker
2017-12-31 16:21 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\tracing
2017-12-31 16:21 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\system32\Setup
2017-12-31 16:21 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\system32\migwiz
2017-12-31 16:21 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-12-31 04:57 - 2009-07-14 10:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-31 04:56 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\system32\sysprep
2017-12-31 04:53 - 2011-04-12 07:54 - 000000000 ____D C:\Windows\CSC
2017-12-31 04:51 - 2009-07-14 10:22 - 000032768 _____ C:\Windows\system32\config\BCD-Template
2017-12-30 15:43 - 2009-07-14 08:07 - 000000000 __RHD C:\Users\Public\Libraries

==================== Files in the root of some directories =======

2017-12-30 15:47 - 2017-12-30 15:47 - 000000003 _____ () C:\Users\Deepak\AppData\Local\updater.log
2017-12-30 15:47 - 2017-12-30 15:47 - 000000413 _____ () C:\Users\Deepak\AppData\Local\UserProducts.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-01 12:03

==================== End of FRST.txt ============================

 Addition Log File:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.01.2018
Ran by Deepak (11-01-2018 17:43:41)
Running from C:\Users\Deepak\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2017-12-30 10:02:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3322282323-1521124264-3092823622-500 - Administrator - Disabled)
Deepak (S-1-5-21-3322282323-1521124264-3092823622-1000 - Administrator - Enabled) => C:\Users\Deepak
Guest (S-1-5-21-3322282323-1521124264-3092823622-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3322282323-1521124264-3092823622-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
f.lux (HKU\S-1-5-21-3322282323-1521124264-3092823622-1000\...\Flux) (Version:  - f.lux Software LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Lightshot-5.4.0.35 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 57.0.3 (x86 en-US)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5F1D152E-5B6E-457F-B4BB-BD1B2ECDE130} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {6CE3F7F6-0918-45A3-8394-69604CB7960F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-01-01] (Google Inc.)
Task: {79A6699D-38EF-4E6B-A6A1-C92029468B09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-01-01] (Google Inc.)
Task: {A178B971-5F4C-44A6-A3F4-44898C0AEE9A} - System32\Tasks\update-S-1-5-21-3322282323-1521124264-3092823622-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {F5F46A10-A287-4508-8583-0414B40F4E0C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-3322282323-1521124264-3092823622-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-12-30 15:51 - 2017-11-29 09:11 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-30 15:51 - 2017-11-29 09:11 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-09 10:38 - 2018-01-03 14:26 - 002195800 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\swiftshader\libglesv2.dll
2018-01-09 10:38 - 2018-01-03 14:26 - 000111448 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2009-06-11 03:09 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3322282323-1521124264-3092823622-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Deepak\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D629F016-3026-41A5-A657-593D4962A42E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{15424507-2E6B-4002-9D9A-A724303E9930}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C8C429CA-E7BE-4EC2-A07B-19E303AA26D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E071DA2A-A7FC-4C70-8B4E-FB7CB36B999D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{A180B79C-B891-449F-9B9D-5338198DE437}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{42729533-0448-46FE-90CF-49011EFFF263}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FEA024F9-4E20-4743-BACA-0615A43E93D4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{197FDC1C-5FA1-4DF4-8213-8BF3F80FE6DD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

10-01-2018 11:12:02 Windows Update

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2018 05:33:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/11/2018 10:32:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/10/2018 07:49:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/10/2018 05:03:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/10/2018 09:58:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/10/2018 09:41:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2018 04:57:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2018 10:14:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2018 06:31:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/08/2018 09:12:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (01/10/2018 10:02:11 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (01/10/2018 09:57:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:55:54 AM on ‎1/‎10/‎2018 was unexpected.

Error: (01/09/2018 01:12:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.

Error: (01/06/2018 01:46:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} did not register with DCOM within the required timeout.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1

The details view of this entry contains further information.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0

The details view of this entry contains further information.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0

The details view of this entry contains further information.

Error: (01/05/2018 05:46:14 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000124 (0x00000000, 0x856b461c, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\010518-15537-01.dmp. Report Id: 010518-15537-01.

Error: (01/05/2018 05:46:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:44:45 PM on ‎1/‎5/‎2018 was unexpected.

Error: (01/03/2018 10:22:13 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1

The details view of this entry contains further information.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz
Percentage of memory in use: 77%
Total physical RAM: 1919.24 MB
Available physical RAM: 429.33 MB
Total Virtual: 3838.48 MB
Available Virtual: 1932.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:20.42 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:39.06 GB) (Free:38.92 GB) NTFS
Drive e: () (Fixed) (Total:70.92 GB) (Free:70.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 006E006E)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Link to post
Share on other sites

  • Root Admin

You still have Zemana AntiMalware drivers trying to load, but it looks like you don't have the product installed anymore. We should probably remove the reference to those drivers.

 

Let me have you reset your browsers back to default

Please visit each of the following sites and let's reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Microsoft Edge
How to Reset Microsoft Edge in Windows 10

Firefox
Click on Help / Troubleshooting Information then click on the Refresh Firefox button.

Chrome
Reset Chrome back to defaults to completely clear out issues with Chrome.

  • First, go to >> Google Sync << and sign into your account. Make sure you know your password as this will clear it from the browser.
  • Scroll down until you see the  reset_chrome_sync.png "reset sync" button to clear your data from the server and remove your passphrase.
  • Now, close all Chrome windows. Chrome cannot be running for the next step. If needed, print this information or use another browser to read the information.
  • Press the Windows key + R at the same time, to bring up the run dialog box.
    • run_command.png
  • Type in (or copy/paste) the following and press Enter:     %localappdata%\Google\Chrome\User Data\Default\
  1. Press Ctrl + A to select all the files and folders.
  2. Hold down Ctrl + A and click once on the files "Bookmarks" and "Bookmarks.bak". This will unselect them.
  3. With all the files selected (except for your Bookmarks), press the Delete key and click Yes to delete the files and folders.
  4. Example of all files and folders selected, except Bookmarks

chrome_files_folders.png

 

Restart your computer now and make sure there are no longer any redirects or other browser issues. 

 

 

You're also having some type of CPU/Hardware crash according to the logs which you should try to correct or you'll be losing data.

System errors:
=============
Error: (01/10/2018 10:02:11 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (01/10/2018 09:57:31 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:55:54 AM on ‎1/‎10/‎2018 was unexpected.

Error: (01/09/2018 01:12:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {ABC01078-F197-4B0B-ADBC-CFE684B39C82} did not register with DCOM within the required timeout.

Error: (01/06/2018 01:46:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} did not register with DCOM within the required timeout.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1

The details view of this entry contains further information.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0

The details view of this entry contains further information.

Error: (01/05/2018 05:46:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 0

The details view of this entry contains further information.

Error: (01/05/2018 05:46:14 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000124 (0x00000000, 0x856b461c, 0x00000000, 0x00000000). A dump was saved in: C:\Windows\Minidump\010518-15537-01.dmp. Report Id: 010518-15537-01.

Error: (01/05/2018 05:46:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:44:45 PM on ‎1/‎5/‎2018 was unexpected.

Error: (01/03/2018 10:22:13 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1

 

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.