Jump to content

My computer is messed up


Recommended Posts

Hey  fred_the here

My laptop has been acting real squirrelly (that's a word) for a while . . . it's getting to a backup and format level of unusability. I've tried looking for virus and malware but it always scans clean.  I downloaded frst64.  There is a ton of stuff whitelisted, is that good or a bad thing?

I  have no clue how to proceed other than to wipe it and do a clean install.  I tried the intel spectre and meltdown tools and it thinks there is no vulnerability.  I get lots of hard drive activity, spinning blue wheels, and latency.  I have scanned it with FRST64:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by Alan (administrator) on ALAN-PC (28-01-2019 19:08:52)
Running from C:\Users\Alan\Desktop
Loaded Profiles: Alan (Available Profiles: Alan)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Bin\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Bin\ccSvcHst.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_28_0_0_137_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2824792 2017-08-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKLM\...\Drivers32-x32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corp.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2012-07-20] (DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\Windows\system32\DPLic.dll [2012-07-20] (DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8236DD16-D046-4EB3-84E8-FB45C08412C2}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{F6EF8F56-21A2-4C3C-BDAA-0AB58861BE36}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-1379426161-382312327-1987013531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://wgntv.com/category/news/
HKU\S-1-5-21-1379426161-382312327-1987013531-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://xkcd.com/
SearchScopes: HKU\S-1-5-21-1379426161-382312327-1987013531-1000 -> DefaultScope {474A4DFD-2D0F-49DC-95E2-8E62F3DD3DCC} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1379426161-382312327-1987013531-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1379426161-382312327-1987013531-1000 -> {474A4DFD-2D0F-49DC-95E2-8E62F3DD3DCC} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2018-11-14] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-12-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-12-11] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\bin\IPS\IPSBHO.DLL [2016-07-21] (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2018-12-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2018-12-12] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2016-11-30] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-02-15] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-02-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-20] (Digital Persona, Inc.)
FF Plugin HKU\S-1-5-21-1379426161-382312327-1987013531-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Alan\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-09-12] (Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Profile 2 -> lp
CHR Session Restore: Profile 2 -> is enabled.
CHR Profile: C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default [2019-01-13]
CHR Extension: (Slides) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-28]
CHR Extension: (Docs) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-28]
CHR Extension: (Google Drive) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-15]
CHR Extension: (LibreOffice Editor) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdomjcpneblellajjhgfdlnmjfofflop [2017-02-21]
CHR Extension: (YouTube) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-15]
CHR Extension: (Adblock Plus) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-28]
CHR Extension: (Sheets) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-28]
CHR Extension: (Gmail) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-15]
CHR Extension: (Chrome Media Router) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-28]
CHR Profile: C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-13]
CHR Extension: (Google Slides) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-22]
CHR Extension: (Google Docs) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-22]
CHR Extension: (Google Drive) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-22]
CHR Extension: (LibreOffice Editor) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdomjcpneblellajjhgfdlnmjfofflop [2017-02-22]
CHR Extension: (YouTube) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-22]
CHR Extension: (Adblock Plus) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-22]
CHR Extension: (Google Sheets) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-22]
CHR Extension: (Gmail) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-22]
CHR Extension: (Chrome Media Router) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-22]
CHR Profile: C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-01-27]
CHR Extension: (Slides) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (LibreOffice Editor) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bdomjcpneblellajjhgfdlnmjfofflop [2018-03-15]
CHR Extension: (YouTube) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-13]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Session Buddy) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2018-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-27]
CHR Extension: (Sheets) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08]
CHR Extension: (Video Cutter) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2017-11-05]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2017-11-08]
CHR Extension: (Gmail) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-13]
CHR Profile: C:\Users\Alan\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-07-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
S2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-20] (DigitalPersona, Inc.)
S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
S4 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
S4 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-07] ()
S4 PanoptoRecorderService; C:\Program Files\Panopto\Recorder\Recorder.exe [1407696 2017-04-27] (Panopto, Inc)
S4 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [2764432 2018-07-09] (Impulse Point,LLC)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Bin\ccSvcHst.exe [152072 2016-07-21] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Bin64\snac64.exe [402216 2016-07-21] (Symantec Corporation)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-07-25] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-07] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Data\Definitions\BASHDefs\20190122.001\BHDrvx64.sys [1925104 2018-11-06] (Symantec Corporation)
R1 ccSettings_{0C4CC990-79E8-4AF1-BB5C-2490747676D5}; C:\Windows\System32\Drivers\SEP\0C011B5C\1964.105\x64\ccSetx64.sys [171128 2016-07-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2019-01-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2019-01-23] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Data\Definitions\IPSDefs\20190128.061\IDSvia64.sys [1305072 2018-10-10] (Symantec Corporation)
R3 johci; C:\Windows\system32\drivers\johci.sys [26200 2012-06-15] (JMicron Technology Corp.)
S3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [161408 2017-03-22] (Zemana Ltd.)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Data\Definitions\VirusDefs\20190128.002\ENG64.SYS [138832 2018-08-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.7004.6500.105\Data\Definitions\VirusDefs\20190128.002\EX64.SYS [2153040 2018-08-16] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-06-16] (Sunplus)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C011B5C\1964.105\x64\SRTSP64.SYS [899824 2016-07-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C011B5C\1964.105\x64\SRTSPX64.SYS [46320 2016-07-21] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\symefasi\0502010.007\symefasi.sys [1626360 2017-02-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [178392 2017-02-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C011B5C\1964.105\x64\Ironx64.SYS [270040 2016-07-21] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C011B5C\1964.105\x64\SYMNETS.SYS [602864 2016-07-21] (Symantec Corporation)
S3 pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 19:08 - 2019-01-28 19:10 - 000023340 _____ C:\Users\Alan\Desktop\FRST.txt
2019-01-28 19:08 - 2019-01-28 19:08 - 000000000 ____D C:\FRST
2019-01-28 19:03 - 2019-01-28 19:04 - 002428416 _____ (Farbar) C:\Users\Alan\Desktop\FRST64.exe
2019-01-26 20:45 - 2019-01-26 20:45 - 004406115 _____ C:\Users\Alan\Downloads\348171212-Assassin-s-Fate-50-Page-Friday-Final.pdf
2019-01-25 12:44 - 2019-01-25 12:44 - 000000000 __SHD C:\found.001
2019-01-25 11:47 - 2019-01-25 11:47 - 000001050 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2019-01-25 11:47 - 2019-01-25 11:47 - 000000000 ____D C:\Users\Alan\AppData\Roaming\MediaMonkey
2019-01-25 11:47 - 2019-01-25 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2019-01-25 11:47 - 2019-01-25 11:47 - 000000000 ____D C:\ProgramData\MediaMonkey
2019-01-25 11:47 - 2019-01-25 11:47 - 000000000 ____D C:\Program Files (x86)\MediaMonkey
2019-01-25 11:45 - 2019-01-25 11:46 - 016239744 _____ (Ventis Media Inc. ) C:\Users\Alan\Downloads\MediaMonkey_4.1.23.1881.exe
2019-01-23 19:09 - 2019-01-23 19:09 - 000035328 _____ (Microsoft Corporation) C:\Users\Alan\Downloads\sfc.exe
2019-01-23 19:09 - 2019-01-23 19:09 - 000032768 _____ (Microsoft Corporation) C:\Users\Alan\Downloads\sfc (1).exe
2019-01-21 19:38 - 2019-01-21 19:39 - 021330280 _____ (Hewlett-Packard Company ) C:\Users\Alan\Downloads\sp91622 (6).exe
2019-01-21 18:48 - 2019-01-21 18:49 - 000153578 _____ C:\TDSSKiller.2.8.16.0_21.01.2019_18.48.13_log.txt
2019-01-21 18:34 - 2019-01-21 18:39 - 000301380 _____ C:\Windows\ntbtlog.txt
2019-01-21 16:47 - 2019-01-21 16:48 - 082482456 _____ (Malwarebytes ) C:\Users\Alan\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8888.exe
2019-01-21 16:42 - 2019-01-21 16:42 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Alan\Downloads\tdsskiller.exe
2019-01-20 20:08 - 2019-01-20 20:09 - 000025852 _____ C:\Users\Alan\Documents\cc_20190120_200813_registry_backup_01-20-2019.reg
2019-01-20 12:53 - 2019-01-20 12:53 - 005455480 _____ (ESET) C:\Users\Alan\Downloads\eset_internet_security_live_installer (1).exe
2019-01-20 12:09 - 2019-01-20 12:09 - 007843840 _____ C:\Users\Alan\Downloads\81713608 (2).bin
2019-01-20 11:39 - 2019-01-20 11:40 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Alan\Downloads\esetonlinescanner_enu (3).exe
2019-01-20 09:03 - 2019-01-28 15:03 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForAlan.job
2019-01-20 09:03 - 2019-01-20 09:03 - 000003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAlan
2019-01-20 09:03 - 2019-01-20 09:03 - 000000000 ____D C:\Users\Alan\AppData\Local\HP_Inc
2019-01-14 15:15 - 2019-01-14 15:15 - 000313366 _____ C:\Users\Alan\Downloads\WindowsUpdate (2).diagcab
2019-01-13 21:34 - 2019-01-13 21:34 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Alan\Downloads\esetonlinescanner_enu (2).exe
2019-01-13 17:45 - 2019-01-13 17:46 - 005455480 _____ (ESET) C:\Users\Alan\Downloads\eset_internet_security_live_installer.exe
2019-01-13 16:39 - 2019-01-13 16:46 - 564744309 _____ C:\Users\Alan\Downloads\Windows6.1-KB947821-v34-x64 (4).msu
2019-01-13 16:39 - 2019-01-13 16:39 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Alan\Downloads\esetonlinescanner_enu (1).exe
2019-01-13 16:34 - 2019-01-13 16:35 - 000010932 _____ C:\Users\Alan\Documents\cc_20190113_163355_registry_backup_01-13-2019.reg
2019-01-13 12:17 - 2019-01-13 12:26 - 564744309 _____ C:\Users\Alan\Downloads\Windows6.1-KB947821-v34-x64 (3).msu
2019-01-13 12:00 - 2019-01-25 12:51 - 000000000 ____D C:\Windows\pss
2019-01-13 11:43 - 2019-01-13 11:48 - 564744309 _____ C:\Users\Alan\Downloads\Windows6.1-KB947821-v34-x64 (2).msu
2019-01-13 11:04 - 2019-01-13 11:04 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Alan\Downloads\esetonlinescanner_enu.exe
2019-01-13 11:04 - 2019-01-13 11:04 - 000000000 ____D C:\Users\Alan\AppData\Local\ESET
2019-01-13 02:16 - 2019-01-13 02:16 - 000000000 ____D C:\f50ae3cbc2c220127a9be95572a8
2019-01-12 16:52 - 2019-01-12 16:56 - 564744309 _____ C:\Users\Alan\Downloads\Windows6.1-KB947821-v34-x64 (1).msu
2019-01-12 16:27 - 2019-01-12 16:27 - 000000000 ____D C:\Users\Alan\AppData\Local\mbamtray
2019-01-12 16:27 - 2019-01-12 16:27 - 000000000 ____D C:\Users\Alan\AppData\Local\mbam
2019-01-12 16:21 - 2019-01-12 16:23 - 082227336 _____ (Malwarebytes ) C:\Users\Alan\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8728.exe
2019-01-12 16:18 - 2019-01-12 19:15 - 000000000 ____D C:\4e431206a5a31ac2e828d8d7f9a7cd
2019-01-12 16:17 - 2019-01-12 16:17 - 000000000 ____D C:\Windows\CheckSur
2019-01-12 16:15 - 2019-01-13 13:53 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-01-12 16:15 - 2019-01-12 16:15 - 000001815 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2019-01-12 16:15 - 2019-01-12 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-01-12 16:11 - 2019-01-12 16:12 - 037573728 _____ (SUPERAntiSpyware) C:\Users\Alan\Downloads\SUPERAntiSpyware (2).exe
2019-01-12 16:10 - 2019-01-12 16:14 - 564744309 _____ C:\Users\Alan\Downloads\Windows6.1-KB947821-v34-x64.msu
2019-01-12 15:52 - 2019-01-13 10:04 - 000000000 ____D C:\Windows\softwaredistribution.bak
2019-01-12 14:43 - 2019-01-12 14:43 - 000000000 ____D C:\ProgramData\HP Inc
2019-01-12 14:28 - 2013-01-17 23:27 - 000016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2019-01-12 14:27 - 2019-01-12 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-12 14:27 - 2019-01-12 14:27 - 000000000 ____D C:\Intel
2019-01-12 11:29 - 2019-01-12 19:20 - 001245281 ____H C:\Users\Alan\AppData\Local\IconCache.db.backup
2019-01-11 20:20 - 2019-01-11 20:21 - 000313366 _____ C:\Users\Alan\Downloads\WindowsUpdate (1).diagcab
2019-01-11 20:17 - 2019-01-11 20:17 - 000000000 ____D C:\Users\Alan\AppData\Local\ElevatedDiagnostics
2019-01-11 20:13 - 2019-01-11 20:13 - 000313366 _____ C:\Users\Alan\Downloads\WindowsUpdate.diagcab
2019-01-06 14:11 - 2019-01-06 14:12 - 000246284 _____ C:\Users\Alan\Downloads\4.4 Investigations (2).pdf
2019-01-06 13:23 - 2019-01-06 13:23 - 000300568 _____ C:\Users\Alan\Downloads\4.3 Investigations.pdf
2019-01-06 10:07 - 2019-01-06 10:07 - 000126820 _____ C:\Users\Alan\Downloads\2018 W4.pdf
2019-01-06 10:07 - 2019-01-06 10:07 - 000126820 _____ C:\Users\Alan\Downloads\2018 W4 (1).pdf
2019-01-05 18:36 - 2019-01-05 18:36 - 000256381 _____ C:\Users\Alan\Downloads\4.5 Investigations.pdf
2019-01-05 18:28 - 2019-01-05 18:28 - 000246284 _____ C:\Users\Alan\Downloads\4.4 Investigations (1).pdf
2019-01-05 17:46 - 2019-01-05 17:46 - 000246284 _____ C:\Users\Alan\Downloads\4.4 Investigations.pdf
2019-01-05 16:46 - 2019-01-05 16:46 - 013559266 _____ C:\Users\Alan\Downloads\Geometry_8_-_Skaczylo_-_2018_--Lesson_43_Exercises_submissions.zip
2019-01-05 15:17 - 2019-01-05 15:17 - 000119556 _____ C:\Users\Alan\Downloads\Lesson 3.8 Investigations-1.pdf
2019-01-05 15:17 - 2019-01-05 15:17 - 000119556 _____ C:\Users\Alan\Downloads\Lesson 3.8 Investigations-1 (1).pdf
2019-01-01 21:24 - 2019-01-01 21:25 - 008906168 _____ (Adobe Systems Incorporated) C:\Users\Alan\Downloads\ADE_4.5_Installer (1).exe
2019-01-01 21:23 - 2019-01-01 21:23 - 000001772 _____ C:\Users\Alan\Downloads\DragonKeeper9780061966149.acsm

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 07:45 - 2018-01-15 22:30 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-28 07:41 - 2009-07-13 22:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-28 07:41 - 2009-07-13 22:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-28 07:37 - 2017-05-09 13:49 - 000000000 ____D C:\Users\Alan\AppData\LocalLow\Adblock Plus for IE
2019-01-28 07:35 - 2017-02-15 22:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 07:35 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2019-01-28 07:34 - 2017-02-15 22:04 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-28 07:33 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-27 16:29 - 2017-02-22 11:10 - 000000000 ____D C:\Users\Alan\Documents\Natl Louis
2019-01-27 16:07 - 2017-04-14 10:15 - 000000000 ____D C:\Users\Alan\Documents\Alan
2019-01-25 12:46 - 2016-11-30 15:26 - 000000000 ____D C:\ProgramData\HPQLOG
2019-01-24 15:12 - 2016-11-30 14:38 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-01-23 21:54 - 2017-12-11 07:25 - 000000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2019-01-23 21:54 - 2017-12-11 07:25 - 000000000 ____D C:\Users\Alan\AppData\Local\Hewlett-Packard
2019-01-23 21:54 - 2016-11-30 14:44 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-01-23 21:54 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\Help
2019-01-20 20:21 - 2009-07-13 23:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-18 14:29 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\rescache
2019-01-17 18:13 - 2016-11-30 14:39 - 000774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-15 20:09 - 2017-04-08 20:22 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-15 20:09 - 2017-04-08 20:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-15 20:07 - 2017-04-08 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-13 10:36 - 2017-02-15 16:28 - 000000000 ____D C:\Users\Alan
2019-01-12 14:50 - 2016-11-30 14:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-12 14:31 - 2017-02-15 16:28 - 000000000 ____D C:\Users\Alan\AppData\Roaming\hpqlog
2019-01-12 14:28 - 2018-11-30 15:16 - 000000000 ____D C:\ProgramData\Intel
2019-01-12 14:28 - 2018-11-30 07:50 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-12 14:28 - 2018-11-18 19:00 - 000000000 ____D C:\Program Files\Intel
2019-01-12 14:27 - 2017-12-11 16:44 - 000000000 ____D C:\SWSETUP
2019-01-11 16:05 - 2017-03-20 17:13 - 000000803 _____ C:\Users\Alan\.powerschool_gradebook.properties
2019-01-10 09:55 - 2018-12-21 20:40 - 000000000 ____D C:\Users\Alan\Documents\Brooks math
2019-01-10 07:44 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\system32\NDF
2019-01-09 15:18 - 2016-11-30 13:18 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 15:15 - 2016-11-30 13:18 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-08 17:10 - 2017-08-28 10:00 - 000000000 ___RD C:\Users\Alan\Dropbox
2019-01-04 12:04 - 2018-10-27 08:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-03 11:52 - 2017-07-13 11:25 - 000000000 ____D C:\Users\Alan\Documents\My Digital Editions
2019-01-02 16:41 - 2017-02-15 16:57 - 000000000 ____D C:\Users\Alan\AppData\Local\Adobe
2019-01-01 21:38 - 2017-07-13 11:25 - 000002189 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2019-01-01 21:38 - 2017-02-15 16:28 - 000000000 ____D C:\Users\Alan\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2017-11-11 15:26 - 2017-11-11 15:33 - 000003584 _____ () C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-30 11:02 - 2017-12-30 11:02 - 000000000 _____ () C:\Users\Alan\AppData\Local\{56E92A25-112A-4737-837C-273B242CE010}
2017-12-28 23:56 - 2017-12-28 23:56 - 000000000 _____ () C:\Users\Alan\AppData\Local\{9119C357-396F-4ADA-B5B0-147BE8E836B0}
2017-12-26 18:55 - 2017-12-26 18:55 - 000000000 _____ () C:\Users\Alan\AppData\Local\{9709EDFD-878D-49F6-8523-407CF0455934}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-15 12:04

==================== End of FRST.txt ============================

any suggestions?

Addition_28-01-2019 19.11.30.txt

FRST_28-01-2019 19.11.30.txt

Link to post
Share on other sites

  • 1 month later...
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.