Jump to content

Possibly Infected


Recommended Posts

Hello All, I believe my Windows Dell Inspiron 7010 laptop is infected. Over the last day and a half the left side of it on the bottom between the keyboard and the fan gets so hot to the touch it almost burns my hand. It is not all the time, just sometimes and it will shut down and restart and be back to a normal warmth. I used CCleaner and cleaned everything, ran ATF Cleaner and TFC thinking that would fix it. I also cleared my Chrome history. I did a Disk Cleanup at 4 but have not been on here much to find out if that fixed it (it removed 14.5 mb). I also did a threat scan today and it found nothing wrong.

Earlier this afternoon it shut down and came back up with something about verifying the ac adapter is correct and plugged in correctly. I checked and that was fine but after that it did a
 

Checking file system of file C (below are the results)
The type of the file system is ntfs
one of your disks needs to be checked for consistency. You may cancel the disk check but it is strongly recommended that you continue. Windows will now check the disk.

chkdsk is verifying files: 1 of 3
1757 large file records processed
0 bad file records processed
2 ea records processed
44 reparse records processed

2 of 3
correcting error in index $I30 for file 122572  (this came up 3 times)
starting index $i30 in file 122572 recovering orphaned file 3B21F4~1548971 into directory 3b21f408-ff44-44-17-8Fe5-8db5A9691606 (548971) into 122522 
2 unindexed files scanned
recovering orphaned file index.txt (573228) into directory file 122572 
0 unindexed files recovered

3 of 3
chkdsk i verifying security descriptors
couldnt read before it went off the screen but no other errors were found i know that. 
 

I am going to run Super AntiSpyware again, it ran earlier but before it could finish it shut down again and had 635 files it was going to get rid of.

I have Microsoft security essentials that i did not run yet or the tweaking registry cleaner yet without advice from on this board.

Thank-you for any help on this matter.

Link to post
Share on other sites

2 hours ago, Captain_Obvious said:

Have you considered running an offline scanner? By doing that, the virus won't be able to interfere with the scan. Just be sure to create the bootable USB/DVD on a clean computer (not your infected computer).

I am unsure on how to even do that. I am going to run another threat scan tonight and post the logs.

When i did come back tonight, my SuperAnti Spyware did find 739 items and i removed that, but my keyboard would not work. I restarted the laptop and it still didn't work. I started pushing a few keys and it started to work in the K J area. Don't know if that could have something to do with this or not.

Link to post
Share on other sites

  • Root Admin

Please read the following and be careful following advice from untrained members.

 

 

Please run the following steps and post back the logs as an attachment when ready and we'll see what the logs have to say.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

Here is the text report 

It should be noted that the first scan it got to 12 minutes and the computer shut down and it was extremely hot. The fan was not going.

I waited about 2 minutes, restarted and did a scan and this is the report. The fan started up upon restart.

The fan has been loud at times in the past year like it is not balanced correctly.

 

malware.txt

Link to post
Share on other sites

  • Root Admin

Is this a Desktop computer? It's quite possible that you need to vacuum out or gently blow out some dust and dirt from the inside of the computer. That is a very common reason for overheating.

Please try to run the other scans and post back those logs too.

Thank you

 

Link to post
Share on other sites

8 hours ago, AdvancedSetup said:

Is this a Desktop computer? It's quite possible that you need to vacuum out or gently blow out some dust and dirt from the inside of the computer. That is a very common reason for overheating.

Please try to run the other scans and post back those logs too.

Thank you

 

It is actually a Dell Inspiron N7010 laptop. I did blow the dust out thinking that was the problem through the vent and the bottom grates. It seems when it runs with multiple applications it gets hot and the fan doesnt automatically kick in and run and it gets hot and shuts down. The fan, like i said in a previous post did seem off balance about 2 years now and sometimes vibrates and makes a loud noise. 

I ran a complete Microsoft Security Essentials scan with no threats found before I came here, also ran TFC, ATF and CCleaner as well and cleared browsing history.

Do you think I need to do a system restore or use the Tweaking Registry cleaner I downloaded from this forum on my previous computer issue? 

Where else should I use the air duster at besides the fan area and where it gets hot?

Link to post
Share on other sites

Ok after I posted, my fan was not moving on my laptop, it was getting hot so I tried restarting and it wouldnt restart, came up with this black screen saying

windows failed to start, a recent hardware or software change might be the cause.
 

then a blue screen came up :
windows is loading files
stop C00002E3 security
error 0XC0000189

I have screenshot the blue screen report and attached it to this post. It did install windows updates though.

 

bluescreen.jpg

Link to post
Share on other sites

  • Root Admin

Sorry to hear. Though often one can remove the bottom cover of a laptop pretty easy, it is also easy to damage the laptop if you're not careful. 

If you think you're up to it you could download the owners manual: https://downloads.dell.com/manuals/all-products/esuprt_laptop/esuprt_inspiron_laptop/inspiron-17-n7010_service manual_en-us.pdf

Then see if you're comfortable opening it and trying to clean the fan area. If not then maybe ask a local shop how much to do general dust/dirt clean up for you.

 

Link to post
Share on other sites

7 hours ago, AdvancedSetup said:

Sorry to hear. Though often one can remove the bottom cover of a laptop pretty easy, it is also easy to damage the laptop if you're not careful. 

If you think you're up to it you could download the owners manual: https://downloads.dell.com/manuals/all-products/esuprt_laptop/esuprt_inspiron_laptop/inspiron-17-n7010_service manual_en-us.pdf

Then see if you're comfortable opening it and trying to clean the fan area. If not then maybe ask a local shop how much to do general dust/dirt clean up for you.

 

I think I have taken it apart before to clean it. Do you think my neighbor who is good with computers could do it? He works with computers during his normal work but he is out of town for work right now, that is why I came here and also because I trust the services here. 

D you think it is malware making my hard drive run so hard that it overheats and shuts down?

What about a system restore or the tweaking registry cleaner - do you think I need to do this?

Link to post
Share on other sites

  • Root Admin

Not sure yet if you're infected. Would need to get some other logs but since the computer keeps shutting down that makes it difficult. 

Yes, I'd wait for your neighbor and when he gets back to see if he can take a look for you to see what might be causing it to overheat.

If it's more than a few days we may close this topic, but just send me a private message and I can reopen it.

Cheers

Ron

 

Link to post
Share on other sites

15 hours ago, AdvancedSetup said:

Not sure yet if you're infected. Would need to get some other logs but since the computer keeps shutting down that makes it difficult. 

Yes, I'd wait for your neighbor and when he gets back to see if he can take a look for you to see what might be causing it to overheat.

If it's more than a few days we may close this topic, but just send me a private message and I can reopen it.

Cheers

Ron

 

Hello Ron,   I talked to my neighbor because he came home yesterday. He is going to take it apart with me but is pretty sure it is the fan that is going bad and not cooling the unit since it only shuts down when the fan does not run. If the fan runs it doesn't shut down. For a few months the fan has made noise like it was unbalanced. He told me to look for a fan because without looking at it, he was not sure if it was a universal fan or a special DELL only fan. I looked up a fan and found a few and I think they are universal but unsure. We are going to look tonight, if its a special order then we will order one and try that. He said his sons laptop had the same issue and that fixed it.

Link to post
Share on other sites

1 hour ago, AdvancedSetup said:

Sounds good. Keep me posted. I'll keep your topic open a few more days and wait for your reply.

Thanks

 

When you replied, I was at my neighbors, took the computer apart, he took the fan out, the other one he had isn't the same so he ordered one off amazon prime and it will be here Sunday. He is pretty sure it is the fan because when you turn the fan it doesn't spin freely. It only spins as far as you can move it with your finger. I will advise you when we get it back up and running.

Link to post
Share on other sites

On 3/16/2019 at 12:50 AM, AdvancedSetup said:

Will wait. Let me know when ready to work on it again

Ron

 

Hi Ron, The computer is back with a new fan, it has not shut down since the new fan has been installed. My neighbor also updated bios on it. I am going to run Super AntiSpyware tonight

Link to post
Share on other sites

  • Root Admin

Great, hopefully, that corrected the issue and you won't see that again.

Let's go ahead and get all new scans and logs to see what we can find.

 

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, please click Clean & Repair.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

 

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

Updated malwarebytes scan. Also did the adw cleaner. I will do the Farbar later this evening.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-19-2019
# Duration: 00:00:07
# OS:       Windows 7 Professional
# Cleaned:  67
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Conduit
Deleted       C:\Program Files (x86)\Common Files\Tencent
Deleted       C:\Users\Jason\AppData\Roaming\Tencent
Deleted       C:\Users\Public\Documents\Tencent
Deleted       C:\Users\Jason\AppData\LocalLow\HPAppData
Deleted       C:\ProgramData\EmailNotifier
Deleted       C:\Users\Jason\AppData\Local\SwvUpdater
Deleted       C:\Program Files (x86)\Coupons
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted       C:\Windows\System32\LavasoftTcpService64.dll
Deleted       C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted       C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted       C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted       C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\AppDataLow\Software\Conduit
Deleted       HKLM\Software\Wow6432Node\Conduit
Deleted       HKCU\Software\AppDataLow\Software\Smartbar
Deleted       HKCU\Software\Yahoo\YFriendsBar
Deleted       HKCU\Software\AppDataLow\Software\Yahoo\Companion
Deleted       HKCU\Software\Yahoo\Companion
Deleted       HKLM\Software\Wow6432Node\Yahoo\Companion
Deleted       HKLM\Software\Wow6432Node\Email Notifier
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\DownloadProxy.EXE
Deleted       HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
Deleted       HKLM\Software\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
Deleted       HKLM\Software\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
Deleted       HKLM\Software\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
Deleted       HKLM\Software\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
Deleted       HKLM\Software\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted       HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Not Deleted   HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{D8278076-BC68-4484-9233-6E7F1628B56C}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted       HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted       HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{63C825A4-1715-487D-923C-B2C37FE2034D}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{ED7DB262-4273-4168-A5BE-EAD6AA4B4B6C}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0BFDFDCB-07A9-4514-8107-181045C5ED1E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D0968209-123E-46B0-9CFD-8977BA124CFC}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2A95CCA9-1411-406F-9992-099BF56FB33C}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3E7E8793-4B52-416C-90DA-CC218D7EEE25}
Deleted       HKLM\Software\Classes\METNSD
Deleted       HKLM\Software\Classes\Sample.YTBPartnerSample
Deleted       HKLM\Software\Classes\Sample.BrowserHandler
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe
Deleted       HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted       HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8062 octets] - [19/03/2019 12:37:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

malware.txt

Edited by fireman5214
Link to post
Share on other sites

There was a checkmark at addition but I unclicked it because I have not run farbar before but I am not sure where to find addition unless it was supposed to stay checked at addition? Here is the FRST report
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Jason (administrator) on JASON-PC (19-03-2019 15:50:02)
Running from C:\Users\Jason\Downloads
Loaded Profiles: Jason (Available Profiles: Jason)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Mobile Wireless Group -> ) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\pcdrwi.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [Yahoo Messenger Updater] => C:\Users\Jason\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115144 2016-08-20] (Yahoo! Inc. -> Yahoo!, Inc.)
HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [Google Update] => C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc -> Google Inc.)
HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\MountPoints2: {718ade95-c8cf-11e2-b8e8-806e6f6e6963} - D:\autoRcd.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-05-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{33986A70-BF88-4A33-84FC-A64FC9B2D145}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97935873-5C3A-4108-8369-5B2A9A2A6417}: [NameServer] 0.0.0.0
Tcpip\..\Interfaces\{F22E2E44-18E0-468B-A226-3DA8887BF327}: [DhcpNameServer] 208.59.247.45 208.59.247.46

Internet Explorer:
==================
HKU\S-1-5-21-3223599084-419352820-2031559519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/epawawx/?fref=ts&ref=br_tf
URLSearchHook: HKU\S-1-5-21-3223599084-419352820-2031559519-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {A3B9F228-7740-4815-9302-D9BBB1DF3587} URL = 
SearchScopes: HKU\S-1-5-21-3223599084-419352820-2031559519-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Company -> Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-30] [Legacy] [not signed]
FF HKU\S-1-5-21-3223599084-419352820-2031559519-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [No File]
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @talk.google.com/O1DPlugin -> C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-3223599084-419352820-2031559519-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Jason\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2018-10-02]
FF Plugin ProgramFiles/Appdata: C:\Users\Jason\AppData\Roaming\mozilla\plugins\npo1d.dll [2018-10-02]

Chrome: 
=======
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default [2019-03-19]
CHR Extension: (Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-25]
CHR Extension: (Sheets) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Cisco Webex Extension) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-05]
CHR Extension: (Wikibuy) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2019-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-06]
CHR Profile: C:\Users\Jason\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1466\DSAPI.exe [1035072 2019-03-15] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] (Intel Corporation - Mobile Wireless Group -> )
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39384 2018-12-12] (Dell Inc. -> Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2018-10-20] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2018-10-20] (Techporch Incorporated -> Dell Computer Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [79592 2013-07-25] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [86376 2013-07-25] (Future Technology Devices International Ltd -> FTDI Ltd.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12311904 2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [158976 2010-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [287232 2010-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [76912 2011-03-23] (Atheros Communications Inc. -> Atheros Communications, Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (ManyCam LLC -> Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7680512 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 aswbdisk; no ImagePath
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-19 15:50 - 2019-03-19 15:54 - 000023984 _____ C:\Users\Jason\Downloads\FRST.txt
2019-03-19 15:48 - 2019-03-19 15:48 - 002434048 _____ (Farbar) C:\Users\Jason\Downloads\FRST64.exe
2019-03-19 12:35 - 2019-03-19 12:38 - 000000000 ____D C:\AdwCleaner
2019-03-19 12:33 - 2019-03-19 12:34 - 007316688 _____ (Malwarebytes) C:\Users\Jason\Downloads\adwcleaner_7.2.7.0.exe
2019-03-17 16:06 - 2019-03-17 16:06 - 000000000 _____ C:\Users\Jason\AppData\Local\{0F538F10-5147-4870-A655-C72CFB3FC1A4}
2019-03-15 19:35 - 2019-03-15 19:35 - 002608120 _____ C:\Users\Jason\Downloads\R255577.exe
2019-03-15 19:20 - 2019-03-15 19:20 - 003039640 _____ C:\Users\Jason\Downloads\R301250.exe
2019-03-15 19:19 - 2019-03-15 19:19 - 000002119 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2019-03-15 19:18 - 2019-03-15 19:18 - 000003812 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-03-15 19:18 - 2019-03-15 19:18 - 000000000 ____D C:\Users\Jason\AppData\Local\Dell Inc
2019-03-15 19:18 - 2019-03-15 19:18 - 000000000 ____D C:\ProgramData\SupportAssist
2019-03-15 19:17 - 2019-03-15 19:17 - 000391200 _____ (Dell Inc.) C:\Users\Jason\Downloads\SupportAssistLauncher.exe
2019-03-14 15:13 - 2019-03-15 08:34 - 000000000 ____D C:\Users\Jason\AppData\Local\Adobe
2019-03-12 14:25 - 2019-02-16 01:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-12 14:25 - 2019-02-16 01:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-12 14:25 - 2019-02-10 12:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-12 14:25 - 2019-02-10 12:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-12 14:25 - 2019-02-10 12:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-12 14:25 - 2019-02-10 12:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-12 14:25 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-12 14:25 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-12 14:25 - 2019-02-10 12:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-12 14:25 - 2019-02-10 12:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-12 14:25 - 2019-02-10 12:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-12 14:25 - 2019-02-10 12:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-12 14:25 - 2019-02-10 12:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-12 14:25 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-12 14:25 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-12 14:25 - 2019-02-10 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-12 14:25 - 2019-02-10 12:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-12 14:25 - 2019-02-10 12:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-12 14:25 - 2019-02-10 12:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-12 14:25 - 2019-02-10 12:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-12 14:25 - 2019-02-10 12:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-12 14:25 - 2019-02-10 11:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-12 14:25 - 2019-02-10 11:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-12 14:25 - 2019-02-10 11:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-12 14:25 - 2019-02-10 11:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-12 14:25 - 2019-02-10 11:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-12 14:24 - 2019-02-26 18:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-12 14:24 - 2019-02-26 17:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-12 14:24 - 2019-02-26 03:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-12 14:24 - 2019-02-26 03:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-12 14:24 - 2019-02-26 03:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-12 14:24 - 2019-02-26 03:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-12 14:24 - 2019-02-26 03:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-12 14:24 - 2019-02-26 03:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-12 14:24 - 2019-02-26 03:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-12 14:24 - 2019-02-26 03:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-12 14:24 - 2019-02-26 03:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-12 14:24 - 2019-02-26 03:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-12 14:24 - 2019-02-26 03:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-12 14:24 - 2019-02-26 03:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-12 14:24 - 2019-02-26 03:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-12 14:24 - 2019-02-26 03:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-12 14:24 - 2019-02-26 03:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-12 14:24 - 2019-02-26 03:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-12 14:24 - 2019-02-26 03:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-12 14:24 - 2019-02-26 03:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-12 14:24 - 2019-02-26 03:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-12 14:24 - 2019-02-26 03:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-12 14:24 - 2019-02-26 03:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-12 14:24 - 2019-02-26 03:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-12 14:24 - 2019-02-26 03:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-12 14:24 - 2019-02-26 03:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-12 14:24 - 2019-02-26 03:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-12 14:24 - 2019-02-26 03:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-12 14:24 - 2019-02-26 03:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-12 14:24 - 2019-02-26 03:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-12 14:24 - 2019-02-26 03:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-12 14:24 - 2019-02-26 02:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-12 14:24 - 2019-02-26 02:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-12 14:24 - 2019-02-26 02:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-12 14:24 - 2019-02-26 02:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-12 14:24 - 2019-02-26 02:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-12 14:24 - 2019-02-26 02:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-12 14:24 - 2019-02-26 02:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-12 14:24 - 2019-02-26 02:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-12 14:24 - 2019-02-26 02:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-12 14:24 - 2019-02-26 02:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-12 14:24 - 2019-02-26 02:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-12 14:24 - 2019-02-26 02:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-12 14:24 - 2019-02-26 02:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-12 14:24 - 2019-02-26 02:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-12 14:24 - 2019-02-26 02:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-12 14:24 - 2019-02-26 02:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-12 14:24 - 2019-02-26 02:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-12 14:24 - 2019-02-26 02:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-12 14:24 - 2019-02-26 02:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-12 14:24 - 2019-02-26 02:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-12 14:24 - 2019-02-26 02:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-12 14:24 - 2019-02-26 02:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-12 14:24 - 2019-02-26 02:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-12 14:24 - 2019-02-26 02:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-12 14:24 - 2019-02-26 02:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-12 14:24 - 2019-02-26 02:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-12 14:24 - 2019-02-26 02:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-12 14:24 - 2019-02-26 02:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-12 14:24 - 2019-02-26 02:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-12 14:24 - 2019-02-26 02:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-12 14:24 - 2019-02-26 02:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-12 14:24 - 2019-02-26 02:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-12 14:24 - 2019-02-26 02:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-12 14:24 - 2019-02-26 02:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-12 14:23 - 2019-03-05 23:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-12 14:23 - 2019-03-05 23:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-12 14:23 - 2019-03-05 23:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-12 14:23 - 2019-03-05 23:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-12 14:23 - 2019-03-05 23:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-12 14:23 - 2019-03-05 23:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-12 14:23 - 2019-03-05 23:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-12 14:23 - 2019-03-05 23:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-12 14:23 - 2019-03-05 23:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-12 14:23 - 2019-03-05 23:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 22:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-12 14:23 - 2019-03-05 22:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-12 14:23 - 2019-03-05 22:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-12 14:23 - 2019-03-05 22:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-12 14:23 - 2019-03-05 22:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-12 14:23 - 2019-03-05 22:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-12 14:23 - 2019-03-05 22:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-12 14:23 - 2019-03-05 22:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-12 14:23 - 2019-03-05 22:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-12 14:23 - 2019-03-05 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-12 14:23 - 2019-03-05 22:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-12 14:23 - 2019-03-05 22:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-12 14:23 - 2019-03-05 22:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-12 14:23 - 2019-03-05 22:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-12 14:23 - 2019-03-05 22:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-12 14:23 - 2019-03-05 22:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-12 14:23 - 2019-03-05 22:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-12 14:23 - 2019-03-05 22:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-12 14:23 - 2019-03-05 22:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-12 14:23 - 2019-03-05 22:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-12 14:23 - 2019-03-05 22:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-12 14:23 - 2019-03-05 22:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-12 14:23 - 2019-03-05 22:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-12 14:23 - 2019-03-05 22:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-12 14:23 - 2019-03-05 22:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-12 14:23 - 2019-03-05 22:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-12 14:23 - 2019-03-05 22:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-12 14:23 - 2019-03-05 22:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 22:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 22:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-12 14:23 - 2019-03-05 22:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-12 14:23 - 2019-03-04 22:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-12 14:23 - 2019-03-04 22:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-12 14:23 - 2019-03-04 22:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-12 14:23 - 2019-02-26 03:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-12 14:23 - 2019-02-26 03:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-12 14:23 - 2019-02-26 03:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-12 14:23 - 2019-02-21 23:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-12 14:23 - 2019-02-21 23:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-12 14:23 - 2019-02-21 22:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-12 14:23 - 2019-02-21 22:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-12 14:23 - 2019-02-21 22:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-12 14:23 - 2019-02-16 02:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-12 14:23 - 2019-02-16 02:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-12 14:23 - 2019-02-16 02:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-12 14:23 - 2019-02-16 02:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-12 14:23 - 2019-02-16 02:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-12 14:23 - 2019-02-16 02:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-12 14:23 - 2019-02-16 02:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-12 14:23 - 2019-02-16 01:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-12 14:23 - 2019-02-16 01:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-12 14:23 - 2019-02-16 01:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-12 14:23 - 2019-02-16 01:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-12 14:23 - 2019-02-16 01:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-12 14:23 - 2019-02-15 12:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-12 14:23 - 2019-02-15 12:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-12 14:23 - 2019-02-15 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-12 14:23 - 2019-02-15 11:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-12 14:23 - 2019-02-15 11:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-12 14:23 - 2019-02-15 11:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-12 14:23 - 2019-02-15 11:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-12 14:23 - 2019-02-15 11:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-12 14:23 - 2019-02-15 11:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-12 14:23 - 2019-02-15 11:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-12 14:23 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-12 14:23 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-12 14:23 - 2019-02-10 12:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-12 14:23 - 2019-02-10 11:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-12 14:23 - 2019-02-10 11:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-12 14:23 - 2019-02-10 11:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-12 14:23 - 2019-02-10 11:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-12 14:23 - 2019-02-08 12:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-12 14:23 - 2019-02-08 12:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-12 14:23 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-12 14:23 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-12 14:23 - 2019-02-08 12:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-12 14:23 - 2019-02-08 11:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-12 14:23 - 2019-02-08 11:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-12 14:23 - 2019-02-08 11:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-12 14:23 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-12 14:23 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-12 14:23 - 2019-02-07 12:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-12 14:23 - 2019-02-07 12:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-12 14:23 - 2019-02-07 12:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-12 14:23 - 2019-02-07 11:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-12 14:23 - 2019-02-03 11:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-12 14:23 - 2019-01-04 12:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-12 14:23 - 2019-01-04 12:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-12 14:23 - 2019-01-04 10:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-12 14:23 - 2019-01-04 10:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-12 14:23 - 2019-01-03 12:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-12 14:23 - 2019-01-03 11:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-12 08:23 - 2019-03-19 12:23 - 000001215 _____ C:\Users\Jason\Desktop\malware.txt
2019-03-11 23:25 - 2019-03-11 23:25 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-11 23:25 - 2019-03-11 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-11 23:24 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-10 09:53 - 2019-03-10 09:53 - 000000000 ____D C:\Users\Jason\AppData\LocalLow\Oracle
2019-03-10 09:44 - 2019-03-10 09:45 - 021159736 _____ (Piriform Software Ltd) C:\Users\Jason\Downloads\ccsetup554.exe
2019-03-08 16:14 - 2019-03-08 16:14 - 000582310 _____ C:\Users\Jason\Downloads\ihg-our-communities-rb2018.pdf
2019-03-07 12:11 - 2019-03-07 12:11 - 000064296 _____ C:\Users\Jason\Downloads\26288-106153-3446
2019-03-06 10:29 - 2019-03-06 10:29 - 000016306 _____ C:\Users\Jason\Downloads\RegistryPractitionerRecertificationRequirements.pdf
2019-03-01 13:27 - 2019-03-01 13:27 - 000006900 _____ C:\Users\Jason\Downloads\statement_20180101_20181231_all (1).csv
2019-02-28 22:27 - 2019-02-28 22:27 - 000798701 _____ C:\Users\Jason\Downloads\paid_staff_application.pdf
2019-02-27 09:55 - 2019-03-14 18:59 - 000000000 ____D C:\Users\Jason\Desktop\Matt Kilsdonk
2019-02-26 23:40 - 2019-02-26 23:40 - 000930238 _____ C:\Users\Jason\Desktop\2019 Contract.pdf
2019-02-26 15:06 - 2019-02-26 15:16 - 000014897 _____ C:\Users\Jason\Downloads\Local Guide Boost - Review Order # #781D3CA3_2.xlsx
2019-02-26 15:05 - 2019-02-26 15:26 - 000013137 _____ C:\Users\Jason\Downloads\Local Guide Boost - Review Order #6F0DCF27_2.xlsx
2019-02-22 21:47 - 2019-02-22 21:48 - 000468824 _____ C:\Users\Jason\Downloads\Application (1).pdf
2019-02-20 22:38 - 2019-02-20 22:39 - 003779640 _____ C:\Users\Jason\Downloads\Help guide Creality and others 12-2018.pdf
2019-02-19 13:55 - 2019-02-19 13:55 - 000006900 _____ C:\Users\Jason\Downloads\statement_20180101_20181231_all.csv

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-19 15:50 - 2015-10-14 08:59 - 000000000 ____D C:\FRST
2019-03-19 12:51 - 2009-07-14 00:45 - 000035440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-19 12:51 - 2009-07-14 00:45 - 000035440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-19 12:49 - 2018-08-11 09:35 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-03-19 12:49 - 2018-08-11 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-03-19 12:40 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-17 16:50 - 2013-05-29 23:57 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-15 19:44 - 2015-10-14 13:01 - 000000000 ____D C:\ProgramData\PCDr
2019-03-15 19:42 - 2009-07-14 01:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-15 19:42 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-03-15 19:28 - 2018-05-17 18:16 - 000241088 _____ C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-15 19:26 - 2018-05-17 18:14 - 005305848 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-15 19:19 - 2015-10-14 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-03-15 19:19 - 2015-10-14 13:00 - 000000000 ____D C:\Program Files\Dell
2019-03-15 19:18 - 2013-08-20 21:20 - 000000000 ____D C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2019-03-15 19:12 - 2015-03-12 14:31 - 000007635 _____ C:\Users\Jason\AppData\Local\Resmon.ResmonCfg
2019-03-14 15:15 - 2016-01-31 20:10 - 000000000 ____D C:\Users\Jason\Desktop\FB Page Images
2019-03-14 12:47 - 2013-06-10 10:38 - 000000000 ____D C:\Windows\Minidump
2019-03-13 04:50 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2019-03-13 03:30 - 2014-12-11 10:57 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-13 03:30 - 2014-05-06 08:16 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-13 03:30 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-13 03:30 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-12 17:40 - 2016-08-31 18:06 - 000000000 ____D C:\Users\Jason\Desktop\Carnival Stuff
2019-03-12 08:17 - 2017-05-29 21:04 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-12 08:17 - 2017-05-25 21:02 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-12 08:17 - 2017-05-25 21:02 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-12 08:17 - 2017-05-25 21:02 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-12 08:16 - 2013-05-30 17:47 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-11 23:25 - 2013-05-29 23:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-11 11:19 - 2016-03-22 18:50 - 000000000 ____D C:\Users\Jason\Desktop\Fire Grants
2019-03-10 20:55 - 2016-05-15 18:54 - 000020540 _____ C:\Users\Jason\Desktop\Grant Passwords.xlsx
2019-03-10 09:54 - 2013-08-01 10:39 - 000000000 ____D C:\Program Files (x86)\Java
2019-03-10 09:46 - 2018-01-11 09:46 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-10 09:46 - 2013-05-29 23:35 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-09 21:58 - 2017-05-29 20:22 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-03-09 21:58 - 2017-05-29 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-03-09 00:17 - 2016-06-12 00:39 - 000019485 _____ C:\Users\Jason\Desktop\Advertise FB & Calendars.xlsx
2019-03-08 12:11 - 2013-05-30 17:54 - 000000000 ____D C:\Users\Jason\AppData\Roaming\ZoomBrowser EX
2019-03-07 11:15 - 2013-05-29 23:29 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-03-06 14:35 - 2015-08-21 08:13 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-04 23:21 - 2013-06-20 17:06 - 000000000 ____D C:\Users\Jason\Documents\My Scans
2019-02-25 19:44 - 2016-08-21 17:30 - 000021423 _____ C:\Users\Jason\Desktop\2018 State  & Fire Sub Grant.xlsx
2019-02-22 18:19 - 2018-09-18 20:14 - 000000000 ____D C:\Users\Jason\Desktop\Gui Sales
2019-02-22 11:01 - 2017-05-25 20:41 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 22:28 - 2019-02-06 21:59 - 000000000 ____D C:\Users\Jason\Desktop\Fund Drive Addreses

==================== Files in the root of some directories =======

2016-10-04 21:10 - 2018-05-19 22:25 - 000000132 _____ () C:\Users\Jason\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-12 14:31 - 2019-03-15 19:12 - 000007635 _____ () C:\Users\Jason\AppData\Local\Resmon.ResmonCfg
2019-03-17 16:06 - 2019-03-17 16:06 - 000000000 _____ () C:\Users\Jason\AppData\Local\{0F538F10-5147-4870-A655-C72CFB3FC1A4}
2018-11-03 13:20 - 2018-11-03 13:20 - 000000000 _____ () C:\Users\Jason\AppData\Local\{A014614F-B96D-4442-B02E-B9C8BB0A0DBE}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-14 00:28

==================== End of FRST.txt ============================

Link to post
Share on other sites

  • Root Admin

Thank you for the logs. Going forward please try to attach the logs if possible instead of copy/paste.

Let me have you go run the following clean up for Chrome.

 

Once that's done then let's try running another antivirus scanner from Kaspersky and see what if anything it finds as a secondary confirmation.

 

 

Please download and run the following Kaspersky antivirus scanner to remove any found threats

Kaspersky Virus Removal Tool

Let me know if it finds anything or not

 

Thanks

Ron

 

Link to post
Share on other sites

Hello, sorry for the delay, I have been sick, I will try running these today.

Plweq, we did clean out dust when we took it apart to replace the fan, it has not gotten hot since then. :)

Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.