Jump to content

ProblemsRBad

Members
  • Content count

    986
  • Joined

  • Last visited

  • Days Won

    1

About ProblemsRBad

  • Rank
    $ Supporting Member

Profile Information

  • Gender
    Not Telling
  • OS
    Windows 10

Profile Fields

  • Country
  1. HP BIOS update help

    I don't know. I have just been dealing with it. Power it up, let it freeze at Win 10 logo no loading dots. Hold the power until its off and power up again and it boots. Hmm
  2. HP BIOS update help

    LoL So I didn't try running the BIOS update in Win 7 compatibility mode. If this works would it mess up the BIOS if it's for Win 7 and not Win 10? What's making me do this is, every time I shut down the system and come back to power it up, it hangs at the Win 10 logo screen with no loading icon. It gets stuck here forever. To make it boot I have to just hold the power button so the system shuts off and then push the power again and it boots fine. So to pinpoint the problem, I shut it down. I removed all of the USB device's and powered it up, it boots fine. I begin plugging in each device and boot-reboot until I found out its the keyboard (Dell, maybe the HP desktop don't like my Dell keyboard . Ha). LoL I then check to see if my BIOS was up to date and its not. When I read the BIOS update notes for Win 7 it says Fixes - Updates RAID OPROM version from 3.3.1592.22.B7 to 3.3.1592.22. To me it looks like this update has something to do with the hard drive. It was never put in at Win 7. If it was to have been installed back in Win 7, would it effect the new Win 10 when with a clean install? There's got to be another way around a clean install to get this BIOS update in without messing anything up.
  3. HP BIOS update help

    The machine was bought with Win 7 on it. I upgraded it to Win 10. I tried the Win 7 (https://support.hp.com/us-en/drivers/selfservice/hp-pavilion-hpe-h8-1200-desktop-pc-series/5187019/model/5192451) one and it says won't run on win 10. When I put to win 8 (https://support.hp.com/us-en/drivers/selfservice/hp-pavilion-hpe-h8-1200-desktop-pc-series/5187019/model/5192451) there is no BIOS update. Would running the update file in Win 7 compatibility mode work? I don't want to try it and mess up the BIOS if it don't work.
  4. HP BIOS update help

    So I ran into a bootup problem and managed to pin point it to a on-board motherboard USB issue. I did some research and found that I need to do a BIOS update. When I visit the HP support site to download the BIOS update, there is no Win 10 file, only ones for Win 7 and Win 8. What would be the best way to update my BIOS? MOBO Mo. m3970am Desktop Mo. h8-1214 current BIOS installed AMI ang_713, 12/19/2011
  5. Looking for free bootable partiton tool.

    After some searching I managed to figure it out: I downloaded Rufus ISO to USB burner and downloaded GParted. Burned GParted to the USB using Rufus. I rebooted the maching and now was able to edit my partition as intended. Use a GParted Live CD or USB to make a Linux or Windows drive Active How to use the free GParted CD to mark a Linux or Windows Primary partition Active Input 02 for English and press enter. Next input 0 and press enter to load GParted. Right-click the Primary partition you wish to make Active and select Manage Flags. In Manage Flags on ..., tick (to enable) the boot check box to make the partition Active. Click Close and exit the partition utility. Restart your computer.
  6. Looking for free bootable partiton tool.

    I need a USB bootable partition management tool that has an option to set a primary partition active. It needs to work at boot up as the machine won't boot, but I know why it won't boot. So what is the best free bootable USB partition tool or how do I create one for free please?
  7. Friends win 10 desktop seems infected

    Thanks a lot Broni, the PC is running better now!
  8. Friends win 10 desktop seems infected

    Sophos scanned clean so I don't have a log for that. Results of screen317's Security Check version 1.014 --- 12/23/15 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Avast Antivirus Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 5.5 Java 8 Update 111 Java 8 Update 131 Java version 32-bit out of Date! Adobe Flash Player 26.0.0.131 Mozilla Firefox (54.0) Google Chrome (59.0.3071.115) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Oracle Java javapath AvastSvc.exe -?- AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- Farbar Service Scanner Version: 27-01-2016 Ran by owner (administrator) on 27-06-2017 at 18:04:22 Running from "C:\Users\owner\Desktop" Microsoft Windows 10 Home (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\ipnathlp.dll => File is digitally signed C:\Windows\System32\iphlpsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log ****
  9. Friends win 10 desktop seems infected

    Fix result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01 Ran by owner (27-06-2017 16:58:29) Run:1 Running from C:\Users\owner\Desktop Loaded Profiles: owner (Available Profiles: owner) Boot Mode: Normal ============================================== fixlist content: ***************** HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION GroupPolicy: Restriction - Chrome <==== ATTENTION U1 aswbdisk; no ImagePath S1 MpKsl534bc877; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{330B0F5F-6040-46EA-AAFC-721D72CB21F9}\MpKsl534bc877.sys [X] 2016-09-08 09:53 - 2016-09-08 09:53 - 0000000 _____ () C:\Users\owner\AppData\Local\Driver_LOM_8161Present.flag 2017-03-06 18:52 - 2017-03-06 18:52 - 0000000 _____ () C:\Users\owner\AppData\Local\{0FDEFA91-9177-4402-9B2C-38D52CB216DB} 2014-02-25 14:56 - 2014-02-25 14:56 - 0115816 _____ (AOL Inc.) C:\Users\owner\AppData\Local\Temp\AcsInstall.dll 2017-06-23 00:13 - 2016-11-11 06:13 - 1886344 _____ (Microsoft Corporation) C:\Users\owner\AppData\Local\Temp\dllnt_dump.dll 2017-06-20 16:08 - 2016-08-05 11:51 - 5570760 _____ (Foxit Corporation) C:\Users\owner\AppData\Local\Temp\FoxitUpdater.exe 2016-11-18 09:04 - 2016-11-18 09:04 - 0737856 _____ (Oracle Corporation) C:\Users\owner\AppData\Local\Temp\jre-8u111-windows-au.exe 2017-04-18 20:57 - 2017-04-18 20:57 - 0739904 _____ (Oracle Corporation) C:\Users\owner\AppData\Local\Temp\jre-8u131-windows-au.exe 2003-10-23 14:27 - 2003-10-23 14:27 - 0022528 _____ (Microsoft Corporation) C:\Users\owner\AppData\Local\Temp\SHFOLDER.DLL 2017-05-17 10:36 - 2017-05-17 10:36 - 0729368 _____ (adaware) C:\Users\owner\AppData\Local\Temp\wcupdater.exe AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] ***************** HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected HKLM\System\CurrentControlSet\Services\MpKsl534bc877 => key removed successfully MpKsl534bc877 => service removed successfully C:\Users\owner\AppData\Local\Driver_LOM_8161Present.flag => moved successfully C:\Users\owner\AppData\Local\{0FDEFA91-9177-4402-9B2C-38D52CB216DB} => moved successfully C:\Users\owner\AppData\Local\Temp\AcsInstall.dll => moved successfully C:\Users\owner\AppData\Local\Temp\dllnt_dump.dll => moved successfully C:\Users\owner\AppData\Local\Temp\FoxitUpdater.exe => moved successfully C:\Users\owner\AppData\Local\Temp\jre-8u111-windows-au.exe => moved successfully C:\Users\owner\AppData\Local\Temp\jre-8u131-windows-au.exe => moved successfully C:\Users\owner\AppData\Local\Temp\SHFOLDER.DLL => moved successfully C:\Users\owner\AppData\Local\Temp\wcupdater.exe => moved successfully C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully. Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-06-2017 17:01:42) Result of scheduled keys to remove after reboot: HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected ==== End of Fixlog 17:01:42 ====
  10. Friends win 10 desktop seems infected

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01 Ran by owner (administrator) on DESKTOP-LRA92O6 (27-06-2017 14:23:07) Running from C:\Users\owner\Desktop Loaded Profiles: owner (Available Profiles: owner) Platform: Windows 10 Home Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\sway.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-06-20] (AVAST Software) HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [263112 2016-03-22] (Razer Inc.) HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1480336713\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.) HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-20] (AVAST Software) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-20] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-08] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2 Tcpip\..\Interfaces\{20e0338c-715b-437e-9310-42cfb334a4f2}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{3da5fc42-8a40-49b8-b932-bc0137222f12}: [DhcpNameServer] 192.168.0.1 4.2.2.2 8.8.8.8 Tcpip\..\Interfaces\{b3e8033e-ed92-4dd6-8b8f-5d6dc8aaeced}: [DhcpNameServer] 71.10.216.1 71.10.216.2 Internet Explorer: ================== HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com SearchScopes: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-20] (Oracle Corporation) FireFox: ======== FF DefaultProfile: p1p9jmbm.default FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\p1p9jmbm.default [2017-06-27] FF NewTab: Mozilla\Firefox\Profiles\p1p9jmbm.default -> about:home FF Homepage: Mozilla\Firefox\Profiles\p1p9jmbm.default -> google.com FF Extension: (leethax.net extension) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\p1p9jmbm.default\Extensions\leethax@leethax.net.xpi [2016-12-27] FF Extension: (Avast SafePrice) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\p1p9jmbm.default\Extensions\sp@avast.com.xpi [2017-06-22] FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\p1p9jmbm.default\Extensions\uBlock0@raymondhill.net.xpi [2017-06-20] FF Extension: (Avast Online Security) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\p1p9jmbm.default\Extensions\wrc@avast.com.xpi [2017-06-20] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] () FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-20] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default [2017-06-23] CHR Extension: (Google Slides) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-08] CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-08] CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-08] CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-08] CHR Extension: (uBlock Origin) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-23] CHR Extension: (Avast SafePrice) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-23] CHR Extension: (Google Sheets) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-08] CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-16] CHR Extension: (Avast Online Security) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-23] CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-08] CHR Extension: (Chrome Media Router) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-23] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-06-20] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-06-20] (AVAST Software) R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed] S4 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-22] (Razer Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-06-20] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-06-20] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-06-20] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-06-20] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-06-20] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-06-20] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-06-20] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-06-20] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-06-20] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-06-20] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-06-20] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-06-20] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-06-20] (AVAST Software) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-25] (Advanced Micro Devices) R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.) R3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U1 aswbdisk; no ImagePath S1 MpKsl534bc877; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{330B0F5F-6040-46EA-AAFC-721D72CB21F9}\MpKsl534bc877.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-27 14:22 - 2017-06-27 14:22 - 00000000 ____D C:\Users\owner\Desktop\FRST-OlderVersion 2017-06-27 14:05 - 2017-06-27 14:05 - 15510512 _____ (TeamViewer GmbH) C:\Users\owner\Downloads\TeamViewer_Setup.exe 2017-06-23 09:23 - 2017-06-23 09:23 - 00000555 _____ C:\Users\owner\Desktop\JRT.txt 2017-06-23 08:53 - 2017-06-23 08:53 - 00005086 _____ C:\Users\owner\Desktop\rk_C52C.tmp.txt 2017-06-23 00:13 - 2017-06-23 08:54 - 00000000 ____D C:\ProgramData\RogueKiller 2017-06-23 00:13 - 2017-06-23 00:13 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-06-23 00:13 - 2017-06-23 00:13 - 00000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-06-23 00:13 - 2017-06-23 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-06-23 00:13 - 2017-06-23 00:13 - 00000000 ____D C:\Program Files\RogueKiller 2017-06-23 00:12 - 2017-06-23 00:12 - 35438416 _____ (Adlice Software ) C:\Users\owner\Downloads\RogueKiller_setup_ref3.exe 2017-06-23 00:11 - 2017-06-27 14:05 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-06-23 00:11 - 2017-06-27 14:05 - 00001104 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-06-23 00:11 - 2017-06-27 14:05 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-06-22 23:43 - 2017-06-23 00:10 - 00000000 ____D C:\ProgramData\Betternet 2017-06-22 23:43 - 2017-06-22 23:43 - 00002026 _____ C:\Users\Public\Desktop\Betternet.lnk 2017-06-22 23:43 - 2017-06-22 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows 2017-06-22 23:43 - 2017-06-22 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc 2017-06-22 23:43 - 2017-06-22 23:43 - 00000000 ____D C:\Program Files\TAP-Windows 2017-06-22 23:43 - 2017-06-22 23:43 - 00000000 ____D C:\Program Files (x86)\OpenVPN 2017-06-22 23:43 - 2017-06-22 23:43 - 00000000 ____D C:\Program Files (x86)\Betternet 2017-06-22 23:42 - 2017-06-22 23:42 - 10937168 _____ (Betternet Technologies Inc.) C:\Users\owner\Downloads\BetternetForWindows383.exe 2017-06-22 23:42 - 2017-06-22 23:42 - 00000000 ____D C:\Users\owner\AppData\Local\Downloaded Installations 2017-06-22 13:48 - 2017-06-27 14:23 - 00015292 _____ C:\Users\owner\Desktop\FRST.txt 2017-06-22 13:48 - 2017-06-27 14:23 - 00000000 ____D C:\FRST 2017-06-22 13:48 - 2017-06-27 14:22 - 02441216 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe 2017-06-22 13:42 - 2017-06-22 13:42 - 00007169 _____ C:\Users\owner\Desktop\AdwCleaner[C0].txt 2017-06-22 13:37 - 2017-06-22 13:40 - 00000000 ____D C:\AdwCleaner 2017-06-22 13:35 - 2017-06-22 13:35 - 00001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2017-06-22 13:35 - 2017-06-22 13:35 - 00000000 ____D C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.com 2017-06-22 13:35 - 2017-06-22 13:35 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-06-22 13:35 - 2017-06-22 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2017-06-22 13:35 - 2017-06-22 13:35 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2017-06-22 13:32 - 2017-06-22 13:33 - 00000000 ____D C:\ProgramData\TEMP 2017-06-22 13:32 - 2017-06-22 13:33 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster 2017-06-22 13:32 - 2017-06-22 13:32 - 00001152 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk 2017-06-22 13:32 - 2017-06-22 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2017-06-22 13:32 - 2012-05-02 12:17 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX 2017-06-22 13:32 - 2009-03-24 13:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2017-06-22 13:29 - 2017-06-22 13:29 - 00001515 _____ C:\Users\owner\Desktop\mbamlog.txt 2017-06-22 13:28 - 2017-06-23 09:21 - 01663672 _____ (Malwarebytes) C:\Users\owner\Desktop\JRT.exe 2017-06-22 13:27 - 2017-06-22 13:37 - 04110280 _____ C:\Users\owner\Desktop\adwcleaner_6.047.exe 2017-06-22 13:27 - 2017-06-22 13:33 - 30277464 _____ (SUPERAntiSpyware) C:\Users\owner\Downloads\SUPERAntiSpyware.exe 2017-06-22 13:27 - 2017-06-22 13:30 - 04291320 _____ (BrightFort LLC ) C:\Users\owner\Downloads\spywareblastersetup55.exe 2017-06-22 13:27 - 2017-06-22 13:27 - 00448512 _____ (OldTimer Tools) C:\Users\owner\Desktop\TFC.exe 2017-06-22 13:11 - 2014-02-25 14:56 - 00034520 ____R (America Online) C:\WINDOWS\system32\Drivers\ATWPKT264.SYS 2017-06-22 13:04 - 2017-06-22 13:04 - 00000000 ____D C:\Users\owner\AppData\Roaming\AOL 2017-06-20 16:11 - 2017-06-20 16:09 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2017-06-20 16:08 - 2017-06-20 16:08 - 00001428 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2017-06-20 16:08 - 2017-06-20 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2017-06-20 16:08 - 2017-06-20 16:08 - 00000000 ____D C:\Program Files (x86)\Foxit Software 2017-06-20 16:02 - 2017-06-21 18:02 - 00004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1497988935 2017-06-20 16:02 - 2017-06-21 18:02 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-06-20 16:02 - 2017-06-20 16:02 - 00001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2017-06-20 16:01 - 2017-06-20 16:01 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-06-20 16:01 - 2017-06-20 16:01 - 00000000 ____D C:\Users\owner\AppData\Roaming\AVAST Software 2017-06-20 16:00 - 2017-06-23 09:06 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-06-20 16:00 - 2017-06-20 16:00 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-06-20 16:00 - 2017-06-20 16:00 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-06-20 16:00 - 2017-06-20 16:00 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-06-20 16:00 - 2017-06-20 16:00 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-06-20 16:00 - 2017-06-20 15:59 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-06-20 16:00 - 2017-06-20 15:59 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-06-20 16:00 - 2017-06-20 15:59 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-06-20 16:00 - 2017-06-20 15:59 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-06-20 16:00 - 2017-06-20 15:59 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-06-20 15:58 - 2017-06-20 18:09 - 00000000 ____D C:\ProgramData\AVAST Software 2017-06-20 15:58 - 2017-06-20 16:01 - 00000000 ____D C:\Program Files\AVAST Software 2017-06-20 15:58 - 2017-06-20 15:58 - 06919904 _____ (AVAST Software) C:\Users\owner\Downloads\avast_free_antivirus_setup_online.exe 2017-06-20 15:55 - 2017-06-20 15:55 - 00000000 ___HD C:\OneDriveTemp 2017-06-15 17:37 - 2017-06-15 17:37 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2 2017-06-14 18:48 - 2017-06-03 06:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-06-14 18:48 - 2017-06-03 06:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-06-14 18:48 - 2017-06-03 06:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-06-14 18:48 - 2017-06-03 06:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-06-14 18:48 - 2017-06-03 06:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-06-14 18:48 - 2017-06-03 05:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-06-14 18:48 - 2017-06-03 05:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-06-14 18:48 - 2017-06-03 05:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-06-14 18:48 - 2017-06-03 05:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-06-14 18:48 - 2017-06-03 05:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-06-14 18:48 - 2017-06-03 05:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-06-14 18:48 - 2017-06-03 05:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-06-14 18:48 - 2017-06-03 05:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-06-14 18:48 - 2017-06-03 05:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-06-14 18:48 - 2017-06-03 05:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-06-14 18:48 - 2017-06-03 05:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-06-14 18:48 - 2017-06-03 05:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-06-14 18:48 - 2017-06-03 05:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-06-14 18:48 - 2017-06-03 05:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-06-14 18:48 - 2017-06-03 05:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-06-14 18:48 - 2017-06-03 05:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-06-14 18:48 - 2017-06-03 05:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-06-14 18:48 - 2017-06-03 05:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-06-14 18:48 - 2017-06-03 05:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-06-14 18:48 - 2017-06-03 05:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-06-14 18:48 - 2017-06-03 05:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-06-14 18:48 - 2017-06-03 05:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-06-14 18:48 - 2017-06-03 05:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-06-14 18:48 - 2017-06-03 05:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-06-14 18:48 - 2017-06-03 05:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-06-14 18:48 - 2017-06-03 05:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll 2017-06-14 18:48 - 2017-06-03 05:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-06-14 18:48 - 2017-06-03 05:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll 2017-06-14 18:48 - 2017-06-03 05:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2017-06-14 18:48 - 2017-06-03 05:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-06-14 18:48 - 2017-06-03 05:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-06-14 18:48 - 2017-06-03 05:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-06-14 18:48 - 2017-06-03 05:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-06-14 18:48 - 2017-06-03 05:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-06-14 18:48 - 2017-06-03 05:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-06-14 18:48 - 2017-06-03 05:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-06-14 18:48 - 2017-06-03 05:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-06-14 18:48 - 2017-06-03 05:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-06-14 18:48 - 2017-06-03 05:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll 2017-06-14 18:48 - 2017-06-03 05:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-06-14 18:48 - 2017-06-03 05:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-06-14 18:48 - 2017-06-03 05:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-06-14 18:48 - 2017-06-03 05:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-06-14 18:48 - 2017-06-03 05:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-06-14 18:48 - 2017-06-03 05:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll 2017-06-14 18:48 - 2017-06-03 05:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-06-14 18:48 - 2017-06-03 05:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-06-14 18:48 - 2017-06-03 05:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-06-14 18:48 - 2017-06-03 05:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-06-14 18:48 - 2017-06-03 04:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-06-14 18:48 - 2017-06-03 04:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-06-14 18:48 - 2017-06-03 04:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-06-14 18:48 - 2017-06-03 04:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-06-14 18:48 - 2017-06-03 04:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-06-14 18:48 - 2017-06-03 04:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-06-14 18:48 - 2017-06-03 04:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-06-14 18:48 - 2017-06-03 04:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-06-14 18:48 - 2017-06-03 04:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-06-14 18:48 - 2017-05-25 01:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe 2017-06-14 18:48 - 2017-03-04 02:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-06-14 18:48 - 2017-03-04 02:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-06-14 18:48 - 2016-09-07 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-06-14 18:47 - 2017-06-03 06:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-06-14 18:47 - 2017-06-03 06:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-06-14 18:47 - 2017-06-03 06:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-06-14 18:47 - 2017-06-03 06:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-06-14 18:47 - 2017-06-03 06:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-06-14 18:47 - 2017-06-03 06:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-06-14 18:47 - 2017-06-03 05:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-06-14 18:47 - 2017-06-03 05:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-06-14 18:47 - 2017-06-03 05:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-06-14 18:47 - 2017-06-03 05:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-06-14 18:47 - 2017-06-03 05:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-06-14 18:47 - 2017-06-03 05:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-06-14 18:47 - 2017-06-03 05:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2017-06-14 18:47 - 2017-06-03 05:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-06-14 18:47 - 2017-06-03 05:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-06-14 18:47 - 2017-06-03 05:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-06-14 18:47 - 2017-06-03 05:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-06-14 18:47 - 2017-06-03 05:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-06-14 18:47 - 2017-06-03 05:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-06-14 18:47 - 2017-06-03 05:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-06-14 18:47 - 2017-06-03 05:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-06-14 18:47 - 2017-06-03 05:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-06-14 18:47 - 2017-06-03 05:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-06-14 18:47 - 2017-06-03 05:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-06-14 18:47 - 2017-06-03 05:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-06-14 18:47 - 2017-06-03 05:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-06-14 18:47 - 2017-06-03 05:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-06-14 18:47 - 2017-06-03 05:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-06-14 18:47 - 2017-06-03 05:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-06-14 18:47 - 2017-06-03 05:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-06-14 18:47 - 2017-06-03 05:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll 2017-06-14 18:47 - 2017-06-03 05:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-06-14 18:47 - 2017-06-03 05:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll 2017-06-14 18:47 - 2017-06-03 05:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-06-14 18:47 - 2017-06-03 05:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-06-14 18:47 - 2017-06-03 05:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-06-14 18:47 - 2017-06-03 05:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-06-14 18:47 - 2017-06-03 05:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-06-14 18:47 - 2017-06-03 05:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll 2017-06-14 18:47 - 2017-06-03 05:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-06-14 18:47 - 2017-06-03 05:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2017-06-14 18:47 - 2017-06-03 05:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-06-14 18:47 - 2017-06-03 05:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-06-14 18:47 - 2017-06-03 05:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-06-14 18:47 - 2017-06-03 05:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-06-14 18:47 - 2017-06-03 04:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2017-06-14 18:47 - 2017-06-03 04:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-06-14 18:47 - 2017-06-03 04:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-06-14 18:47 - 2017-06-03 04:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-06-14 18:47 - 2017-06-03 04:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-06-14 18:47 - 2017-06-03 04:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-06-14 18:47 - 2017-06-03 04:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-06-14 18:47 - 2017-06-03 04:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-06-14 18:47 - 2017-06-03 04:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-06-14 18:47 - 2017-06-03 04:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-06-14 18:47 - 2017-06-03 04:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-06-14 18:47 - 2017-06-03 04:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-06-14 18:47 - 2017-06-03 04:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-06-14 18:47 - 2017-06-03 04:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-06-14 18:47 - 2017-06-03 04:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll 2017-06-14 18:47 - 2017-06-03 04:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-06-14 18:47 - 2017-06-03 04:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-06-14 18:47 - 2017-06-03 02:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls 2017-06-14 18:47 - 2017-03-04 02:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-06-14 18:47 - 2017-03-04 02:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-06-01 13:02 - 2017-06-01 13:02 - 00301314 _____ C:\Users\owner\Downloads\EligibilityNotice.pdf 2017-05-30 12:43 - 2017-06-16 09:13 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump 2017-05-30 10:02 - 2017-05-30 10:02 - 00000000 ____D C:\Icons ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-27 14:22 - 2016-11-18 08:58 - 00000000 ____D C:\Users\owner\AppData\LocalLow\Mozilla 2017-06-27 14:04 - 2016-09-25 07:02 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-06-27 13:38 - 2016-11-17 09:56 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7EB55AD7-453E-4A8C-A7C7-76966ED324FF} 2017-06-27 07:39 - 2016-11-01 08:11 - 00000000 ____D C:\Users\owner\AppData\Local\Battle.net 2017-06-26 23:34 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-26 23:34 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-06-26 19:26 - 2016-11-01 08:10 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-06-26 18:31 - 2016-11-01 08:14 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2017-06-26 17:52 - 2016-09-08 10:16 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-26 17:52 - 2016-09-08 10:16 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-24 17:25 - 2016-09-25 07:04 - 00000000 ____D C:\Users\owner 2017-06-22 23:43 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF 2017-06-22 14:21 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\rescache 2017-06-22 13:50 - 2016-09-07 16:02 - 03199452 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-06-22 13:44 - 2016-09-25 07:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-22 13:44 - 2016-09-25 07:03 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-06-22 13:44 - 2016-07-16 02:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-06-22 13:40 - 2016-11-01 08:59 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2017-06-22 13:33 - 2016-12-09 09:07 - 00000258 __RSH C:\ProgramData\ntuser.pol 2017-06-22 13:30 - 2016-11-10 09:36 - 00000000 ____D C:\Program Files (x86)\Steam 2017-06-22 13:23 - 2016-09-18 20:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-06-22 12:51 - 2016-11-29 09:23 - 00000000 ____D C:\Users\owner\AppData\Roaming\AVG 2017-06-22 12:51 - 2016-11-29 09:20 - 00000000 ____D C:\Program Files (x86)\AVG 2017-06-22 12:51 - 2016-11-29 09:19 - 00000000 ____D C:\ProgramData\Avg 2017-06-20 16:29 - 2016-10-27 11:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-06-20 16:12 - 2016-09-08 10:19 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-06-20 16:11 - 2016-09-08 10:18 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-06-20 16:11 - 2016-09-08 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-06-20 16:11 - 2016-09-08 10:17 - 00000000 ____D C:\Program Files (x86)\Java 2017-06-20 16:09 - 2016-11-18 09:05 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2017-06-20 16:09 - 2016-11-18 09:05 - 00000000 ____D C:\Program Files\Java 2017-06-20 16:08 - 2016-09-08 10:19 - 00000000 ____D C:\ProgramData\Foxit Software 2017-06-20 16:06 - 2016-09-08 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-06-20 16:06 - 2016-09-08 10:19 - 00000000 ____D C:\Program Files\7-Zip 2017-06-20 16:04 - 2016-11-01 08:58 - 00000000 ____D C:\Program Files (x86)\Camfrog 2017-06-20 15:57 - 2016-11-29 09:19 - 00000000 ____D C:\Users\owner\AppData\Local\AvgSetupLog 2017-06-20 15:55 - 2016-12-13 15:59 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-20 15:55 - 2016-09-07 16:02 - 00002367 _____ C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-20 15:55 - 2016-09-07 16:02 - 00000000 ___RD C:\Users\owner\OneDrive 2017-06-20 15:54 - 2016-11-01 08:58 - 00000000 ____D C:\Users\owner\AppData\Roaming\Camfrog 2017-06-19 22:54 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-06-16 23:43 - 2017-05-10 22:43 - 05427200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-06-16 23:43 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-06-16 23:43 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-06-16 08:45 - 2016-09-07 16:00 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-06-15 17:38 - 2016-09-25 07:02 - 00258016 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-06-15 17:38 - 2016-09-08 10:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-06-15 17:38 - 2016-09-08 10:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-06-15 17:37 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-06-15 17:37 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-06-15 17:37 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-06-15 13:29 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-06-13 17:22 - 2016-09-07 16:29 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-06-13 17:21 - 2016-09-07 16:29 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-06-13 17:20 - 2016-09-08 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-06-03 02:36 - 2016-07-16 07:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-06-03 02:36 - 2016-07-16 07:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-31 08:00 - 2016-09-07 16:30 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-05-30 10:28 - 2016-09-08 10:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2016-09-08 09:53 - 2016-09-08 09:53 - 0000000 _____ () C:\Users\owner\AppData\Local\Driver_LOM_8161Present.flag 2017-03-06 18:52 - 2017-03-06 18:52 - 0000000 _____ () C:\Users\owner\AppData\Local\{0FDEFA91-9177-4402-9B2C-38D52CB216DB} Some files in TEMP: ==================== 2014-02-25 14:56 - 2014-02-25 14:56 - 0115816 _____ (AOL Inc.) C:\Users\owner\AppData\Local\Temp\AcsInstall.dll 2017-06-23 00:13 - 2016-11-11 06:13 - 1886344 _____ (Microsoft Corporation) C:\Users\owner\AppData\Local\Temp\dllnt_dump.dll 2017-06-20 16:08 - 2016-08-05 11:51 - 5570760 _____ (Foxit Corporation) C:\Users\owner\AppData\Local\Temp\FoxitUpdater.exe 2016-11-18 09:04 - 2016-11-18 09:04 - 0737856 _____ (Oracle Corporation) C:\Users\owner\AppData\Local\Temp\jre-8u111-windows-au.exe 2017-04-18 20:57 - 2017-04-18 20:57 - 0739904 _____ (Oracle Corporation) C:\Users\owner\AppData\Local\Temp\jre-8u131-windows-au.exe 2003-10-23 14:27 - 2003-10-23 14:27 - 0022528 _____ (Microsoft Corporation) C:\Users\owner\AppData\Local\Temp\SHFOLDER.DLL 2017-05-17 10:36 - 2017-05-17 10:36 - 0729368 _____ (adaware) C:\Users\owner\AppData\Local\Temp\wcupdater.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-06-27 07:55 ==================== End of FRST.txt ============================ -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01 Ran by owner (27-06-2017 14:23:39) Running from C:\Users\owner\Desktop Windows 10 Home Version 1607 (X64) (2016-09-25 11:08:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3808737855-1502716943-3396329800-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3808737855-1502716943-3396329800-503 - Limited - Disabled) Guest (S-1-5-21-3808737855-1502716943-3396329800-501 - Limited - Disabled) owner (S-1-5-21-3808737855-1502716943-3396329800-1001 - Administrator - Enabled) => C:\Users\owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) 7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703830}) (Version: 3.8.3.0 - Betternet Technologies Inc.) Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\{363BF6FC-3A14-3806-ADF6-69F23C73DC2F}) (Version: 59.0.3071.115 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) LibreOffice 5.2.1.2 (HKLM\...\{4A18AA03-C78A-40A0-A355-38AB43B2FE78}) (Version: 5.2.1.2 - The Document Foundation) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 54.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 en-US)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - ) Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden RogueKiller version 12.11.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.3.0 - Adlice Software) SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer) VEGA Conflict (HKLM\...\Steam App 339600) (Version: - KIXEYE) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1BA1818D-5AFE-477C-A361-6B5767704DF1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.) Task: {257EEC95-86AD-4D63-89CE-CE152C3F495C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-06-20] (AVAST Software) Task: {303B32DD-31E3-46CA-9594-8CB38051469B} - System32\Tasks\SafeZone scheduled Autoupdate 1497988935 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software) Task: {50AFEB88-C518-424C-AFB5-8A4CAA642B68} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {9E4EEFBB-EC1A-4B08-8D7C-A5413EFE85CC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-16] (Adobe Systems Incorporated) Task: {D355820B-651E-4061-B0F6-3DA01A3735B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-08] (Google Inc.) Task: {E9AA8A5B-04B5-4E8E-AC14-C4DAC40F9F9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-08] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 07:42 - 2016-07-16 07:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-06-14 18:47 - 2017-06-03 06:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-03-15 09:50 - 2017-03-04 02:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 09:50 - 2017-03-04 02:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 09:50 - 2017-03-04 02:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-06-14 18:47 - 2017-06-03 04:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-06-14 18:47 - 2017-06-03 04:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-06-14 18:47 - 2017-06-03 04:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-06-22 13:17 - 2017-06-22 13:17 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-06-22 13:17 - 2017-06-22 13:17 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-06-22 13:17 - 2017-06-22 13:17 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-06-22 13:17 - 2017-06-22 13:17 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll 2016-09-25 10:59 - 2016-09-25 10:59 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 09:52 - 2017-03-04 02:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00033472 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\PALExtensions.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00070856 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Aria.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00030400 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Experiments.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00066760 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Logging.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00134344 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Util.dll 2017-04-10 07:42 - 2017-04-10 07:42 - 01695440 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 13187264 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 02496712 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Story.dll 2017-06-26 23:34 - 2017-06-26 23:34 - 00645312 _____ () C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8269.45191.0_x64__8wekyb3d8bbwe\StoryClientUI_Shared.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-06-20 15:59 - 2017-06-20 15:59 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-06-20 16:00 - 2017-06-20 16:00 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 03:24 - 2015-10-30 03:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3808737855-1502716943-3396329800-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 71.10.216.1 - 71.10.216.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AOL ACS => 3 MSCONFIG\Services: RzWizardService => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk" HKLM\...\StartupApproved\Run32: => "RzWizard" HKLM\...\StartupApproved\Run32: => "HostManager" HKLM\...\StartupApproved\Run32: => "AvgUi" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4D9A301A-8622-49E6-BD58-9C67574469B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{03BF63AF-1A7B-48FF-B0DB-AD5185A66E2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{863BB747-3E35-48A6-A6A3-4E329E5C10B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2809AAB1-1120-49ED-A3AF-C797CE4495C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{339B096B-E9EF-49E9-B7B3-8A49ECE6E6F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe FirewallRules: [{BC016FC6-0E48-45D1-BBC6-B688821F3E75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe FirewallRules: [{E87A84E6-0074-4F7F-A4A5-D1528AEB3829}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{AEC43C9F-C8A6-465E-ACA0-E2FBF8F9EF70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{6231CAD7-EAA1-47AB-9771-22E442CC7212}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{F8A80154-0F40-4ABD-A1D3-224162FFE393}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{B125D0EB-8832-4EA3-8173-60107AC6242E}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{F212BE1D-21D9-4F07-9FD0-34A37385ADE7}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [{CA25552E-6EB1-4353-A9BA-04758A2C5C98}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe FirewallRules: [{78841D33-0099-4B16-92A0-36050A66B703}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe FirewallRules: [{48EE8BA4-0A36-48F2-8B47-5FC290DC8FB4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe FirewallRules: [{1055AF86-FDD1-4260-9608-41F0651A53C0}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe FirewallRules: [{DF275E8F-26DF-47EE-99DC-2EFDC80890F1}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1480336713\ee\aolsoftware.exe FirewallRules: [{7CD7473C-9974-4F8C-96C4-92FA6470819F}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1480336713\ee\aolsoftware.exe FirewallRules: [{28349D70-A7A4-4626-A2F3-257B9CB90BD4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{77B2E9DE-77F9-4031-86A3-96D0BBA71D91}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{F3F149D9-4B00-4380-B4CD-A63D51F16CAA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{9C247876-8C39-4B39-85E9-85208671112B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{8861AAFC-3F4E-4156-B59D-EF1E55320F05}C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe FirewallRules: [UDP Query User{CEA25D42-885B-4A4A-B1DB-F0A16947693D}C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe FirewallRules: [{E6031E5E-E541-4656-ABE2-094398EC8E6C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{B23F49D8-F068-4786-9AAF-A11048E9A6B0}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe FirewallRules: [TCP Query User{84040938-8A5B-4AD6-9206-56E8F42C65B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{99BB6274-3A15-4200-81C0-25A9A34C73D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{0BE5984D-4635-48CC-9F44-D323A11B90D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{70DD8CE8-92B0-4659-8B0B-9BE3B691F39B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EADC3801-4E0C-4D6E-B23A-1C8FCED6858B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{77A001EA-C440-411D-B0F8-A77E999C79C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{7A25E94A-DD03-45A6-9B95-F8AC18309808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Restore Points ========================= 20-06-2017 16:05:32 Removed WorldWide Telescope 23-06-2017 09:21:35 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/27/2017 02:22:51 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:22:30 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:21:55 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:20:58 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:08:04 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:07:02 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:05:20 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:04:52 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 02:04:40 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error Error: (06/27/2017 01:59:56 PM) (Source: ATIeRecord) (EventID: 16387) (User: ) Description: ATI EEU Service event error System errors: ============= Error: (06/26/2017 04:03:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LRA92O6) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (06/26/2017 04:01:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Connected Devices Platform Service service terminated with the following error: Unspecified error Error: (06/26/2017 04:01:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LRA92O6) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (06/26/2017 03:59:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Connected Devices Platform Service service terminated with the following error: Unspecified error Error: (06/24/2017 04:03:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LRA92O6) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (06/24/2017 04:01:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Connected Devices Platform Service service terminated with the following error: Unspecified error Error: (06/24/2017 04:01:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LRA92O6) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (06/24/2017 03:59:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Connected Devices Platform Service service terminated with the following error: Unspecified error Error: (06/22/2017 01:46:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Connected Devices Platform Service service terminated with the following error: Unspecified error Error: (06/22/2017 01:45:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-04-23 08:25:34.840 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:29.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:28.808 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:28.730 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:27.606 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:27.465 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:25.196 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:25.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:25.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-23 08:25:22.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8350 Eight-Core Processor Percentage of memory in use: 21% Total physical RAM: 16347.12 MB Available physical RAM: 12822.87 MB Total Virtual: 65499.12 MB Available Virtual: 61787.47 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.02 GB) (Free:114.56 GB) NTFS Drive d: (MULTIBOOT) (Fixed) (Total:931.51 GB) (Free:881.88 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: ED1A4EBA) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 223.6 GB) (Disk ID: ED1A4EA3) Partition: GPT. ==================== End of Addition.txt ============================
  11. My desktop seems dirty

    Great thanks Win finished installing updates all is well now.
  12. My desktop seems dirty

    Ok I deleted the folder. Windows update continues.
  13. My desktop seems dirty

    No, there is no uninstaller.
  14. My desktop seems dirty

    I don't have steam. I did find Glyph in C:\Program Files (x86)\Glyph should I just delete this folder?
  15. My desktop seems dirty

    I am not able to see Glyph Client in add/remove programs. How do I remove it so I can allow Windows update please?
×