Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Degraded performance, slow switching between programs, internet browsing

This is a discussion on Degraded performance, slow switching between programs, internet browsing within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hello, thank you in advance for your help. As stated in the title, I am having significant performance issues. I


 
 
Thread Tools Search this Thread
Old 10-26-2018, 05:42 AM   #1
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



Hello, thank you in advance for your help. As stated in the title, I am having significant performance issues. I am not sure if it is malware/virus, or something similar, or if it is, at least in part, the age of the machine.

My laptop is more than 5 years old and is running Windows 10. It seems to me that performance has been worse since upgrade to Windows 10.

In any event, your help and direction is greatly appreciated.

Here is the information requested to start the process.

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.181.2
Run by Dell Inspiron at 8:31:53 on 2018-10-26
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8049.2310 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\nvvsvc.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s MSiSCSI
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Avira\Antivirus\sched.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
svchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\EscSvc64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localservice -p -s workfolderssvc
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
c:\windows\system32\sihost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Users\Dell Inspiron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\eBay\Turbo Lister2\Tl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\splwow64.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
BHO: Like: {2159cb25-ef9a-54c1-b43c-e30d1a4a8277} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
BHO: Simple: {886bf106-6ebf-4ef4-8676-6663caabbda4} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
TCP: NameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{c49f85b0-4b0d-42a0-bce6-d03c89396128} : DHCPNameServer = 64.233.217.2 64.233.217.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mSearch Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = about:blank
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell Inspiron\AppData\Roaming\Mozilla\Firefox\Profiles\7gzxff73.default-1488972710950\
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_31_0_0_108.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-11-22 9728]
R0 avdevprot;avdevprot;C:\WINDOWS\System32\drivers\avdevprot.sys [2017-6-13 69656]
R0 gfibto;gfibto;C:\WINDOWS\System32\drivers\gfibto.sys [2013-8-22 14456]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-10-27 651832]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2016-9-12 57400]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-11 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2016-5-30 44488]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-5-30 248312]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-5-30 248312]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2016-5-30 179376]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-10-9 431688]
R2 AviraOptimizerHost;Avira Optimizer Host;C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-2-27 2940584]
R2 AviraUpdaterService;Avira Updater Service;C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2018-10-11 102816]
R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2016-5-30 88488]
R2 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-12-25 448384]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_8a63c;Connected Devices Platform User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2013-7-2 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2013-7-2 131072]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;C:\Program Files\Epson\EpsonCustomerResearchParticipation\EPCP.exe [2016-8-2 674768]
R2 EpsonScanSvc;Epson Scanner Service;C:\WINDOWS\System32\escsvc64.exe [2013-7-6 144560]
R2 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-6-14 169752]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-6-15 2451456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-5-3 337888]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-19 21055432]
R2 OneSyncSvc_8a63c;Sync Host_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-9-22 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-9-22 233712]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-17 5341536]
R2 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-4 87760]
R2 TurboB;Turbo Boost UI Monitor driver;C:\WINDOWS\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_8a63c;Windows Push Notifications User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\WINDOWS\System32\drivers\AmpPal.sys [2012-9-13 162344]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 ibtfltcoex;Intel Corporation;C:\WINDOWS\System32\drivers\ibtfltcoex.sys [2015-7-1 79632]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-5-7 442368]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-1 38896]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew01.sys [2018-4-11 3343872]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-5 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-6-5 40392]
R3 PimIndexMaintenanceSvc_8a63c;Contact Data_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-8-13 896744]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_8a63c;User Data Storage_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_8a63c;User Data Access_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-5-30 891472]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-5-30 1162120]
S2 AviraPhantomVPN;Avira Phantom VPN;C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2018-3-19 339240]
S2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-27 173192]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2015-3-1 1997168]
S2 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2016-5-30 3892256]
S2 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
S2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-4 1001920]
S2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-6-26 16928]
S2 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 BcastDVRUserService_8a63c;GameDVR and Broadcast User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_8a63c;Bluetooth User Support Service_8a63c;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 DevicePickerUserSvc_8a63c;DevicePicker_8a63c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_8a63c;DevicesFlow_8a63c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 gfiark;gfiark;C:\WINDOWS\System32\drivers\gfiark.sys [2013-8-27 41032]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-12-1 50160]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [2018-9-27 405392]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_8a63c;MessagingService_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_8a63c;PrintWorkflow_8a63c;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-11 945568]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2013-6-15 315536]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-10-5 60584]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe [2018-10-5 3847376]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-11 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-20 11:27:59 836608 ----a-w- C:\WINDOWS\System32\win32spl.dll
2018-10-18 02:18:59 -------- d-----w- C:\Users\Dell Inspiron\AppData\Local\IsolatedStorage
2018-10-05 18:21:19 -------- d-----w- C:\ProgramData\McAfee Security Scan
2018-10-05 17:45:59 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E304F0DE-4E26-4534-8583-8A8D6AFC7A44}\mpengine.dll
.
==================== Find3M ====================
.
2018-10-22 08:07:41 559880 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-10-05 17:44:53 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-10-05 17:44:53 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-10-05 17:44:53 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-10-02 20:13:10 835152 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-10-02 20:13:10 179792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-09-21 09:01:45 171520 ----a-w- C:\WINDOWS\System32\itss.dll
2018-09-21 08:12:50 150016 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2018-09-21 04:14:11 661056 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2018-09-21 04:13:06 480568 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-09-21 04:12:09 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-09-21 04:11:36 753056 ----a-w- C:\WINDOWS\System32\evr.dll
2018-09-21 04:09:49 1062920 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-09-21 04:09:45 4790160 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-09-21 04:09:23 1427968 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll
2018-09-21 04:09:18 129088 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-09-21 04:08:40 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-09-21 04:08:37 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-09-21 04:08:19 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-09-21 04:08:15 1566720 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll
2018-09-21 04:08:11 1140672 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-09-21 04:08:09 1257864 ----a-w- C:\WINDOWS\System32\winload.exe
2018-09-21 04:08:07 1456720 ----a-w- C:\WINDOWS\System32\winload.efi
2018-09-21 04:08:06 261008 ----a-w- C:\WINDOWS\System32\mfps.dll
2018-09-21 04:08:00 982600 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-09-21 04:07:51 604664 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-09-21 03:58:23 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-09-21 03:57:26 2900992 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2018-09-21 03:57:00 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-09-21 03:56:11 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2018-09-21 03:54:30 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2018-09-21 03:53:32 1006080 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2018-09-21 03:43:38 1627136 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2018-09-21 03:42:00 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-09-21 03:41:32 3396096 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-09-21 03:40:03 2368000 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2018-09-21 03:39:56 625152 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-09-21 03:39:42 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-09-21 03:39:13 1535488 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2018-09-21 03:39:12 3320320 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2018-09-21 03:38:30 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-09-21 03:38:14 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-09-21 03:37:34 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-09-21 03:37:09 1211904 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2018-09-21 03:37:07 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-09-21 03:36:59 401920 ----a-w- C:\WINDOWS\System32\rascustom.dll
2018-09-21 03:36:52 1034240 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2018-09-21 03:36:38 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-09-21 03:36:33 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2018-09-20 09:40:54 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-09-20 09:37:39 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-09-20 09:23:59 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-09-20 09:19:32 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-09-20 09:18:20 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-09-20 09:17:56 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-09-20 09:17:55 2874368 ----a-w- C:\WINDOWS\System32\themeui.dll
2018-09-20 09:17:54 1856000 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-09-20 09:16:55 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-09-20 08:46:11 1454440 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-09-20 08:35:00 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-09-20 08:29:51 2891776 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-09-20 08:29:45 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-09-20 08:29:35 2824704 ----a-w- C:\WINDOWS\SysWow64\themeui.dll
2018-09-20 08:28:18 102400 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-09-20 06:43:22 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-09-20 05:52:58 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-09-20 04:29:23 1989232 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-09-20 04:29:04 6039368 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-09-20 04:29:04 1513032 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-09-20 04:29:02 357056 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-09-20 04:29:01 6569856 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-09-20 04:28:57 1129544 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-09-20 04:28:41 581792 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-09-20 04:28:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-09-20 04:21:37 22013440 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-09-20 04:17:07 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-09-20 04:13:48 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-09-20 04:12:39 269128 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-09-20 04:12:38 272200 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-09-20 04:11:43 74240 ----a-w- C:\WINDOWS\SysWow64\dtdump.exe
2018-09-20 04:11:37 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-09-20 04:11:24 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-09-20 04:11:19 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-09-20 04:11:03 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-09-20 04:10:57 1029432 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-09-20 04:10:53 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-09-20 04:10:48 1221128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-09-20 04:10:44 566800 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-09-20 04:10:44 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-09-20 04:10:31 500536 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-09-20 04:10:13 355840 ----a-w- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
2018-09-20 04:10:03 2719032 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-09-20 04:08:52 4191232 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2018-09-20 03:53:35 25851392 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-09-20 03:44:27 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-09-20 03:44:04 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-09-20 03:43:21 52736 ----a-w- C:\WINDOWS\System32\runexehelper.exe
2018-09-20 03:42:26 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-09-20 03:42:16 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-09-20 03:42:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
.
============= FINISH: 8:35:37.10 ===============

I do not have access to a Windows install or boot CD. Please advise next steps. Thank you.

Jeff
Attached Files
File Type: txt attach.txt (22.0 KB, 4 views)
JoshandDad is offline  
Sponsored Links
Advertisement
 
Old 10-27-2018, 12:56 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 10-27-2018, 05:36 PM   #3
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



Adw:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-27-2018
# Duration: 00:00:19
# OS: Windows 10 Home
# Cleaned: 23
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\NCH Software\Components\conduit
Deleted HKLM\Software\Wow6432Node\NCH Software\Components\conduit
Deleted HKLM\Software\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKLM\Software\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{56B77A66-DFCE-46E0-B98F-5757DA2AEE1E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7B3090D8-8C0A-4541-AFF7-741EE5797D93}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D5414E1C-8492-4FD4-9599-32A9615126F0}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F96041CF-AE3A-4131-A27D-06AE252010C7}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{18F6E70D-077C-4E8A-ABE2-C39DC99263A3}C:\program files (x86)\itibiti soft phone\itibiti.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BD86689C-A83C-4C36-9189-BD9D50A4A653}C:\program files (x86)\itibiti soft phone\itibiti.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Conduit
Deleted Mysearchdial
Deleted Mysearchdial
Deleted Mysearchdial
Deleted Mysearchdial
Deleted Inbox
Deleted Inbox
Deleted Ask
Deleted Ask.com
Deleted Ask
Deleted SafeSearch
Not Deleted Vosteran
Deleted AOL
Not Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted ss.websearch.ask.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3428 octets] - [27/10/2018 20:12:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

FRST64:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Dell Inspiron (administrator) on DELL_I17 (27-10-2018 20:24:42)
Running from C:\Users\Dell Inspiron\Desktop
Loaded Profiles: Dell Inspiron (Available Profiles: Dell Inspiron & gamin_000 & the6o_000)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Malwarebytes) C:\Users\Dell Inspiron\Desktop\AdwCleaner.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdaterToastNotificationsBridge.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Users\Dell Inspiron\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [717688 2015-11-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-29] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [653280 2017-11-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [862176 2017-11-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-4145260611-1649676698-564753963-1001\...\Winlogon: [Userinit] C:\WINDOWS\System32\Userinit.exe, [32256 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-4145260611-1649676698-564753963-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ATTENTION
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-10-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\gamin_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk [2013-06-14]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\the6o_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk [2013-06-14]
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 64.233.217.2 64.233.217.3
Tcpip\..\Interfaces\{c49f85b0-4b0d-42a0-bce6-d03c89396128}: [DhcpNameServer] 64.233.217.2 64.233.217.3

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4145260611-1649676698-564753963-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4145260611-1649676698-564753963-1001 -> DefaultScope {FF47A76A-350C-44DF-AC75-5C1D0FB27176} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4145260611-1649676698-564753963-1001 -> {FF47A76A-350C-44DF-AC75-5C1D0FB27176} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Like -> {2159cb25-ef9a-54c1-b43c-e30d1a4a8277} -> C:\WINDOWS\SysWOW64\mscoree.dll [2018-04-11] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-28] (Oracle Corporation)
BHO-x32: Simple -> {886bf106-6ebf-4ef4-8676-6663caabbda4} -> C:\WINDOWS\SysWOW64\mscoree.dll [2018-04-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-28] (Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab

FireFox:
========
FF ProfilePath: C:\Users\Dell Inspiron\AppData\Roaming\Mozilla\Firefox\Profiles\7gzxff73.default-1488972710950 [2018-10-20]
FF Extension: (Firefox Monitor) - C:\Users\Dell Inspiron\AppData\Roaming\Mozilla\Firefox\Profiles\7gzxff73.default-1488972710950\features\{10f3445e-e16b-401b-b328-d2452f754729}\[email protected] [2018-09-19]
FF Extension: (Telemetry coverage) - C:\Users\Dell Inspiron\AppData\Roaming\Mozilla\Firefox\Profiles\7gzxff73.default-1488972710950\features\{10f3445e-e16b-401b-b328-d2452f754729}\[email protected] [2018-09-19] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-10-16] [Legacy] [not signed]
FF Plugin: @Adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @Java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-28] (Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.cbssports.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default [2018-10-27]
CHR Extension: (TonOfFunGames) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc [2018-10-17]
CHR Extension: (Docs) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-18]
CHR Extension: (Google Search) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Pinterest Save Button) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19]
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2018-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-10-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-10-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [339240 2018-03-19] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [102816 2018-10-11] (Avira Operations GmbH & Co. KG)
R2 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-25] ()
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [674768 2018-03-17] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [405392 2018-09-27] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-29] (NVIDIA Corporation)
S2 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-23] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2015-04-14] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-05] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-05] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [69656 2018-08-07] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [179376 2018-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-07-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2013-10-05] (GFI Software)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-11] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-13] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-05] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-10-05] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-27 20:24 - 2018-10-27 20:27 - 000029522 _____ C:\Users\Dell Inspiron\Desktop\FRST.txt
2018-10-27 20:23 - 2018-10-27 20:23 - 002414592 _____ (Farbar) C:\Users\Dell Inspiron\Desktop\FRST64.exe
2018-10-27 20:16 - 2018-10-27 20:16 - 000000000 ____D C:\Spybot - Search & Destroy
2018-10-27 20:11 - 2018-10-27 20:15 - 000000000 ____D C:\AdwCleaner
2018-10-27 20:10 - 2018-10-27 20:10 - 007592144 _____ (Malwarebytes) C:\Users\Dell Inspiron\Desktop\AdwCleaner.exe
2018-10-26 23:46 - 2018-10-26 23:46 - 000305434 _____ C:\Users\Dell Inspiron\Downloads\August 06.PDF
2018-10-26 23:40 - 2018-10-26 23:40 - 000314339 _____ C:\Users\Dell Inspiron\Desktop\September 06.PDF
2018-10-26 23:40 - 2018-10-26 23:40 - 000307561 _____ C:\Users\Dell Inspiron\Downloads\October 04.PDF
2018-10-26 08:35 - 2018-10-26 08:35 - 000054220 _____ C:\Users\Dell Inspiron\Desktop\dds.txt
2018-10-26 08:35 - 2018-10-26 08:35 - 000022526 _____ C:\Users\Dell Inspiron\Desktop\attach.txt
2018-10-26 08:31 - 2018-10-26 08:31 - 000688992 ____R (Swearware) C:\Users\Dell Inspiron\Desktop\dds.scr
2018-10-21 14:56 - 2018-10-21 14:56 - 000429548 _____ C:\Users\Dell Inspiron\Desktop\statement-2018-10-18.pdf
2018-10-20 07:28 - 2018-09-21 05:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-20 07:28 - 2018-09-21 04:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-20 07:28 - 2018-09-21 00:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-20 07:28 - 2018-09-21 00:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-20 07:28 - 2018-09-21 00:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-20 07:28 - 2018-09-21 00:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-20 07:28 - 2018-09-21 00:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-20 07:28 - 2018-09-20 23:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-20 07:28 - 2018-09-20 23:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-20 07:28 - 2018-09-20 23:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-20 07:28 - 2018-09-20 23:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-20 07:28 - 2018-09-20 23:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-20 07:28 - 2018-09-20 23:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-20 07:28 - 2018-09-20 23:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-20 07:28 - 2018-09-20 23:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-20 07:28 - 2018-09-20 05:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-20 07:28 - 2018-09-20 05:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-20 07:28 - 2018-09-20 05:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-20 07:28 - 2018-09-20 04:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-20 07:28 - 2018-09-20 04:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-20 07:28 - 2018-09-20 04:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-20 07:28 - 2018-09-20 00:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-20 07:28 - 2018-09-20 00:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-20 07:28 - 2018-09-20 00:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-20 07:28 - 2018-09-20 00:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-20 07:28 - 2018-09-20 00:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-20 07:28 - 2018-09-20 00:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-20 07:28 - 2018-09-20 00:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-20 07:28 - 2018-09-20 00:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-20 07:28 - 2018-09-20 00:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-20 07:28 - 2018-09-20 00:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-20 07:28 - 2018-09-20 00:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-20 07:28 - 2018-09-20 00:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-20 07:28 - 2018-09-20 00:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-20 07:28 - 2018-09-20 00:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-20 07:28 - 2018-09-20 00:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-20 07:28 - 2018-09-20 00:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-20 07:28 - 2018-09-20 00:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-20 07:28 - 2018-09-20 00:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-20 07:28 - 2018-09-19 23:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-20 07:28 - 2018-09-19 23:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-20 07:28 - 2018-09-19 23:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-20 07:28 - 2018-09-19 23:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-20 07:28 - 2018-09-19 23:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-20 07:28 - 2018-09-19 23:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-20 07:28 - 2018-09-19 23:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-20 07:28 - 2018-09-19 23:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-20 07:28 - 2018-09-19 23:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-20 07:28 - 2018-09-19 23:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-20 07:28 - 2018-09-19 23:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-20 07:28 - 2018-09-08 04:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-20 07:28 - 2018-09-08 04:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-20 07:28 - 2018-09-08 04:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-20 07:28 - 2018-09-08 04:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-20 07:28 - 2018-09-08 04:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-20 07:28 - 2018-09-08 04:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-20 07:28 - 2018-09-08 04:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-20 07:28 - 2018-09-08 03:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-20 07:28 - 2018-09-08 03:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-20 07:28 - 2018-09-08 03:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-20 07:28 - 2018-09-08 03:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-20 07:28 - 2018-09-08 03:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-20 07:28 - 2018-09-08 03:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-20 07:28 - 2018-09-08 03:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-20 07:28 - 2018-09-08 03:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-20 07:28 - 2018-09-08 02:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-20 07:28 - 2018-09-08 02:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-20 07:28 - 2018-09-08 02:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-20 07:28 - 2018-09-08 02:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-20 07:28 - 2018-09-08 00:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-20 07:28 - 2018-09-07 23:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-20 07:28 - 2018-09-07 23:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-20 07:28 - 2018-09-07 23:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-20 07:28 - 2018-09-07 23:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-20 07:28 - 2018-09-07 23:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-20 07:28 - 2018-09-07 23:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-20 07:28 - 2018-09-07 23:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-20 07:28 - 2018-09-07 23:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-20 07:28 - 2018-09-07 23:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-20 07:28 - 2018-09-07 23:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-20 07:28 - 2018-09-07 23:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-20 07:28 - 2018-09-07 23:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-20 07:28 - 2018-09-07 23:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-20 07:28 - 2018-09-07 23:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-20 07:28 - 2018-09-07 23:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-20 07:28 - 2018-09-07 23:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-20 07:28 - 2018-09-07 23:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-20 07:28 - 2018-09-07 23:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-20 07:28 - 2018-09-07 23:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-20 07:28 - 2018-09-07 23:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-20 07:28 - 2018-09-07 23:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-20 07:28 - 2018-09-07 23:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-20 07:27 - 2018-09-21 05:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-20 07:27 - 2018-09-21 04:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-20 07:27 - 2018-09-21 00:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-20 07:27 - 2018-09-21 00:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-20 07:27 - 2018-09-21 00:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-20 07:27 - 2018-09-21 00:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-20 07:27 - 2018-09-21 00:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-20 07:27 - 2018-09-21 00:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-20 07:27 - 2018-09-21 00:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-20 07:27 - 2018-09-21 00:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-20 07:27 - 2018-09-21 00:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-20 07:27 - 2018-09-21 00:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-20 07:27 - 2018-09-21 00:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-20 07:27 - 2018-09-21 00:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-20 07:27 - 2018-09-21 00:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-20 07:27 - 2018-09-21 00:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-20 07:27 - 2018-09-21 00:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-20 07:27 - 2018-09-20 23:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-20 07:27 - 2018-09-20 23:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-20 07:27 - 2018-09-20 23:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-20 07:27 - 2018-09-20 23:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-20 07:27 - 2018-09-20 23:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-20 07:27 - 2018-09-20 23:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-20 07:27 - 2018-09-20 23:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-20 07:27 - 2018-09-20 23:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-20 07:27 - 2018-09-20 23:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-20 07:27 - 2018-09-20 23:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-20 07:27 - 2018-09-20 23:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-20 07:27 - 2018-09-20 23:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-20 07:27 - 2018-09-20 23:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-20 07:27 - 2018-09-20 23:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-20 07:27 - 2018-09-20 23:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-20 07:27 - 2018-09-20 23:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-20 07:27 - 2018-09-20 23:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-20 07:27 - 2018-09-20 05:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-20 07:27 - 2018-09-20 05:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-20 07:27 - 2018-09-20 05:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-20 07:27 - 2018-09-20 05:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-20 07:27 - 2018-09-20 05:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-20 07:27 - 2018-09-20 05:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-20 07:27 - 2018-09-20 05:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-20 07:27 - 2018-09-20 05:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-20 07:27 - 2018-09-20 04:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-20 07:27 - 2018-09-20 04:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-20 07:27 - 2018-09-20 04:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-20 07:27 - 2018-09-20 04:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-20 07:27 - 2018-09-20 04:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-20 07:27 - 2018-09-20 02:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-20 07:27 - 2018-09-20 01:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-20 07:27 - 2018-09-20 00:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-20 07:27 - 2018-09-20 00:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-20 07:27 - 2018-09-20 00:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-20 07:27 - 2018-09-20 00:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-20 07:27 - 2018-09-20 00:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-20 07:27 - 2018-09-20 00:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-20 07:27 - 2018-09-20 00:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-20 07:27 - 2018-09-20 00:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-20 07:27 - 2018-09-20 00:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-20 07:27 - 2018-09-20 00:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-20 07:27 - 2018-09-20 00:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-20 07:27 - 2018-09-20 00:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-20 07:27 - 2018-09-20 00:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-20 07:27 - 2018-09-20 00:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-20 07:27 - 2018-09-20 00:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-20 07:27 - 2018-09-20 00:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-20 07:27 - 2018-09-20 00:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-20 07:27 - 2018-09-20 00:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-20 07:27 - 2018-09-20 00:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-20 07:27 - 2018-09-20 00:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-20 07:27 - 2018-09-20 00:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-20 07:27 - 2018-09-20 00:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-20 07:27 - 2018-09-20 00:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-20 07:27 - 2018-09-20 00:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-20 07:27 - 2018-09-19 23:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-20 07:27 - 2018-09-19 23:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-20 07:27 - 2018-09-19 23:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-20 07:27 - 2018-09-19 23:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-20 07:27 - 2018-09-19 23:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-20 07:27 - 2018-09-19 23:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-20 07:27 - 2018-09-19 23:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-20 07:27 - 2018-09-19 23:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-20 07:27 - 2018-09-19 23:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-20 07:27 - 2018-09-19 23:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-20 07:27 - 2018-09-19 22:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-20 07:27 - 2018-09-19 21:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-20 07:27 - 2018-09-08 04:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-20 07:27 - 2018-09-08 04:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-20 07:27 - 2018-09-08 04:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-20 07:27 - 2018-09-08 04:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-20 07:27 - 2018-09-08 03:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-20 07:27 - 2018-09-08 03:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-20 07:27 - 2018-09-08 03:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-20 07:27 - 2018-09-08 03:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-20 07:27 - 2018-09-08 03:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-20 07:27 - 2018-09-08 03:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-20 07:27 - 2018-09-08 03:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-20 07:27 - 2018-09-08 03:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-20 07:27 - 2018-09-08 03:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-20 07:27 - 2018-09-08 03:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-20 07:27 - 2018-09-08 03:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-20 07:27 - 2018-09-08 03:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-20 07:27 - 2018-09-08 03:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-20 07:27 - 2018-09-08 03:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-20 07:27 - 2018-09-08 03:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-20 07:27 - 2018-09-08 03:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-20 07:27 - 2018-09-08 03:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-20 07:27 - 2018-09-08 03:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-20 07:27 - 2018-09-08 03:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-20 07:27 - 2018-09-08 03:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-20 07:27 - 2018-09-08 03:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-20 07:27 - 2018-09-08 03:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-20 07:27 - 2018-09-08 03:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-20 07:27 - 2018-09-08 03:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-20 07:27 - 2018-09-08 03:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-20 07:27 - 2018-09-08 03:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-20 07:27 - 2018-09-08 03:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-20 07:27 - 2018-09-08 02:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-20 07:27 - 2018-09-08 02:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-20 07:27 - 2018-09-08 02:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-20 07:27 - 2018-09-08 02:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-20 07:27 - 2018-09-08 02:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-20 07:27 - 2018-09-08 02:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-20 07:27 - 2018-09-08 02:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-20 07:27 - 2018-09-08 02:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-20 07:27 - 2018-09-07 23:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-20 07:27 - 2018-09-07 23:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-20 07:27 - 2018-09-07 23:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-20 07:27 - 2018-09-07 23:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-20 07:27 - 2018-09-07 23:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-20 07:27 - 2018-09-07 23:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-20 07:27 - 2018-09-07 23:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-20 07:27 - 2018-09-07 23:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-20 07:27 - 2018-09-07 23:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-20 07:27 - 2018-09-07 23:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-20 07:27 - 2018-09-07 23:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-20 07:27 - 2018-09-07 23:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-20 07:27 - 2018-09-07 23:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-20 07:27 - 2018-09-07 23:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-20 07:27 - 2018-09-07 23:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-20 07:27 - 2018-09-07 23:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-20 07:27 - 2018-09-07 23:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-20 07:27 - 2018-09-07 23:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-20 07:27 - 2018-09-07 23:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-20 07:27 - 2018-09-07 23:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-20 07:27 - 2018-09-07 23:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-20 07:27 - 2018-09-07 23:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-20 07:27 - 2018-09-07 23:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-20 07:27 - 2018-09-07 23:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-20 07:27 - 2018-09-07 23:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-20 07:27 - 2018-09-07 23:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-20 07:27 - 2018-09-07 23:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-20 07:27 - 2018-09-07 23:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-20 07:27 - 2018-09-07 23:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-20 07:27 - 2018-09-07 23:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-20 07:27 - 2018-09-07 23:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-20 07:27 - 2018-09-07 23:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-20 07:27 - 2018-09-07 23:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-20 07:27 - 2018-09-07 23:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-20 07:27 - 2018-09-07 23:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-20 07:27 - 2018-09-07 23:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-20 07:27 - 2018-09-07 23:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-20 07:27 - 2018-09-07 23:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-20 07:27 - 2018-09-07 23:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-19 16:06 - 2018-10-19 16:06 - 000001189 _____ C:\Users\Public\Desktop\Avira.lnk
2018-10-17 22:18 - 2018-10-17 22:18 - 000000000 ____D C:\Users\Dell Inspiron\AppData\Local\IsolatedStorage
2018-10-17 10:34 - 2018-10-17 10:35 - 000000000 ____D C:\Users\Dell Inspiron\Documents\Disability Application
2018-10-05 14:22 - 2018-10-05 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-10-05 14:21 - 2018-10-25 03:38 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-10-05 14:21 - 2018-10-05 14:22 - 000002009 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-10-03 18:54 - 2018-10-03 18:54 - 001794704 _____ C:\Users\Dell Inspiron\Desktop\APP13430-fill.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-27 20:27 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-27 20:24 - 2014-12-30 02:32 - 000000000 ____D C:\FRST
2018-10-27 20:23 - 2018-03-26 20:13 - 000000000 ____D C:\Users\Public\Speedup Sessions
2018-10-27 20:19 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-27 20:19 - 2016-05-21 00:56 - 000000000 __SHD C:\Users\Dell Inspiron\IntelGraphicsProfiles
2018-10-27 20:18 - 2017-11-22 16:03 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-10-27 20:17 - 2018-06-02 22:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-27 20:17 - 2016-05-30 19:20 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-10-27 20:16 - 2018-04-11 17:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-10-27 20:15 - 2018-06-02 21:28 - 000000000 ____D C:\Users\Dell Inspiron
2018-10-27 20:07 - 2018-06-02 21:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-27 07:21 - 2018-06-02 22:12 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{508835D5-5C8F-4616-A414-0F5472B607BE}
2018-10-27 01:10 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-26 10:11 - 2015-07-26 15:38 - 000000000 ____D C:\Users\Dell Inspiron\Desktop\Quicken Backups
2018-10-25 21:12 - 2016-08-23 17:10 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-25 21:12 - 2013-06-17 18:41 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-24 19:16 - 2018-09-10 18:23 - 000009958 _____ C:\Users\Dell Inspiron\Documents\Book1.xlsx
2018-10-23 23:06 - 2016-09-08 15:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 04:07 - 2013-06-14 22:31 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-21 13:02 - 2018-06-02 21:47 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-21 13:02 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-20 22:52 - 2018-03-27 07:35 - 000000000 ___RD C:\Users\Dell Inspiron\3D Objects
2018-10-20 22:52 - 2016-02-13 09:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-20 19:22 - 2018-06-02 21:20 - 000428472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-20 19:19 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-20 07:37 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-20 07:04 - 2018-06-22 12:04 - 000000000 ____D C:\Users\Dell Inspiron\AppData\Local\D3DSCache
2018-10-20 07:02 - 2014-01-19 04:00 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-20 06:53 - 2018-06-23 13:30 - 000000000 ____D C:\Users\Dell Inspiron\AppData\Local\PlaceholderTileLogoFolder
2018-10-20 02:53 - 2014-08-22 12:00 - 000000000 ____D C:\Users\Dell Inspiron\AppData\Roaming\Skype
2018-10-19 16:07 - 2016-05-30 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-10-15 16:23 - 2018-07-11 03:32 - 000000000 ____D C:\ProgramData\Packages
2018-10-13 09:29 - 2013-06-20 16:55 - 000000000 ____D C:\Users\Dell Inspiron\Documents\Turbo Lister Backup
2018-10-09 23:03 - 2013-08-15 08:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 22:56 - 2013-06-14 22:30 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 18:27 - 2018-06-02 22:12 - 000004602 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-09 18:27 - 2018-06-02 22:12 - 000004590 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-09 18:27 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-09 18:27 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 16:11 - 2018-06-02 22:12 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4145260611-1649676698-564753963-1001
2018-10-09 16:11 - 2018-06-02 21:28 - 000002425 _____ C:\Users\Dell Inspiron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-09 16:11 - 2016-05-21 01:04 - 000000000 ___RD C:\Users\Dell Inspiron\OneDrive
2018-10-05 14:21 - 2017-05-19 20:41 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-10-05 13:45 - 2018-06-02 22:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-03 18:55 - 2013-06-21 19:22 - 000000000 ____D C:\Users\Dell Inspiron\AppData\LocalLow\Adobe
2018-10-02 16:13 - 2018-07-11 03:20 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 16:13 - 2018-07-11 03:20 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-07-30 01:33 - 2013-11-20 00:38 - 000003708 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2017-02-16 16:30 - 2017-02-16 15:07 - 000012542 _____ () C:\Program Files (x86)\Common Files\client.wyc
2013-11-11 21:37 - 2013-11-20 23:44 - 000264488 _____ () C:\Users\Dell Inspiron\AppData\Roaming\h
2013-12-19 01:20 - 2015-01-07 22:46 - 000000055 _____ () C:\Users\Dell Inspiron\AppData\Roaming\WB.CFG
2013-07-02 22:29 - 2013-07-02 22:29 - 000000005 _____ () C:\Users\Dell Inspiron\AppData\Roaming\WBPU-TTL.DAT
2014-07-24 12:54 - 2014-07-24 12:54 - 000004096 ____H () C:\Users\Dell Inspiron\AppData\Local\keyfile3.drm

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-02 21:20

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (80.7 KB, 3 views)
JoshandDad is offline  
Sponsored Links
Advertisement
 
Old 10-27-2018, 09:28 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello Jeff.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

https://windows.microsoft.com/en-us/w...-up-your-files

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {23B52793-C785-488B-9B67-971B1BF51A08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {40081599-E50C-49B5-9AB7-B42745AC5856} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\4 => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28] (Safer-Networking Ltd.) <==== ATTENTION
    Task: {5431A31D-5248-4411-B886-35ED30D88D1B} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\6 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26] (Apple Inc.) <==== ATTENTION
    Task: {7A125A60-B81C-40FD-946B-2BC992ED1DAA} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\1 => C:\Users\Dell Inspiron\AppData\Roaming\mjusbsp\cdloader2.exe [2014-07-04] (magicJack L.P.) <==== ATTENTION
    Task: {BCFBDF1E-4D0A-4FB7-8FDD-1680695A8A44} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\8 => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMDE.EXE [2013-12-16] (SEIKO EPSON CORPORATION) <==== ATTENTION
    Task: {C06D86E6-6362-4190-A520-A3C75A0C7029} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\7 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26] (Apple Inc.) <==== ATTENTION
    Task: {D9E65393-7DFC-4911-9830-E738332671D5} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\3 => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE [2011-01-20] (SEIKO EPSON CORPORATION) <==== ATTENTION
    Task: {F07241E5-6705-4DCC-9AAD-0AFF85C94A9B} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\2 => C:\Program Files (x86)\Quicken\bagent.exe [2018-09-10] (Intuit Inc.) <==== ATTENTION
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-4145260611-1649676698-564753963-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ATTENTION
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 10-28-2018, 12:36 PM   #5
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Dell Inspiron (28-10-2018 08:20:53) Run:1
Running from C:\Users\Dell Inspiron\Desktop
Loaded Profiles: Dell Inspiron (Available Profiles: Dell Inspiron & gamin_000 & the6o_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
createrestorepoint:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {23B52793-C785-488B-9B67-971B1BF51A08} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {40081599-E50C-49B5-9AB7-B42745AC5856} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\4 => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28] (Safer-Networking Ltd.) <==== ATTENTION
Task: {5431A31D-5248-4411-B886-35ED30D88D1B} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\6 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26] (Apple Inc.) <==== ATTENTION
Task: {7A125A60-B81C-40FD-946B-2BC992ED1DAA} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\1 => C:\Users\Dell Inspiron\AppData\Roaming\mjusbsp\cdloader2.exe [2014-07-04] (magicJack L.P.) <==== ATTENTION
Task: {BCFBDF1E-4D0A-4FB7-8FDD-1680695A8A44} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\8 => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIMDE.EXE [2013-12-16] (SEIKO EPSON CORPORATION) <==== ATTENTION
Task: {C06D86E6-6362-4190-A520-A3C75A0C7029} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\7 => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26] (Apple Inc.) <==== ATTENTION
Task: {D9E65393-7DFC-4911-9830-E738332671D5} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\3 => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHQA.EXE [2011-01-20] (SEIKO EPSON CORPORATION) <==== ATTENTION
Task: {F07241E5-6705-4DCC-9AAD-0AFF85C94A9B} - System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\2 => C:\Program Files (x86)\Quicken\bagent.exe [2018-09-10] (Intuit Inc.) <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4145260611-1649676698-564753963-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
end
*****************

Restore point was successfully created.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23B52793-C785-488B-9B67-971B1BF51A08} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B52793-C785-488B-9B67-971B1BF51A08} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40081599-E50C-49B5-9AB7-B42745AC5856}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40081599-E50C-49B5-9AB7-B42745AC5856}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\4" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5431A31D-5248-4411-B886-35ED30D88D1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5431A31D-5248-4411-B886-35ED30D88D1B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\6 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\6" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A125A60-B81C-40FD-946B-2BC992ED1DAA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A125A60-B81C-40FD-946B-2BC992ED1DAA}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\1 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\1" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BCFBDF1E-4D0A-4FB7-8FDD-1680695A8A44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCFBDF1E-4D0A-4FB7-8FDD-1680695A8A44}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\8 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\8" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C06D86E6-6362-4190-A520-A3C75A0C7029}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C06D86E6-6362-4190-A520-A3C75A0C7029}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\7 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\7" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D9E65393-7DFC-4911-9830-E738332671D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9E65393-7DFC-4911-9830-E738332671D5}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\3 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\3" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F07241E5-6705-4DCC-9AAD-0AFF85C94A9B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07241E5-6705-4DCC-9AAD-0AFF85C94A9B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avira\System Speedup\Delayed Startup\Dell Inspiron\2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup\Delayed Startup\Dell Inspiron\2" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => removed successfully
"HKU\S-1-5-21-4145260611-1649676698-564753963-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53444485 B
Java, Flash, Steam htmlcache => 31468636 B
Windows/system/drivers => 49760503 B
Edge => 1042111 B
Chrome => 839972270 B
Firefox => 1102454646 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 141008 B
LocalService => 0 B
NetworkService => 113158 B
NetworkService => 0 B
Dell Inspiron => 28136702 B
gamin_000 => 100263 B
the6o_000 => 0 B

RecycleBin => 16711470 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:26:13 ====
JoshandDad is offline  
Old 10-28-2018, 02:23 PM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Jeff. How is the machine behaving? Any improvement since that last fix?

------------------------------------------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Double-click mb3-setup-1878.1878-3.6.1.2711.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • NOTE: If you select the Premium features, MBAM will be running as a full-fledged, real-time antivirus application.
  • Click Finish
  • At the end of the installation, a database update will be performed.
  • Click on Scan Now
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Quarantine Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes
  • After the restart, wait for MBAM to open back up, then click Export Summary
  • If no threats were found, simply click Export Summary
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Please post that saved log in your next reply.
------------------------------------------------------

Please run this online scan to help look for remnants.

Go here and click 'SCAN NOW' under 'ESET Online Scanner' to check for remnants.
  • You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
  • Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
  • Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
  • At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
  • When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
  • Tick the option Enable detection of potentially unwanted applications
  • Click on Advanced settings
  • Make sure that the option Clean threats automatically is unticked.
  • Ensure these options are ticked:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
  • Click Scan
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Please copy/paste the contents of the log in your next reply.
  • To close ESET Online Scanner, select Do not clean then Finish
------------------------------------------------------

Please post the following in your next reply:

MBAM log
ESET report
report on system behavior
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 10-29-2018, 12:10 PM   #7
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



Performance is much better. Web pages are loading more quickly and switching between programs is better. Here's the information requested:

MBAM:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/28/18
Scan Time: 8:07 PM
Log File: 9331a990-db0e-11e8-a889-5cf9dd5bada2.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.7581
License: Trial

-System Information-
OS: Windows 10 (Build 17134.345)
CPU: x64
File System: NTFS
User: Dell_I17\Dell Inspiron

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 436038
Threats Detected: 53
Threats Quarantined: 53
Time Elapsed: 38 min, 19 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.SafeSearch.ChrPRST, HKU\S-1-5-21-4145260611-1649676698-564753963-1003\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gdfjhiclilbjdpeejgcgebmmihkkofji, Quarantined, [321], [450495],1.0.7581

Registry Value: 3
PUP.Optional.SafeSearch.ChrPRST, HKU\S-1-5-21-4145260611-1649676698-564753963-1003\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|GDFJHICLILBJDPEEJGCGEBMMIHKKOFJI, Quarantined, [321], [450495],1.0.7581
PUP.Optional.SafeSearch.ChrPRST, HKU\S-1-5-21-4145260611-1649676698-564753963-1004\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|GDFJHICLILBJDPEEJGCGEBMMIHKKOFJI, Quarantined, [321], [450495],1.0.7581
PUP.Optional.AdvertisingExt.Generic, HKU\S-1-5-21-4145260611-1649676698-564753963-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ahjoldlidpepidgcecbmcbgaekaahggc, Quarantined, [14262], [524737],1.0.7581

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\_metadata, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\img, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AHJOLDLIDPEPIDGCECBMCBGAEKAAHGGC, Quarantined, [14262], [524737],1.0.7581

File: 43
PUP.Optional.SafeSearch.ChrPRST, C:\USERS\GAMIN_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [321], [450495],1.0.7581
PUP.Optional.SafeSearch.ChrPRST, C:\USERS\THE6O_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [321], [450495],1.0.7581
PUP.Optional.SafeSearch.ChrPRST, C:\USERS\GAMIN_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [321], [450495],1.0.7581
PUP.Optional.SafeSearch.ChrPRST, C:\USERS\THE6O_000\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [321], [450495],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\000003.log, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\CURRENT, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\LOCK, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\LOG, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\LOG.old, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\MANIFEST-000001, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\000003.log, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\CURRENT, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\LOCK, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\LOG, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ahjoldlidpepidgcecbmcbgaekaahggc\MANIFEST-000001, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AHJOLDLIDPEPIDGCECBMCBGAEKAAHGGC\6.6.7.4_0\MANIFEST.JSON, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\img\close.svg, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\img\icon.png, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\img\icon48.png, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\img\info.svg, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\_metadata\computed_hashes.json, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\_metadata\verified_contents.json, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\adentify.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\background.html, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\background.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\content.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\inimgContent.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\install.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\intextContent.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\intextstyle.css, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\overlay_style.css, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.AdvertisingExt.Generic, C:\Users\Dell Inspiron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahjoldlidpepidgcecbmcbgaekaahggc\6.6.7.4_0\vsframe.js, Quarantined, [14262], [524737],1.0.7581
PUP.Optional.Reimage, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PREFERENCES, Replaced, [1390], [541062],1.0.7581
PUP.Optional.Vosteran, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [373], [455253],1.0.7581
PUP.Optional.Delta, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [279], [455070],1.0.7581
PUP.Optional.Vosteran, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [373], [455253],1.0.7581
PUP.Optional.Vosteran, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [373], [455253],1.0.7581
PUP.Optional.Delta, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [279], [455070],1.0.7581
PUP.Optional.Delta, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [279], [455070],1.0.7581
PUP.Optional.Vosteran, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [373], [455253],1.0.7581
PUP.Optional.Delta, C:\USERS\DELL INSPIRON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [279], [455070],1.0.7581

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

ESET:

C:\FRST\Quarantine\C\Windows\System32\LavasoftTcpService64.dll.xBAD a variant of Win64/Packed.Komodia.A suspicious application
C:\FRST\Quarantine\C\Windows\SysWOW64\LavasoftTcpService.dll.xBAD a variant of Win32/Packed.Komodia.A suspicious application
C:\Windows\Installer\482b0485.msi a variant of Win32/Bundled.Toolbar.Ask.O potentially unsafe application
G:\GS Data Recovery\00414-981600360\Level 2\Root\Users\Owner\Desktop\Backup\All Users\Application Data\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
G:\GS Data Recovery\00414-981600360\Level 2\Root\Users\Owner\Desktop\Backup\HP_Owner\Desktop\AdventureBall-dm.exe a variant of Win32/Adware.Trymedia.A potentially unwanted application
G:\GS Data Recovery\00414-981600360\Level 2\Root\Users\Owner\Desktop\Backup\Nikkey Rocks!!!!!!!\Application Data\Mozilla\Firefox\Profiles\hyhpucag.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application
G:\GS Data Recovery\00414-981600360\Level 2\Root\Users\Owner\Desktop\Backup\Nikkey Rocks!!!!!!!\Local Settings\temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
JoshandDad is offline  
Old 10-29-2018, 07:29 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Jeff. Glad to hear it.

The first 2 ESET finds have already been quarantined by FRST. Those will get deleted when we uninstall the tools.

I will leave it up to you whether or not to delete those other ESET finds.

Use the machine normally for the next few days and let me know how it behaves.

I will then give you some final instructions.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-05-2018, 06:00 AM   #9
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



All appears to be functioning well. Thanks for your help. Please provide final instructions. Thanks, Jeff
JoshandDad is offline  
Old 11-05-2018, 05:05 PM   #10
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Jeff. You're welcome.

Congratulations. Well done! Your logs appear clean. You should be good to go.

------------------------------------------------------
  • Press the Windows "logo" key and "R" key then type cleanmgr into the Run box and click OK.
  • If prompted, select your hard drive(usually C:\) then click 'OK'.
  • You should see the scanning screenshot for a few seconds.
  • Click 'Clean up system files'
  • If prompted by UAC, then click 'Yes'.
  • If prompted, select your hard drive(usually C:\) then click 'OK'.
  • You should see the scanning screenshot again, for a few seconds up to a few minutes.
  • Click on the 'More Options' tab, and click on the 'Clean up' button under the 'System Restore and Shadow Copies' section.
  • Click/tap on the 'Delete' button in the confirm deletion window, then press 'OK'.
  • Click/tap on the 'Delete files' button in the confirm deletion window.
This will remove all but the most recent System Restore Point.

------------------------------------------------------

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

Run AdwCleaner and go Settings > Remove AdwCleaner > Remove

------------------------------------------------------

Press the Windows "logo" key and "R" key then copy/paste the following single-line command into the Run box and click OK:

cmd /c rd /s /q "C:\FRST"

A DOS window will open and close again, this is normal.

------------------------------------------------------

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

Keep MBAM, update and run a Scan('Threat Scan' by default, or 'Scan Now' under the Dashboard tab) weekly.

Empty your Recycle Bin if it does not do so automatically.

------------------------------------------------------

SPYWARE PREVENTION
In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read this well written article: To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware, or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting them to 0.0.0.0, which is the IP of your local computer. See guide for Windows 8/Windows 10 here
Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-05-2018, 07:20 PM   #11
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



I downloaded the .zip file for MVPS Hosts. Is there anything else I need to do to install? There is no executable program in the zip file. Please advise.

Performed all other cleanup as requested.

Thank you.
JoshandDad is offline  
Old 11-06-2018, 02:30 PM   #12
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Jeff. You're very welcome.

Did you extract the files from hosts.zip and right-click on mvps.bat and choose 'Run as administrator'? You will get a prompt that 'THE MVPS HOSTS FILE IS NOW UPDATED'.

Let me know.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 11-06-2018, 07:08 PM   #13
Registered Member
 
Join Date: Jun 2008
Posts: 40
OS: Windows 10



Yes, I did. I'm all set now. Thanks. You can mark the thread as Resolved.
JoshandDad is offline  
Old 11-07-2018, 03:13 AM   #14
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're very welcome, Jeff! Glad to have helped.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Luhe.Sire.A infection
I tried to download both programs you advice to download and run, but each time I tried the pc wouldn't allow the download or even to run them direct...A pop up window said 'Item cannot be downloaded as it contained a virus'. when clicking on a tab within the message which said "Learn More" a...
Aw-Naw Resolved HJT Threads 43 06-06-2013 01:37 AM
Re: My PC is running very slow!
See original threads https://www.techsupportforum.com/forums/f100/trojan-horse-generic_r-bat-660143.html www.techsupportforum.com/forums/f112/my-pc-is-running-very-slow-660313.html Thanks for the reply. I downloaded the DDS and GMER software and ran the scans as instructed. All the scans went...
Hairymartin1966 Virus/Trojan/Spyware Help 20 08-22-2012 04:37 PM
Dell is running SO SLOW
Hi, I know next to nothing about most of what I'm finding on this site, but the step-by-steps are helpful! My Dell Insprion 1525 is running so slow, I can barely even run internal scans to find out what's wrong. It just took over 90 minutes to run my "Windows Experience Index." iTunes is no...
rebel150 Resolved HJT Threads 15 07-05-2012 09:28 AM
Viruses/Malware...google redirect/ad background/etc
Got a few problems on my hands and hope it is not beyond repairable, reformat. I have the google redirect that is happening, also have a talking ad background that I do not know where it comes from. All browsers are closed and it still comes up. Also, I get a bubble pop sound all the time,...
uofmx12 Inactive Malware Help Topics 8 02-10-2011 10:24 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 09:18 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts