Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

There's something happening here

This is a discussion on There's something happening here within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Whenever my computer comes out of sleep mode, it takes 5 to 10 minutes to stop hanging. I click on


Closed Thread
 
Thread Tools Search this Thread
Old 07-27-2019, 02:25 PM   #1
Registered Member
 
Join Date: Oct 2014
Posts: 15
OS: Windows 7 Ulimate SP1



Whenever my computer comes out of sleep mode, it takes 5 to 10 minutes to stop hanging. I click on things and nothing happens until it fully awakes. Very sluggish, like it's running 10 programs at once.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-07-2019 01
Ran by Andrew (administrator) on ANDREW-PC (27-07-2019 17:16:33)
Running from C:\Users\Andrew\Downloads
Loaded Profiles: Andrew (Available Profiles: Andrew)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-10-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3148576 2019-06-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\Run: [Skype for Desktop] => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-06-20] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\MountPoints2: {d894712a-f3d5-11e7-8f2b-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F4232B9-B8EE-4F2B-8C77-032C486C8E0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {20A9A0AC-76E0-41A2-89D3-39EAA9F6973F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {2F2C8687-5C74-4180-94B3-AFE8ABA60679} - System32\Tasks\G2MUpdateTask-S-1-5-21-2144213459-4033172500-1726722673-1000 => C:\Users\Andrew\AppData\Local\GoToMeeting\11408\g2mupdate.exe [29768 2018-12-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {538475E9-2436-4ABF-BBB6-4485E5214606} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-01-07] (Google Inc -> Google Inc.)
Task: {9A6129DC-8512-46B9-9F85-9B8C2974CB93} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {AE04AE00-272D-44D7-80B9-CF600B6535FA} - System32\Tasks\G2MUploadTask-S-1-5-21-2144213459-4033172500-1726722673-1000 => C:\Users\Andrew\AppData\Local\GoToMeeting\11408\g2mupload.exe [29768 2018-12-15] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {AF3E5011-D418-48E1-B35B-A8EC8B81B0ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C14B146E-151E-4987-AC0D-DD7B2F52EE71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2144213459-4033172500-1726722673-1000.job => C:\Users\Andrew\AppData\Local\GoToMeeting\11408\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2144213459-4033172500-1726722673-1000.job => C:\Users\Andrew\AppData\Local\GoToMeeting\11408\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{10B0F579-B97C-47B0-8DCE-319990F78EBC}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3D8A781B-B247-45AE-8E5F-21D7610D705F}: [DhcpNameServer] 192.168.1.254
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.1.69,1]

Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2018-01-10] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2018-01-10] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2144213459-4033172500-1726722673-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2018-01-10] (Google Inc -> Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-01-08] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-01-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2144213459-4033172500-1726722673-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Andrew\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-07-24] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://search.searchsafely.info/search/?category=web&s=c3pr&q={searchTerms}
CHR DefaultSearchKeyword: Default -> safe
CHR DefaultSuggestURL: Default -> hxxp://sug.searchsafely.info/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default [2019-07-27]
CHR Extension: (Slides) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-07]
CHR Extension: (Docs) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-07]
CHR Extension: (Google Drive) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-29]
CHR Extension: (Keep Safe) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfacikbiaamipiajkefejjnlnahkagkn [2019-07-27]
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-07]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2019-07-19]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-06]
CHR Extension: (Sheets) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Avast Online Security) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-05]
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-18]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [209408 2013-08-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054232 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files\GOG Galaxy\GalaxyClientService.exe [791112 2019-06-12] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7170632 2019-06-12] (GOG Sp. z o.o. -> GOG.com)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [85312 2013-05-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10925056 2013-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [495104 2013-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [178496 2013-05-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70464 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34624 2013-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48808 2012-11-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1564160 2010-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [78848 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [45736 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-27 17:16 - 2019-07-27 17:18 - 000017174 _____ C:\Users\Andrew\Downloads\FRST.txt
2019-07-27 17:15 - 2019-07-27 17:16 - 000000000 ____D C:\FRST
2019-07-27 17:14 - 2019-07-27 17:14 - 001446912 _____ (Farbar) C:\Users\Andrew\Downloads\FRST.exe
2019-07-27 16:15 - 2019-07-27 16:15 - 000578058 _____ C:\Users\Andrew\Documents\OH Heelan.pdf
2019-07-27 15:53 - 2019-07-27 15:53 - 001411826 _____ C:\Users\Andrew\Downloads\Scan (1).pdf
2019-07-26 18:21 - 2019-07-26 18:23 - 093171345 _____ C:\Users\Andrew\Downloads\drive-download-20190726T222134Z-001.zip
2019-07-24 16:27 - 2019-07-24 16:27 - 000460977 _____ C:\Users\Andrew\Documents\COA.pdf
2019-07-24 14:41 - 2019-07-24 14:41 - 000034807 _____ C:\Users\Andrew\Downloads\CF - 9941E 61st Way S - Certificate of Approval 7-24-19 (1).pdf
2019-07-24 14:38 - 2019-07-24 14:39 - 000034807 _____ C:\Users\Andrew\Downloads\CF - 9941E 61st Way S - Certificate of Approval 7-24-19.pdf
2019-07-24 11:52 - 2019-07-24 11:52 - 000191505 _____ C:\Users\Andrew\Documents\Proof Instructions.pdf
2019-07-24 09:23 - 2019-07-24 09:23 - 000000000 ____D C:\Users\Andrew\Documents\Zoom
2019-07-24 09:19 - 2019-07-24 09:19 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2019-07-24 09:18 - 2019-07-24 09:19 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Zoom
2019-07-24 00:16 - 2019-07-13 04:19 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-07-22 16:33 - 2019-07-22 16:33 - 001020909 _____ C:\Users\Andrew\Downloads\LoffredoALTA.PDF
2019-07-19 16:31 - 2019-07-19 16:31 - 000537128 _____ C:\Users\Andrew\Downloads\Association Approval.pdf
2019-07-17 18:42 - 2019-07-17 18:48 - 415348705 _____ C:\Users\Andrew\Downloads\drive-download-20190717T223916Z-001.zip
2019-07-16 10:08 - 2019-07-16 10:09 - 000317725 _____ C:\Users\Andrew\Downloads\FL - Exclusive Right of Sale Listing Agreement (FAR ERS-17tn) (version 7).pdf
2019-07-15 20:04 - 2019-07-15 20:04 - 000804038 _____ C:\Users\Andrew\Downloads\Homeowners Rider 3.pdf
2019-07-15 19:10 - 2019-07-15 19:11 - 000803261 _____ C:\Users\Andrew\Downloads\1331 E Golfview Dr. Counteroffer signed.pdf
2019-07-15 19:04 - 2019-07-15 19:06 - 000537128 _____ C:\Users\Andrew\Documents\Association Approval.pdf
2019-07-14 18:19 - 2019-07-14 18:19 - 000265645 _____ C:\Users\Andrew\Downloads\Offer.pdf
2019-07-14 18:19 - 2019-07-14 18:19 - 000204813 _____ C:\Users\Andrew\Downloads\Closing Costs.pdf
2019-07-14 18:14 - 2019-07-14 18:15 - 000697784 _____ C:\Users\Andrew\Downloads\Offer for property 1331 E golfview.zip
2019-07-12 16:46 - 2019-07-12 16:47 - 013170368 _____ C:\Users\Andrew\Downloads\Inspection Report - 20834 NE 32nd Ave 1.pdf
2019-07-11 20:37 - 2019-07-11 20:37 - 000432574 _____ C:\Users\Andrew\Desktop\Historical-Interest-Rate-Chart-Flyer.pdf
2019-07-11 08:53 - 2019-07-11 08:55 - 204928687 _____ C:\Users\Andrew\Downloads\drive-download-20190711T125242Z-001.zip
2019-07-10 12:05 - 2019-07-10 12:06 - 003763118 _____ C:\Users\Andrew\Downloads\SPD Harris Signed.pdf
2019-07-10 07:25 - 2019-06-28 01:23 - 000829440 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 07:25 - 2019-06-20 22:44 - 002406912 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-10 07:25 - 2019-06-20 21:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 07:25 - 2019-06-20 04:15 - 000348976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-07-10 07:25 - 2019-06-17 23:56 - 020274688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-10 07:25 - 2019-06-17 23:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-07-10 07:25 - 2019-06-17 23:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-07-10 07:25 - 2019-06-17 23:39 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-10 07:25 - 2019-06-17 23:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-07-10 07:25 - 2019-06-17 23:38 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-07-10 07:25 - 2019-06-17 23:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-07-10 07:25 - 2019-06-17 23:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-07-10 07:25 - 2019-06-17 23:35 - 002297344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-10 07:25 - 2019-06-17 23:32 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-07-10 07:25 - 2019-06-17 23:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-07-10 07:25 - 2019-06-17 23:30 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-07-10 07:25 - 2019-06-17 23:29 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-07-10 07:25 - 2019-06-17 23:29 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-10 07:25 - 2019-06-17 23:29 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-07-10 07:25 - 2019-06-17 23:29 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-07-10 07:25 - 2019-06-17 23:23 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-07-10 07:25 - 2019-06-17 23:21 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-07-10 07:25 - 2019-06-17 23:16 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-07-10 07:25 - 2019-06-17 23:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-07-10 07:25 - 2019-06-17 23:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-07-10 07:25 - 2019-06-17 23:13 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-07-10 07:25 - 2019-06-17 23:13 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-07-10 07:25 - 2019-06-17 23:11 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-07-10 07:25 - 2019-06-17 23:10 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-07-10 07:25 - 2019-06-17 23:07 - 004494336 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-10 07:25 - 2019-06-17 23:04 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-07-10 07:25 - 2019-06-17 23:03 - 013706752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-10 07:25 - 2019-06-17 23:03 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-10 07:25 - 2019-06-17 23:03 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-07-10 07:25 - 2019-06-17 23:03 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-07-10 07:25 - 2019-06-17 23:02 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-07-10 07:25 - 2019-06-17 22:44 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-07-10 07:25 - 2019-06-17 22:41 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-10 07:25 - 2019-06-17 22:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-07-10 07:25 - 2019-06-12 23:23 - 000135400 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 07:25 - 2019-06-12 23:17 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 07:25 - 2019-06-12 11:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-07-10 07:25 - 2019-06-12 11:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 07:25 - 2019-06-12 11:19 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 07:25 - 2019-06-12 10:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-10 07:25 - 2019-06-10 22:59 - 002703360 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 07:25 - 2019-06-10 22:59 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 07:25 - 2019-06-10 22:59 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 07:25 - 2019-06-09 11:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 07:25 - 2019-06-09 11:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-07-10 07:25 - 2019-06-09 11:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-07-10 07:25 - 2019-06-09 11:04 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-07-10 07:25 - 2019-06-09 11:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-07-10 07:25 - 2019-06-02 00:07 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 07:24 - 2019-06-28 01:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 07:24 - 2019-06-28 01:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-10 07:24 - 2019-06-28 01:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-10 07:24 - 2019-06-28 01:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 07:24 - 2019-06-20 23:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-10 07:24 - 2019-06-12 11:25 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-10 07:24 - 2019-06-12 11:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-07-10 07:24 - 2019-06-12 11:24 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-10 07:24 - 2019-06-12 11:24 - 000135912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-10 07:24 - 2019-06-12 11:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-10 07:24 - 2019-06-12 11:23 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-07-10 07:24 - 2019-06-12 11:23 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-10 07:24 - 2019-06-12 11:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-10 07:24 - 2019-06-12 11:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-10 07:24 - 2019-06-12 11:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-10 07:24 - 2019-06-12 11:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-10 07:24 - 2019-06-12 11:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-10 07:24 - 2019-06-12 11:21 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-10 07:24 - 2019-06-12 11:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 11:16 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 07:24 - 2019-06-12 11:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-10 07:24 - 2019-06-12 11:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-10 07:24 - 2019-06-12 11:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-10 07:24 - 2019-06-12 11:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-10 07:24 - 2019-06-12 11:04 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-10 07:24 - 2019-06-12 11:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-10 07:24 - 2019-06-12 10:58 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-10 07:24 - 2019-06-12 10:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-10 07:24 - 2019-06-12 10:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 07:24 - 2019-06-12 10:55 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-10 07:24 - 2019-06-12 10:55 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-10 07:24 - 2019-06-12 10:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-10 07:24 - 2019-06-12 10:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-10 07:24 - 2019-06-12 10:52 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-10 07:24 - 2019-06-12 10:51 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-10 07:24 - 2019-06-12 10:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-10 07:24 - 2019-06-12 10:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-10 07:24 - 2019-06-12 10:50 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-10 07:24 - 2019-06-12 10:50 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-10 07:24 - 2019-06-12 10:48 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-10 07:24 - 2019-06-12 10:48 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-10 07:24 - 2019-06-12 10:48 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-10 07:24 - 2019-06-12 10:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-10 07:24 - 2019-06-12 10:48 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-10 07:24 - 2019-06-12 10:48 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-10 07:24 - 2019-06-12 10:47 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-10 07:24 - 2019-06-12 10:47 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-10 07:24 - 2019-06-12 10:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-10 07:24 - 2019-06-12 10:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-10 07:24 - 2019-06-12 10:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 10:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 10:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-10 07:24 - 2019-06-12 10:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-10 07:24 - 2019-06-07 11:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-10 07:24 - 2019-06-07 11:18 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 07:24 - 2019-06-07 11:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-10 07:24 - 2019-06-07 10:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-09 16:30 - 2019-07-09 16:30 - 009250076 _____ C:\Users\Andrew\Downloads\[No Subject] (13).zip
2019-07-09 12:17 - 2019-07-09 12:17 - 000246797 _____ C:\Users\Andrew\Downloads\Tiffany Letter-converted (version 3).pdf
2019-07-09 11:32 - 2019-07-09 11:32 - 000715560 _____ C:\Users\Andrew\Downloads\1320 PPWK TO SIGN (version 8).pdf
2019-07-08 21:44 - 2019-07-08 21:44 - 000091529 _____ C:\Users\Andrew\Downloads\Earnest Money Deposit Verification Letter (version 3).pdf
2019-07-08 14:21 - 2019-07-08 14:21 - 000076016 _____ C:\Users\Andrew\Downloads\W9.pdf
2019-07-08 12:58 - 2019-07-08 12:59 - 004813351 _____ C:\Users\Andrew\Downloads\7_08_19 Parkland Buddy Sports Meeting Agenda, Minutes, and Handouts..zip
2019-07-08 11:31 - 2019-07-08 11:31 - 000291362 _____ C:\Users\Andrew\Downloads\FL - Contract to Lease (FAR CL-6) (version 6).pdf
2019-07-08 08:40 - 2019-07-08 08:40 - 000043557 _____ C:\Users\Andrew\Downloads\Matrix Harris.pdf
2019-07-08 07:22 - 2019-07-12 20:49 - 000000000 ____D C:\Users\Andrew\Documents\Tiffany
2019-07-08 07:22 - 2019-07-08 07:22 - 000170107 _____ C:\Users\Andrew\Downloads\[No Subject] (12).zip
2019-07-07 23:27 - 2019-07-07 23:27 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-07-07 23:27 - 2019-07-07 23:27 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Skype
2019-07-07 23:27 - 2019-07-07 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-07 23:18 - 2019-07-07 23:19 - 063471184 _____ (Skype Technologies S.A.) C:\Users\Andrew\Downloads\Skype-8.48.0.51.exe
2019-07-07 18:29 - 2019-07-07 18:30 - 000000000 ____D C:\Users\Andrew\Documents\Cohen
2019-07-07 09:51 - 2019-07-07 09:51 - 000158870 _____ C:\Users\Andrew\Downloads\FKH Informational Sheet (2).pdf
2019-07-07 09:34 - 2019-07-07 09:34 - 000120951 _____ C:\Users\Andrew\Downloads\Rent-Cafe-Online-Criteria-Website-3.6.19-1 (1).pdf
2019-07-07 09:33 - 2019-07-07 09:33 - 000158870 _____ C:\Users\Andrew\Downloads\FKH Informational Sheet (1).pdf
2019-07-07 09:33 - 2019-07-07 09:33 - 000120951 _____ C:\Users\Andrew\Downloads\Rent-Cafe-Online-Criteria-Website-3.6.19-1.pdf
2019-07-07 09:33 - 2019-07-07 09:33 - 000113029 _____ C:\Users\Andrew\Downloads\FKH Commission MLS 06.10.pdf
2019-07-07 09:33 - 2019-07-07 09:33 - 000091284 _____ C:\Users\Andrew\Downloads\FKH Commission request 06.10.pdf
2019-07-06 19:42 - 2019-07-06 19:42 - 012443939 _____ C:\Users\Andrew\Downloads\Contract 3.pdf
2019-07-06 19:34 - 2019-07-06 19:34 - 001094812 _____ C:\Users\Andrew\Documents\IMG_20190706_0001.pdf
2019-07-06 10:59 - 2019-07-06 10:59 - 000158870 _____ C:\Users\Andrew\Downloads\FKH Informational Sheet.pdf
2019-07-05 16:45 - 2019-07-05 16:45 - 000236128 _____ C:\Windows\Minidump\070519-26691-01.dmp
2019-07-05 14:01 - 2019-07-05 14:01 - 012490317 _____ C:\Users\Andrew\Downloads\640 Counter.pdf
2019-07-04 18:44 - 2019-07-07 09:41 - 014514629 _____ C:\Users\Andrew\Downloads\Ultima_3_cluebook.zip
2019-07-04 18:43 - 2019-07-04 18:43 - 008198812 _____ C:\Users\Andrew\Downloads\Ultima_123_manuals (1).zip
2019-07-04 18:43 - 2019-07-04 18:43 - 003039495 _____ C:\Users\Andrew\Downloads\Ultima_123_maps.zip
2019-07-04 18:41 - 2019-07-04 18:42 - 015656364 _____ C:\Users\Andrew\Downloads\Ultima_3_spellbooks.zip
2019-07-04 10:37 - 2019-07-04 10:37 - 000414951 _____ C:\Users\Andrew\Documents\Check.pdf
2019-07-03 12:07 - 2019-07-03 12:07 - 000381998 _____ C:\Users\Andrew\Downloads\Termite Addendum (version 3).pdf
2019-07-03 11:20 - 2019-07-03 11:20 - 000143989 _____ C:\Users\Andrew\Downloads\Leich 2.pdf
2019-07-03 11:19 - 2019-07-03 11:19 - 000188896 _____ C:\Users\Andrew\Downloads\Page 1 (1).pdf
2019-07-03 11:19 - 2019-07-03 11:19 - 000188896 _____ C:\Users\Andrew\Downloads\Leich 1.pdf
2019-07-02 13:02 - 2019-07-02 13:02 - 000857093 _____ C:\Users\Andrew\Downloads\Lease Final (2)
2019-07-02 13:02 - 2019-07-02 13:02 - 000857093 _____ C:\Users\Andrew\Downloads\Lease Final (1)
2019-07-02 13:02 - 2019-07-02 13:02 - 000857093 _____ C:\Users\Andrew\Downloads\Lease Final
2019-07-01 21:16 - 2019-07-01 21:16 - 000382918 _____ C:\Users\Andrew\Downloads\Inspection Addendum (version 4).pdf
2019-06-30 15:33 - 2019-06-30 15:33 - 000437591 _____ C:\Users\Andrew\Downloads\AS IS Residential Contract for Sale And Purchase (FARBAR ASIS-4) (version 4).pdf
2019-06-30 13:14 - 2019-06-30 13:15 - 001087729 _____ C:\Users\Andrew\Documents\Julia Vaccination.pdf
2019-06-30 12:11 - 2019-06-30 12:12 - 000691983 _____ C:\Users\Andrew\Downloads\9790 NW 14th St LEASE (version 5).pdf
2019-06-28 00:51 - 2019-06-28 00:53 - 132071951 _____ C:\Users\Andrew\Downloads\wizardry67_cluebooks.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-27 15:38 - 2009-07-14 00:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-27 15:38 - 2009-07-14 00:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-27 15:29 - 2018-03-20 12:49 - 000000000 ____D C:\Program Files\Steam
2019-07-27 15:29 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-25 22:22 - 2019-01-05 18:40 - 000000000 ____D C:\Users\Andrew\Documents\Warren
2019-07-22 17:49 - 2018-07-09 11:51 - 000069356 ____H C:\Users\Andrew\Documents\~WRL0891.tmp
2019-07-22 10:29 - 2018-07-09 11:51 - 000075125 ____H C:\Users\Andrew\Documents\~WRL0625.tmp
2019-07-20 18:28 - 2018-07-09 11:51 - 000073396 ____H C:\Users\Andrew\Documents\~WRL1264.tmp
2019-07-20 10:37 - 2018-07-09 11:51 - 000073109 ____H C:\Users\Andrew\Documents\~WRL0465.tmp
2019-07-17 18:36 - 2018-05-28 15:43 - 000000000 ____D C:\Users\Andrew\Documents\Luis
2019-07-17 13:56 - 2018-07-09 11:51 - 000072713 ____H C:\Users\Andrew\Documents\~WRL0614.tmp
2019-07-15 19:14 - 2018-01-07 11:44 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-11 21:04 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache
2019-07-11 20:09 - 2018-07-09 11:51 - 000072385 ____H C:\Users\Andrew\Documents\~WRL1436.tmp
2019-07-11 08:32 - 2018-07-09 11:51 - 000072327 ____H C:\Users\Andrew\Documents\~WRL0961.tmp
2019-07-11 03:36 - 2018-01-07 11:21 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-11 03:36 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-07-11 03:26 - 2009-07-14 00:33 - 000333256 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-11 03:23 - 2018-01-11 04:57 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-11 03:23 - 2018-01-11 04:57 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-11 03:23 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Dism
2019-07-09 19:08 - 2018-07-09 11:51 - 000071770 ____H C:\Users\Andrew\Documents\~WRL1774.tmp
2019-07-09 16:40 - 2019-06-06 21:31 - 000013951 ____H C:\Users\Andrew\Documents\~WRL3740.tmp
2019-07-09 16:04 - 2019-02-18 11:51 - 000606264 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-08 11:13 - 2018-07-09 11:51 - 000071249 ____H C:\Users\Andrew\Documents\~WRL1927.tmp
2019-07-07 08:58 - 2019-06-25 21:37 - 000000000 ____D C:\Users\Andrew\Documents\Leichtenschlag
2019-07-05 17:03 - 2018-03-20 12:49 - 000000000 ____D C:\Program Files\Common Files\Steam
2019-07-05 16:49 - 2018-01-10 08:20 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Google
2019-07-05 16:45 - 2018-02-20 19:04 - 000000000 ____D C:\Windows\Minidump
2019-07-05 16:44 - 2018-02-20 19:03 - 226040412 _____ C:\Windows\MEMORY.DMP
2019-07-05 16:41 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\LiveKernelReports

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-22 00:52
==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition_27-07-2019 17.19.52.txt (21.6 KB, 9 views)
Bonesy1116 is offline  
Sponsored Links
Advertisement
 
Old 07-28-2019, 12:21 AM   #2
Security Team
Moderator
 
icotonev's Avatar
 
Join Date: Jan 2011
Location: Bulgaria
Posts: 152
OS: win 10 Pro 1903



Hi, Welcome to the TSF Malware Removal forum...!


Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.


======================================================




Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.


===========================================================



Scanning with SecurityCheck by glax24

  • Download SecurityCheck by glax24 from here and remember the tool on the desktop.
  • Run the program right-click the administrator name
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
  • You can find this file in the root of the system disk in a folder called SecurityCheck, C: \\ SecurityCheck \\ SecurityCheck.txt
__________________
Hristo Tonev (Ico)

icotonev is offline  
Old 07-28-2019, 09:48 AM   #3
Registered Member
 
Join Date: Oct 2014
Posts: 15
OS: Windows 7 Ulimate SP1



CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\into the breach\maps\crosscrack.map
c:\program files\into the breach\maps\crosscrack10.map
c:\program files\into the breach\maps\crosscrack11.map
c:\program files\into the breach\maps\crosscrack12.map
c:\program files\into the breach\maps\crosscrack13.map
c:\program files\into the breach\maps\crosscrack14.map
c:\program files\into the breach\maps\crosscrack15.map
c:\program files\into the breach\maps\crosscrack2.map
c:\program files\into the breach\maps\crosscrack3.map
c:\program files\into the breach\maps\crosscrack4.map
c:\program files\into the breach\maps\crosscrack5.map
c:\program files\into the breach\maps\crosscrack6.map
c:\program files\into the breach\maps\crosscrack7.map
c:\program files\into the breach\maps\crosscrack8.map
c:\program files\into the breach\maps\crosscrack9.map
c:\program files\into the breach\scripts\missions\sand\mission_crack.lua
scanner sequence 3.HH.11.BPAPHZ
----- EOF -----


Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/28/19
Scan Time: 9:52 AM
Log File: fb4bada8-b13e-11e9-bbf4-bcee7b8d8f2e.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11754
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Andrew-PC\Andrew

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 163860
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 10 min, 23 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)


Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (75.0.3770.142)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
Bonesy1116 is offline  
Sponsored Links
Advertisement
 
Old 07-28-2019, 10:14 AM   #4
Security Team
Moderator
 
icotonev's Avatar
 
Join Date: Jan 2011
Location: Bulgaria
Posts: 152
OS: win 10 Pro 1903



Hello..! No active infections are visible from the logs shown ..!




Farbar Recovery Scan Tool - Fix

  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST/FRST64.exe

    NOTE: Both FRST/FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.
Quote:
Start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\MountPoints2: {d894712a-f3d5-11e7-8f2b-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\Run: [GalaxyClient] => [X]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Reboot:
End::
  • Double-click FRST/FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
__________________
Hristo Tonev (Ico)

icotonev is offline  
Old 07-28-2019, 01:12 PM   #5
Registered Member
 
Join Date: Oct 2014
Posts: 15
OS: Windows 7 Ulimate SP1



Fix result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Andrew (28-07-2019 14:37:06) Run:1
Running from C:\Users\Andrew\Downloads
Loaded Profiles: Andrew (Available Profiles: Andrew)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\MountPoints2: {d894712a-f3d5-11e7-8f2b-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\...\Run: [GalaxyClient] => [X]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
Reboot:

*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d894712a-f3d5-11e7-8f2b-806e6f6e6963} => removed successfully.
HKLM\Software\Classes\CLSID\{d894712a-f3d5-11e7-8f2b-806e6f6e6963} => not found
"HKU\S-1-5-21-2144213459-4033172500-1726722673-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23582988 B
Java, Flash, Steam htmlcache => 193959831 B
Windows/system/drivers => 452108383 B
Edge => 0 B
Chrome => 509798279 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 29576111 B
LocalService => 66228 B
NetworkService => 192726 B
Andrew => 479004674 B

RecycleBin => 1574304116 B
EmptyTemp: => 3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:42:13 ====
Bonesy1116 is offline  
Old 07-30-2019, 07:51 AM   #6
Security Team
Moderator
 
icotonev's Avatar
 
Join Date: Jan 2011
Location: Bulgaria
Posts: 152
OS: win 10 Pro 1903



Hello again, Bonesy1116...! How is the machine behaving? Any improvement?
__________________
Hristo Tonev (Ico)

icotonev is offline  
Old 07-31-2019, 06:12 AM   #7
Registered Member
 
Join Date: Oct 2014
Posts: 15
OS: Windows 7 Ulimate SP1



Actually, yes. The long hang times seem to be gone.
Bonesy1116 is offline  
Old 08-03-2019, 11:52 PM   #8
Security Team
Moderator
 
icotonev's Avatar
 
Join Date: Jan 2011
Location: Bulgaria
Posts: 152
OS: win 10 Pro 1903



Quote:
Originally Posted by Bonesy1116 View Post
Actually, yes. The long hang times seem to be gone.

Hello , Bonesy1116...! I continue to think that your problem is definitely not due to malware ..!




Clean Boot
  • Press the Windows Key + R. Type msconfig and click OK.
  • MSConfig will now open. Click on the Services tab, then check the Hide all Microsoft services box. Select Disable all.
  • Click on the Startup tab, then select Open Task Manager. In Task Manager, navigate to the Startup tab. Select each startup item and click Disable until all entries are disabled.
  • Close the Task Manager. In MSConfig click OK and restart the computer.
  • Test your computer performance.
Let me know how the computer is doing in Clean Boot.
__________________
Hristo Tonev (Ico)

icotonev is offline  
Old 08-10-2019, 02:47 AM   #9
Security Team
Moderator
 
icotonev's Avatar
 
Join Date: Jan 2011
Location: Bulgaria
Posts: 152
OS: win 10 Pro 1903



Do you still require help ?
If I do not hear back from you within 24 hours, I will presume not, and will request for this topic to be closed.
__________________
Hristo Tonev (Ico)

icotonev is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:25 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts