Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

slow, windows firewall can't update

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

slow, windows firewall can't update

Unread postby deeorgan » July 4th, 2018, 7:27 am

I'm getting this message
Windows firewall can't change some of your settings
Error code 0x8007042c

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Dee (administrator) on DEE-PC (04-07-2018 12:12:46)
Running from C:\Users\Dee\Downloads
Loaded Profiles: Dee & UpdatusUser (Available Profiles: Dee & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sim2000 Imaging) C:\Program Files (x86)\SimWare_EU\SimWare_EU.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-24] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-28] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4479648 2011-01-25] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Andy] => "C:\Program Files\Andy\HandyAndy.exe"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1563424 2016-04-05] (Seagate Technology LLC)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstall ... 0EtSzZIVTk"&"inst=NzctODYxMzcwOTkxLVNUMTJGT0krMS1ERFQrMC1FVUxBKzEtU1QxMkZBUFArMQ"&" (the data entry has 105 more characters).
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2016-04-05] (Seagate Technology LLC)
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {0ee24817-b7da-11e2-b9ac-848f69b02f5d} - G:\SetupWi-Fi.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {0ee248a4-b7da-11e2-b9ac-848f69b02f5d} - G:\SetupWi-Fi.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {2ef24168-b965-11e2-8720-848f69b02f5d} - F:\SetupWi-Fi.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {39203a5a-b97d-11e2-9c90-848f69b02f5d} - G:\SetupWi-Fi.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {54b36063-74d4-11e1-a4c3-848f69b02f5d} - F:\AutoRun.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\...\MountPoints2: {54b3606e-74d4-11e1-a4c3-848f69b02f5d} - F:\AutoRun.exe
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{0B8D932F-335D-4100-AEDC-BBDB761F4C59}: [DhcpNameServer] 89.19.64.164 89.19.64.36
Tcpip\..\Interfaces\{25D50800-8621-4B8D-8721-E92DDBF5F51D}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{27C21842-A05D-46B1-97EB-0C63CDF5B051}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{2CDB50DF-CB42-4F5F-AFEC-3927958948AE}: [NameServer] 0.0.0.0
Tcpip\..\Interfaces\{402178CB-B4DB-4D1A-B991-6423C912C962}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{A1A357C9-3DAA-4E8E-8BC1-E5BD9680AC69}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{A81BCC75-F15B-4E1B-970B-1405A631169A}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/10
HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/10
URLSearchHook: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM -> DefaultScope {2F4D804E-ED20-472D-A113-173FC2D2B181} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2F4D804E-ED20-472D-A113-173FC2D2B181} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {2F4D804E-ED20-472D-A113-173FC2D2B181} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2F4D804E-ED20-472D-A113-173FC2D2B181} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {2F4D804E-ED20-472D-A113-173FC2D2B181} URL =
SearchScopes: HKU\.DEFAULT -> {2F4D804E-ED20-472D-A113-173FC2D2B181} URL =
SearchScopes: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx? ... 5A97BCC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 -> URL hxxp://search.conduit.com/Results.aspx? ... 5A97BCC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 -> A31418A5236E4282A5E795AC58164C47 URL = hxxp://isearch.avg.com/search?cid={AEB528F9-AC8A-4905-9399-9CD438D8CCBD}&mid=0174cd612d4147d18b3655c62f54c6ae-c8ec7b82f9f6f61cb5d054f089deaf18b66d8852&lang=en&ds=AVG&pr=fr&d=2011-10-20 18:42:08&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx? ... 5A97BCC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1963740025-2681597282-1959595548-1001 -> {37E20C9C-3A00-43A0-BD52-97E327331CEF} URL = hxxp://search.conduit.com/Results.aspx? ... 5A97BCC&q={searchTerms}&SSPV=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-19] (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF DefaultProfile: nkcwt1hp.default
FF ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\nkcwt1hp.default [2016-10-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 <video>) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18] [Legacy] [not signed]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-01-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-01-18] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/1/#inbox","hxxps://login.yahoo.com/?.src=ym","hxxps://www.facebook.com/"
CHR Profile: C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Docs) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Docs Offline) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Pinterest Save Button) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-03]
CHR Extension: (Thinkover) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadhdfmpolpbdekneiekahmibhcbgjcj [2018-06-28]
CHR Extension: (RealDownloader) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-22]
CHR Extension: (Grammarly for Chrome) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-06-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-21]
CHR Extension: (Boomerang for Gmail) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2017-05-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-04-22]
CHR Extension: (Buffer) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2018-03-10]
CHR Extension: (Gmail) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR Profile: C:\Users\Dee\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-01-14]
CHR HKU\S-1-5-21-1963740025-2681597282-1959595548-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Dee\AppData\Local\Temp\crx2C7E.tmp <not found>
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-11-03] (Nalpeiron Ltd.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2016-04-05] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2016-04-05] (Seagate Technology LLC)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-16] (Intel(R) Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\drivers\nvstusb.sys [121960 2011-01-31] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 12:12 - 2018-07-04 12:14 - 000030065 _____ C:\Users\Dee\Downloads\FRST.txt
2018-07-04 12:12 - 2018-07-04 12:12 - 002412544 _____ (Farbar) C:\Users\Dee\Downloads\FRST64.exe
2018-07-04 12:12 - 2018-07-04 12:12 - 000000000 ____D C:\FRST
2018-07-04 12:11 - 2018-07-04 12:11 - 001773056 _____ (Farbar) C:\Users\Dee\Downloads\FRST.exe
2018-07-04 12:01 - 2018-07-04 12:08 - 000000000 ____D C:\ProgramData\ACAU_SIM2000_SIMWARE_EU
2018-07-04 12:00 - 2018-07-04 12:01 - 000000000 ____D C:\ProgramData\AlbumCreatorAutoUpdate
2018-07-04 11:59 - 2018-07-04 12:01 - 000208896 _____ C:\Users\Dee\AppData\Roaming\SimWare_EU Prefsv3
2018-07-04 11:58 - 2018-07-04 11:59 - 000000000 ____D C:\Users\Dee\Documents\SimWare_EU Projects
2018-07-04 11:58 - 2018-07-04 11:58 - 000000000 ____D C:\Users\Dee\AppData\Roaming\SimWare_EU
2018-07-04 11:55 - 2018-07-04 11:55 - 000001887 _____ C:\Users\Public\Desktop\SimWare_EU.lnk
2018-07-04 11:55 - 2018-07-04 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimWare_EU
2018-07-04 11:54 - 2018-07-04 11:55 - 000000000 ____D C:\Program Files (x86)\SimWare_EU
2018-07-04 11:40 - 2018-07-04 11:41 - 130001798 _____ C:\Users\Dee\Downloads\Unconfirmed 476382.crdownload
2018-07-04 11:36 - 2018-07-04 11:37 - 001130840 _____ (Google Inc.) C:\Users\Dee\Downloads\ChromeSetup.exe
2018-07-04 11:22 - 2018-07-04 11:23 - 130014671 _____ C:\Users\Dee\Desktop\Unconfirmed 784397.crdownload
2018-07-04 11:20 - 2018-07-04 11:21 - 130010183 _____ C:\Users\Dee\Downloads\Unconfirmed 156632.crdownload
2018-07-04 11:17 - 2018-07-04 11:19 - 130000643 _____ C:\Users\Dee\Downloads\Unconfirmed 242917.crdownload
2018-07-04 11:10 - 2018-07-04 11:12 - 130006175 _____ C:\Users\Dee\Downloads\Unconfirmed 333044.crdownload
2018-07-04 11:08 - 2018-07-04 11:10 - 130008667 _____ C:\Users\Dee\Downloads\Unconfirmed 37830.crdownload
2018-07-03 15:04 - 2018-07-03 22:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-07-03 13:36 - 2018-07-04 11:37 - 000002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-03 11:33 - 2018-07-03 11:33 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-06-21 20:19 - 2018-06-21 20:19 - 000001041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2018-06-21 20:03 - 2018-06-21 20:03 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-06-21 18:50 - 2018-07-04 10:54 - 000000000 ___RD C:\Users\Dee\Creative Cloud Files
2018-06-13 00:05 - 2018-05-29 21:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 00:05 - 2018-05-29 20:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 00:05 - 2018-05-29 03:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 00:05 - 2018-05-29 03:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 00:05 - 2018-05-29 03:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 00:05 - 2018-05-29 03:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-13 00:05 - 2018-05-29 03:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-13 00:05 - 2018-05-29 03:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-13 00:05 - 2018-05-29 03:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-13 00:05 - 2018-05-29 03:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-13 00:05 - 2018-05-29 03:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 03:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-13 00:05 - 2018-05-29 03:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-13 00:05 - 2018-05-29 03:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-13 00:05 - 2018-05-29 03:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-13 00:05 - 2018-05-29 03:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-13 00:05 - 2018-05-29 02:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-13 00:05 - 2018-05-29 02:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-13 00:05 - 2018-05-29 02:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-13 00:05 - 2018-05-29 02:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-13 00:05 - 2018-05-29 02:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-13 00:05 - 2018-05-29 02:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-13 00:05 - 2018-05-29 02:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-13 00:05 - 2018-05-29 02:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-13 00:05 - 2018-05-29 02:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 02:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 02:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 02:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-13 00:05 - 2018-05-29 02:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-13 00:05 - 2018-05-29 02:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-13 00:05 - 2018-05-29 02:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-13 00:05 - 2018-05-29 02:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-13 00:05 - 2018-05-29 02:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-13 00:05 - 2018-05-29 01:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 00:05 - 2018-05-25 06:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 00:05 - 2018-05-25 05:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-13 00:05 - 2018-05-25 05:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-13 00:05 - 2018-05-25 05:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 00:05 - 2018-05-25 05:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-13 00:05 - 2018-05-25 05:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 00:05 - 2018-05-25 05:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-13 00:05 - 2018-05-25 05:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-13 00:05 - 2018-05-25 05:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-13 00:05 - 2018-05-25 05:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 00:05 - 2018-05-25 05:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-13 00:05 - 2018-05-25 05:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-13 00:05 - 2018-05-25 05:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 00:05 - 2018-05-25 05:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-13 00:05 - 2018-05-25 05:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 00:05 - 2018-05-25 05:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 00:05 - 2018-05-25 05:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-13 00:05 - 2018-05-25 05:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-13 00:05 - 2018-05-25 05:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-13 00:05 - 2018-05-25 05:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-13 00:05 - 2018-05-25 05:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-13 00:05 - 2018-05-25 05:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 00:05 - 2018-05-25 05:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-13 00:05 - 2018-05-25 05:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-13 00:05 - 2018-05-25 05:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-13 00:05 - 2018-05-25 05:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-13 00:05 - 2018-05-25 05:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-13 00:05 - 2018-05-25 05:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-13 00:05 - 2018-05-25 05:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-13 00:05 - 2018-05-25 05:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 00:05 - 2018-05-25 05:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-13 00:05 - 2018-05-25 05:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 00:05 - 2018-05-25 05:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-13 00:05 - 2018-05-25 05:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 00:05 - 2018-05-25 05:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-13 00:05 - 2018-05-25 05:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-13 00:05 - 2018-05-25 05:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 00:05 - 2018-05-25 05:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-13 00:05 - 2018-05-25 05:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 00:05 - 2018-05-25 05:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-13 00:05 - 2018-05-25 04:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-13 00:05 - 2018-05-25 04:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 00:05 - 2018-05-25 04:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 00:05 - 2018-05-25 04:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 00:05 - 2018-05-25 04:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 00:05 - 2018-05-25 04:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 00:05 - 2018-05-25 04:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-13 00:05 - 2018-05-25 04:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-13 00:05 - 2018-05-25 04:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-13 00:05 - 2018-05-25 04:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-13 00:05 - 2018-05-25 04:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-13 00:05 - 2018-05-25 04:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 00:05 - 2018-05-25 04:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 00:05 - 2018-05-25 04:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-13 00:05 - 2018-05-25 04:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 00:05 - 2018-05-25 04:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 00:05 - 2018-05-25 04:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 00:05 - 2018-05-25 04:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 00:05 - 2018-05-25 04:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 00:05 - 2018-05-25 04:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 00:05 - 2018-05-25 04:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-13 00:05 - 2018-05-25 04:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 00:05 - 2018-05-25 04:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 00:05 - 2018-05-25 04:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 00:05 - 2018-05-25 04:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 00:05 - 2018-05-25 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 00:05 - 2018-05-15 05:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 00:05 - 2018-05-15 04:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 00:05 - 2018-05-15 04:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 00:05 - 2018-05-15 04:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 00:05 - 2018-05-15 04:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-13 00:05 - 2018-05-15 04:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-13 00:05 - 2018-05-15 04:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-13 00:05 - 2018-05-15 04:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 00:05 - 2018-05-15 04:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 00:05 - 2018-05-15 04:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 00:05 - 2018-05-15 04:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-13 00:05 - 2018-05-15 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-13 00:05 - 2018-05-15 04:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-13 00:05 - 2018-05-15 02:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 00:05 - 2018-05-15 02:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 00:05 - 2018-05-12 03:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-13 00:05 - 2018-05-12 03:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 00:05 - 2018-05-12 03:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-13 00:05 - 2018-05-11 22:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 00:05 - 2018-05-11 22:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-13 00:05 - 2018-05-11 22:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-13 00:05 - 2018-05-11 01:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 00:05 - 2018-05-11 01:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 00:05 - 2018-05-11 01:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-13 00:05 - 2018-04-06 17:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 00:05 - 2018-04-06 17:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-05 21:42 - 2018-06-05 21:43 - 000012062 _____ C:\Users\Dee\Downloads\Dee Organ Photography - wedding details form.xls.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 11:57 - 2012-03-02 09:22 - 000000000 ____D C:\Users\Dee\AppData\Local\ElevatedDiagnostics
2018-07-04 11:37 - 2014-04-22 14:37 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-04 10:57 - 2009-07-14 05:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-04 10:57 - 2009-07-14 05:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-04 10:54 - 2014-08-20 23:04 - 000000000 ____D C:\Users\Dee\AppData\Local\Adobe
2018-07-04 10:52 - 2016-12-11 16:41 - 000006218 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-04 10:50 - 2017-12-11 13:23 - 000003332 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1963740025-2681597282-1959595548-1001
2018-07-04 10:50 - 2017-12-11 13:23 - 000003194 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1963740025-2681597282-1959595548-1001
2018-07-04 10:47 - 2012-09-20 17:14 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-04 10:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-04 02:07 - 2017-11-18 01:49 - 439654400 _____ C:\Users\Dee\Documents\Rachel trevor v7 Upgrade.fsd
2018-07-03 13:56 - 2017-11-18 01:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fundy Designer 7
2018-07-03 13:56 - 2017-11-18 01:14 - 000000000 ____D C:\Program Files\Fundy Designer 7
2018-07-03 12:41 - 2018-04-01 23:16 - 000000000 ____D C:\Users\Dee\Desktop\lr cat general 2018
2018-07-03 11:33 - 2011-10-10 07:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-06-22 03:59 - 2011-10-19 10:14 - 000000000 ____D C:\Program Files\Adobe
2018-06-21 20:21 - 2011-10-22 00:38 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-06-21 20:21 - 2011-10-13 20:57 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Adobe
2018-06-21 20:03 - 2017-07-30 19:37 - 000000000 ____D C:\Users\Dee\Documents\Adobe
2018-06-21 20:02 - 2011-10-19 10:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-06-21 19:51 - 2011-10-10 07:07 - 000000000 ____D C:\ProgramData\Adobe
2018-06-21 19:36 - 2014-04-21 13:05 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-21 18:50 - 2011-10-13 20:20 - 000000000 ____D C:\Users\Dee
2018-06-21 18:23 - 2012-09-20 17:14 - 000000000 ____D C:\Users\UpdatusUser
2018-06-16 04:28 - 2016-05-12 04:32 - 000000000 ____D C:\Windows\rescache
2018-06-16 03:17 - 2013-07-20 03:00 - 000000000 ____D C:\Windows\system32\MRT
2018-06-16 03:09 - 2017-10-11 18:35 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-16 03:08 - 2011-10-19 10:13 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-04-29 03:26 - 2014-06-09 18:27 - 000000132 _____ () C:\Users\Dee\AppData\Roaming\Adobe GIF Format CC Prefs
2011-10-24 17:54 - 2011-11-08 14:30 - 000000132 _____ () C:\Users\Dee\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-05-11 16:59 - 2013-04-19 11:53 - 000000132 _____ () C:\Users\Dee\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-09-19 23:32 - 2013-09-20 00:36 - 000001407 _____ () C:\Users\Dee\AppData\Roaming\com.lightbluesoftware.LightBlue.prefs.plist
2012-05-04 23:59 - 2012-05-04 23:59 - 000002048 _____ () C:\Users\Dee\AppData\Roaming\Loxley Designer PRO Prefs
2013-04-18 22:24 - 2013-07-02 00:51 - 000003072 _____ () C:\Users\Dee\AppData\Roaming\Photostorie Prefsv3
2013-05-31 16:32 - 2013-06-25 04:29 - 000002048 _____ () C:\Users\Dee\AppData\Roaming\SimWare Prefs
2018-07-04 11:59 - 2018-07-04 12:01 - 000208896 _____ () C:\Users\Dee\AppData\Roaming\SimWare_EU Prefsv3
2013-06-25 16:01 - 2016-09-26 22:41 - 000090112 _____ () C:\Users\Dee\AppData\Roaming\SimWare_UK Prefsv3
2011-10-13 21:18 - 2011-10-13 21:18 - 000000600 _____ () C:\Users\Dee\AppData\Roaming\winscp.rnd
2012-09-05 23:17 - 2012-10-26 02:13 - 000000600 _____ () C:\Users\Dee\AppData\Local\PUTTY.RND
2015-05-19 14:51 - 2015-05-19 14:51 - 000000000 _____ () C:\Users\Dee\AppData\Local\{95AC78C3-DD72-4CE4-B0F3-6F661EA50C0D}

Some files in TEMP:
====================
2018-06-25 19:49 - 2018-06-25 19:49 - 302050160 _____ (Fundy Software ) C:\Users\Dee\AppData\Local\Temp\FundyDesigner7_8_0_23.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.

LastRegBack: 2018-06-27 23:47

==================== End of FRST.txt ============================
You do not have the required permissions to view the files attached to this post.
deeorgan
Active Member
 
Posts: 1
Joined: July 4th, 2018, 7:21 am
Advertisement
Register to Remove

Re: slow, windows firewall can't update

Unread postby capnkrunch » July 6th, 2018, 5:03 pm

Warning!
The steps presented in these posts are for this person and machine ONLY. Do not apply these steps to your own system, without the guidance of a trained malware removal helper. Doing so, may possibly damage your system, preventing it from starting.

Hello deeorgan and welcome to the Malware Removal Forums :)

My name is capnkrunch and I will be helping you with your malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  • The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  • You must have Administrator rights, permissions for this computer.
  • DO NOT run any other fix or removal tools unless instructed to do so.
  • DO NOT install any other software (or hardware) during the cleaning process.
  • Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  • Print each set of instructions, if possible. Your Internet connection will not be available during some fix processes.
  • Only reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean".
    Remember, absence of symptoms does mean the infection is all gone.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Failure to respond for 3 days, will result in your topic being closed.

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care, not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


For your safety and protection, I would advise backing up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. The safest practice is not to backup any files with the following file extensions:
exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: slow, windows firewall can't update

Unread postby capnkrunch » July 6th, 2018, 5:07 pm

Is this computer used for business purposes, including home or small business)? Is this computer connected to an education network, for example at a university? I need to know in order to provide proper instructions.

Please run the following scans and post the logs in your reply:

Step one...

MGA Diagnostic Tool
  • Please download MGA Diagnostic Tool and save it to your Desktop.
  • Right click on MGADiag.exe and select Run as adminsitrator.
  • Click on Continue to run the scan.
  • Once the scan is finished click Copy to copy the results. Paste them in your reply.

Step two...

CKScanner
Please download CKScanner and save it to your Desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  • Right click on the CKScanner.exe icon and select Run as administrator.
  • Click the Search For Files button.
  • When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  • Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  • Please copy/paste the contents of ckfiles.txt in your next reply.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

In your next reply please include:
  • Did you have any problems with the instructions?
  • Answers to my questions
  • The MGADiag report
  • ckfiles.txt
  • Are there any changes in computer behavior?
User avatar
capnkrunch
MRU Master
MRU Master
 
Posts: 793
Joined: March 20th, 2015, 6:41 pm
Location: Chicago

Re: slow, windows firewall can't update

Unread postby mAL_rEm018 » July 9th, 2018, 6:22 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 137 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware