Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Potential Virus (Task Manager Missing from CTRL ALT DELETE)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Potential Virus (Task Manager Missing from CTRL ALT DELETE)

Unread postby Anathema » July 7th, 2018, 11:41 am

Running a Windows 8, 64 bit HP laptop. I suspect I have a virus as the task manager wasn't appearing when I pressed CTRL ALT DELETE (I now have the task manager back, but CTRL ALT DELETE only shows "Lock", "Change a Password" and "Task Manager", when there were options previously, IIRC (I haven't used this laptop in years). I have previously run scans and, if relevant, use Online Armor and Malwarebytes, but I haven't looked into configuring them (my understanding is their running while the computer scans can cause false positives? But I am unsure.) Please let me know what steps I should take to ensure this computer is clean, and that it doesn't have any problems in the future.

FRST and Addition.txt below (in that order):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Justin (administrator) on HP (07-07-2018 17:33:59)
Running from C:\Users\Justin\Downloads
Loaded Profiles: Justin (Available Profiles: Justin)
Platform: Windows 8 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAcat.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bradford Networks) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAui.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAhlp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Bradford Networks) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\OAui.exe [7558464 2013-10-16] (Emsisoft GmbH)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-21] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-18] (Apple Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [294928 2018-03-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-18] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [bncsaui.exe] => C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe [2627728 2012-09-24] (Bradford Networks)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [763000 2017-03-28] (Adobe Systems Incorporated)
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Policies\Explorer: [NoLogoff] 1
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [330240 2012-07-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk [2014-01-31]
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61
Tcpip\..\Interfaces\{949D8193-C143-4563-9969-E34A9B7BF307}: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/resu ... &ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/resu ... &ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-07-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-07-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\4yruak52.default [2018-07-07]
FF Homepage: Mozilla\Firefox\Profiles\4yruak52.default -> google.com
FF Session Restore: Mozilla\Firefox\Profiles\4yruak52.default -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [2013-11-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-07-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-07-07] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default [2018-07-07]
CHR Extension: (Docs) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]
CHR Extension: (Google Drive) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (AVG SafePrice) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-07-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-07]
CHR Extension: (Gmail) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-26]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-24] (Amazon.com) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [304776 2018-03-26] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-26] (AVG Technologies CZ, s.r.o.)
R2 BNPagent; C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [3082384 2012-09-24] (Bradford Networks)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-04-07] (Hewlett-Packard) [File not signed]
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-16] (Emsisoft GmbH)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2012-12-13] (Pharos Systems International) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-04-07] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-08-21] (IDT, Inc.) [File not signed]
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-16] (Emsisoft GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-26] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-26] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-26] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-26] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-26] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-26] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-26] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-26] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-26] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-26] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-26] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461568 2018-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-26] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-26] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-07] (Malwarebytes)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-09] (Intel Corporation)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-16] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-16] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-16] (Emsisoft)
R3 OAnet; C:\Windows\system32\DRIVERS\oanet.sys [35368 2013-10-16] (Emsisoft)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-14] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-07 17:28 - 2016-01-05 22:16 - 000826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-07 17:28 - 2016-01-05 22:16 - 000176088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-07 17:18 - 2018-07-07 17:18 - 000000000 ___SD C:\Windows\system32\CompatTel
2018-07-07 17:18 - 2018-07-07 17:18 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-07 16:35 - 2015-10-01 15:10 - 000869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2018-07-07 16:35 - 2015-10-01 15:09 - 000875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2018-07-07 16:25 - 2015-07-09 23:46 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-07-07 16:25 - 2015-07-09 23:44 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2018-07-07 16:25 - 2015-07-09 22:17 - 005095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-07-07 16:25 - 2015-07-09 22:16 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2018-07-07 16:25 - 2015-07-01 15:00 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-07-07 16:25 - 2015-07-01 14:58 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-07-07 16:25 - 2015-07-01 13:42 - 000198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2018-07-07 16:25 - 2015-07-01 13:41 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2018-07-07 16:24 - 2015-11-16 18:17 - 006970712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-07 16:24 - 2015-11-16 18:10 - 001821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-07 16:24 - 2015-11-16 16:55 - 001410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-07 16:24 - 2015-11-16 16:42 - 000171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-07 16:24 - 2015-11-16 16:29 - 000961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2018-07-07 16:24 - 2015-11-16 16:29 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2018-07-07 16:24 - 2015-11-16 16:29 - 000273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-07-07 16:24 - 2015-11-16 16:29 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-07-07 16:24 - 2015-11-16 16:29 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-07-07 16:24 - 2015-11-16 16:28 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-07-07 16:24 - 2015-11-16 16:28 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-07 16:24 - 2015-11-16 16:28 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-07-07 16:24 - 2015-11-16 16:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-07-07 16:24 - 2015-11-16 16:27 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-07 16:24 - 2015-11-16 16:26 - 001637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 001282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 001043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-07-07 16:24 - 2015-11-16 16:26 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-07-07 16:24 - 2015-07-13 23:05 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2018-07-07 16:24 - 2015-07-13 23:05 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-07-07 16:24 - 2015-06-27 15:46 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-07-07 16:24 - 2015-06-27 15:23 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-07-07 16:24 - 2015-03-27 10:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2018-07-07 16:24 - 2015-03-12 07:31 - 001688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-07-07 16:23 - 2015-09-02 15:49 - 002341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-07-07 16:23 - 2015-09-02 15:49 - 001850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-07-07 16:23 - 2015-09-02 15:38 - 001744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-07-07 16:23 - 2015-09-02 15:38 - 001422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-07-07 16:23 - 2015-08-05 15:52 - 001287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-07-07 16:23 - 2015-08-04 16:42 - 008858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-07-07 16:23 - 2015-08-04 16:42 - 002038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-07-07 16:23 - 2015-08-04 16:42 - 001229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2018-07-07 16:23 - 2015-08-04 16:42 - 000356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2018-07-07 16:23 - 2015-08-04 16:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2018-07-07 16:23 - 2015-08-04 15:54 - 010116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-07-07 16:23 - 2015-08-04 15:54 - 001399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2018-07-07 16:23 - 2015-08-04 15:53 - 002307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-07-07 16:23 - 2015-08-04 15:53 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2018-07-07 16:23 - 2015-08-04 15:53 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2018-07-07 16:23 - 2015-07-06 18:16 - 000044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2018-07-07 16:23 - 2015-07-06 16:32 - 000281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2018-07-07 16:23 - 2015-04-13 07:32 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-07-07 16:23 - 2015-03-04 08:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2018-07-07 16:23 - 2015-03-04 08:39 - 000632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2018-07-07 16:23 - 2015-03-04 08:39 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2018-07-07 16:23 - 2015-03-04 06:53 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2018-07-07 16:23 - 2015-03-04 06:52 - 000676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2018-07-07 16:23 - 2014-06-13 01:34 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-07-07 16:23 - 2014-06-13 01:29 - 002146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-07-07 16:22 - 2018-07-07 16:23 - 000039479 _____ C:\Users\Justin\Downloads\Addition.txt
2018-07-07 16:22 - 2015-08-01 18:21 - 000073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-07-07 16:22 - 2015-08-01 17:22 - 000063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-07-07 16:22 - 2015-08-01 15:56 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-07-07 16:22 - 2015-08-01 15:56 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-07-07 16:22 - 2015-08-01 15:56 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-07-07 16:21 - 2018-07-07 17:34 - 000022952 _____ C:\Users\Justin\Downloads\FRST.txt
2018-07-07 16:21 - 2015-10-11 08:45 - 001160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-07-07 16:21 - 2015-10-11 08:45 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-07-07 16:21 - 2015-09-22 19:53 - 001405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-07 16:21 - 2015-09-22 19:53 - 001273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-07 16:21 - 2015-07-30 15:11 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-07-07 16:21 - 2015-07-30 15:10 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-07-07 16:21 - 2014-12-18 10:51 - 000096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-07-07 16:21 - 2014-12-18 08:52 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-07-07 16:21 - 2014-12-18 08:20 - 000702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-07-07 16:20 - 2018-07-07 17:33 - 000000000 ____D C:\FRST
2018-07-07 16:19 - 2018-07-07 16:19 - 002412544 _____ (Farbar) C:\Users\Justin\Downloads\FRST64.exe
2018-07-07 16:19 - 2015-10-27 16:46 - 000320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-07 16:19 - 2015-10-27 16:46 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-07-07 16:19 - 2015-10-27 16:46 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2018-07-07 16:19 - 2015-10-27 15:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-07 16:19 - 2015-10-27 15:54 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-07-07 16:19 - 2015-10-27 15:54 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2018-07-07 16:19 - 2015-09-23 15:10 - 000570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-07 16:19 - 2015-09-23 15:10 - 000377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-07-07 16:19 - 2015-09-23 15:10 - 000332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-07-07 16:18 - 2016-06-25 20:09 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2018-07-07 16:18 - 2015-12-04 18:29 - 001636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2018-07-07 16:18 - 2015-12-04 18:12 - 000793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-07-07 16:18 - 2015-12-04 18:12 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-07-07 16:18 - 2015-12-04 18:12 - 000446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-07-07 16:18 - 2015-12-04 18:12 - 000253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-07-07 16:18 - 2015-12-04 16:55 - 000612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-07-07 16:18 - 2015-12-04 16:55 - 000463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2018-07-07 16:18 - 2015-12-04 16:55 - 000324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-07-07 16:18 - 2015-12-04 16:52 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 002615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 001770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 001376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 001350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 001150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-07-07 16:18 - 2015-12-04 16:52 - 001100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2018-07-07 16:18 - 2015-12-04 16:52 - 001073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2018-07-07 16:18 - 2015-12-04 16:52 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 002893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 001593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 001527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 001208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 001174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-07-07 16:18 - 2015-12-04 16:51 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:51 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2018-07-07 16:18 - 2015-12-04 16:51 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 002620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 002312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 001468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 001374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 000904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 000846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 000382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2018-07-07 16:18 - 2015-12-04 16:46 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2018-07-07 16:18 - 2015-12-04 16:46 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 002400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 001453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2018-07-07 16:18 - 2015-12-04 16:45 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2018-07-07 16:18 - 2015-12-04 16:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2018-07-07 16:18 - 2015-12-04 16:45 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2018-07-07 16:18 - 2015-12-03 21:57 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2018-07-07 16:18 - 2015-11-05 11:55 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-07-07 16:18 - 2015-10-13 15:16 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-07-07 16:18 - 2015-10-13 15:16 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-07-07 16:18 - 2015-09-12 15:09 - 000414559 _____ C:\Windows\system32\ApnDatabase.xml
2018-07-07 16:18 - 2015-03-12 07:31 - 002048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2018-07-07 16:18 - 2015-03-12 07:31 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2018-07-07 16:18 - 2015-03-12 05:52 - 001933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2018-07-07 16:18 - 2015-02-26 06:35 - 004063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-07 16:18 - 2014-12-06 09:51 - 000267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2018-07-07 16:17 - 2016-06-25 20:28 - 000050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-07 16:17 - 2016-06-25 17:55 - 001490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-07 16:17 - 2016-06-25 17:55 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-07 16:17 - 2016-06-17 15:09 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-07 16:17 - 2016-06-04 11:42 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-07-07 16:17 - 2012-10-25 05:27 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-07-07 16:17 - 2012-10-25 05:26 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-07-07 16:17 - 2012-10-25 05:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-07-07 16:14 - 2015-08-01 16:50 - 017562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-07 16:14 - 2015-08-01 15:56 - 019778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-07 16:14 - 2015-04-25 05:41 - 000541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2018-07-07 16:14 - 2015-04-25 01:13 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2018-07-07 16:12 - 2015-07-15 18:09 - 000095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-07-07 16:12 - 2015-07-15 15:29 - 001333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-07 16:12 - 2015-06-25 20:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-07-07 16:12 - 2015-06-25 20:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-07 16:12 - 2015-05-02 08:28 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-07 16:12 - 2015-01-15 11:38 - 000717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-07-07 16:12 - 2015-01-15 11:09 - 000717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-07-07 16:12 - 2015-01-07 06:25 - 000403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-07-07 16:12 - 2014-03-11 02:39 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-07-07 16:12 - 2014-03-11 02:38 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-07-07 16:12 - 2014-03-10 03:27 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-07-07 16:08 - 2015-07-09 23:47 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2018-07-07 16:08 - 2015-07-09 23:47 - 000243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2018-07-07 16:08 - 2015-07-09 22:18 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2018-07-07 14:59 - 2018-07-07 15:30 - 000000000 ____D C:\AdwCleaner
2018-07-07 14:58 - 2018-07-07 14:58 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-07 14:58 - 2018-07-07 14:58 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-07 14:58 - 2018-07-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-07 14:58 - 2018-07-07 14:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-07 14:58 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-07 14:35 - 2018-07-07 16:02 - 000000000 ____D C:\Users\Justin\Downloads\JaFL_106
2018-07-07 14:34 - 2018-07-07 14:34 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\Users\Justin\AppData\Roaming\Sun
2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\Users\Justin\AppData\LocalLow\Sun
2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-07 14:33 - 2018-07-07 14:33 - 000000000 ____D C:\ProgramData\Oracle
2018-07-07 14:33 - 2018-07-07 14:33 - 000000000 ____D C:\Program Files (x86)\Java
2018-07-07 14:19 - 2018-07-07 14:32 - 000000000 ____D C:\Users\Justin\AppData\Roaming\audacity
2018-07-07 14:19 - 2018-07-07 14:19 - 000000000 ____D C:\Users\Justin\AppData\Local\Audacity
2018-07-07 14:17 - 2018-07-07 14:17 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2018-07-07 14:17 - 2018-07-07 14:17 - 000001007 _____ C:\Users\Public\Desktop\Audacity.lnk
2018-07-07 14:16 - 2018-07-07 14:19 - 000000000 ____D C:\Program Files (x86)\Audacity

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-07 17:34 - 2013-01-27 03:57 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3716624157-4244700039-366356191-1001
2018-07-07 17:33 - 2012-07-26 09:28 - 000941178 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-07 17:33 - 2012-07-26 07:37 - 000000000 ____D C:\Windows\Inf
2018-07-07 17:26 - 2012-07-26 09:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-07 17:25 - 2013-03-13 18:47 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-07-07 17:25 - 2013-03-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ___RD C:\Windows\ToastData
2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ____D C:\Program Files\Windows Defender
2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-07-07 17:21 - 2012-07-26 07:38 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2018-07-07 17:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\WinStore
2018-07-07 17:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\AppCompat
2018-07-07 17:17 - 2012-07-26 09:59 - 000000000 ____D C:\Windows\CbsTemp
2018-07-07 17:04 - 2013-03-13 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-07-07 16:49 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-07 16:49 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\AUInstallAgent
2018-07-07 16:03 - 2018-03-26 18:33 - 000000000 ____D C:\ProgramData\AVG
2018-07-07 14:45 - 2012-07-26 09:52 - 000000000 ____D C:\Program Files\Windows Journal
2018-07-07 14:28 - 2018-03-26 18:36 - 000461568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-07-07 14:27 - 2012-09-11 23:01 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-07-07 14:27 - 2012-09-11 23:00 - 000000000 ____D C:\ProgramData\WildTangent
2018-07-07 14:27 - 2012-09-11 23:00 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2018-07-07 14:23 - 2013-01-27 03:54 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-07 14:23 - 2013-01-27 03:54 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-07 14:23 - 2013-01-27 03:52 - 000003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DFF9E34E-B035-4BE3-99D3-23527625BE7A}
2018-07-07 14:22 - 2013-01-27 03:57 - 000000000 ____D C:\Users\Justin\AppData\Roaming\Dropbox
2018-07-07 14:20 - 2016-02-21 18:48 - 000000000 ____D C:\Users\Justin\AppData\Local\Dropbox
2018-07-07 14:20 - 2013-10-15 04:22 - 000004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-07-07 14:19 - 2018-03-26 17:32 - 000004452 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-07 14:19 - 2014-01-31 21:12 - 000000000 ____D C:\ProgramData\McAfee
2018-07-07 14:19 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-07 14:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-07 14:13 - 2013-01-27 03:49 - 000000000 ____D C:\Users\Justin\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-04-09 16:28 - 2014-04-17 20:03 - 000006144 _____ () C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2016-02-21 18:43 - 2016-02-21 18:43 - 000043008 _____ () C:\Users\Justin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprqs6s_.dll
2016-02-21 18:51 - 2016-02-21 18:51 - 000043008 _____ () C:\Users\Justin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzyjp3h.dll
2014-01-04 04:00 - 2008-10-15 21:42 - 000050432 _____ () C:\Users\Justin\AppData\Local\Temp\Extract.exe
2013-03-18 19:34 - 2006-10-28 07:28 - 000145184 ____R (Microsoft Corporation) C:\Users\Justin\AppData\Local\Temp\ose00000.exe
2014-01-03 22:37 - 2014-01-03 22:37 - 002958800 _____ (Hewlett-Packard ) C:\Users\Justin\AppData\Local\Temp\SP63752.exe
2014-02-15 22:20 - 2014-02-15 22:20 - 044799704 _____ (Hewlett-Packard ) C:\Users\Justin\AppData\Local\Temp\sp64126.exe
2014-01-03 16:32 - 2014-01-03 16:32 - 006748376 _____ (Hewlett-Packard Company ) C:\Users\Justin\AppData\Local\Temp\SP64215.exe
2014-02-17 19:30 - 2017-09-27 09:33 - 000172400 _____ (HP Inc.) C:\Users\Justin\AppData\Local\Temp\UninstallHPSA.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-09 19:39

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Justin (07-07-2018 17:35:50)
Running from C:\Users\Justin\Downloads
Windows 8 (X64) (2013-01-27 01:49:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3716624157-4244700039-366356191-500 - Administrator - Disabled)
Guest (S-1-5-21-3716624157-4244700039-366356191-501 - Limited - Disabled)
Justin (S-1-5-21-3716624157-4244700039-366356191-1001 - Administrator - Enabled) => C:\Users\Justin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{D7C307E7-96A7-4BEE-ACF8-D795007E7C16}) (Version: 7.2.5 - Hewlett-Packard) Hidden
Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.124 - Lavasoft)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
Amazon Unbox Video (HKLM-x32\...\{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com) Hidden
Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.2.3046 - AVG Technologies)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bradford Persistent Agent (HKLM-x32\...\{97FBB5BD-BCAD-4075-B87B-DD1DB9A70AB6}) (Version: 2.2.8.2 - Bradford Networks)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Electronic Bluebook (HKLM-x32\...\{40555C58-DD49-467F-8EFF-8F0A21AA42A2}) (Version: 4.0.0.2 - CompuTest, LLC) Hidden
Electronic Bluebook (HKLM-x32\...\Electronic Bluebook) (Version: 4.0.0.2 - CompuTest, LLC)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Final Drive Fury (HKLM-x32\...\WTA-a81fc80a-efa3-4969-9b6c-ce1432505e19) (Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (HKLM-x32\...\WTA-e07c66b4-493a-450e-9ccb-6421d161f677) (Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-d266139f-67b9-4ebe-851c-eabe97dba166) (Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-28d4f934-306b-4277-a26e-3e73c4beb6b8) (Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A029F666-056B-4399-B72E-214C5990B684}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.8.37.11 - HP Inc.)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-9eacce82-e2b4-4311-aa5e-53e0ba4a0d67) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-efb13e6d-a7f6-40cd-9cc5-f406ee77bc89) (Version: 2.2.0.95 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-6e469c29-eb8a-48e8-bcbf-8a22a5e3b35f) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32\...\WTA-fad31e6c-2d22-4807-bc43-67767bfbc43c) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (HKLM-x32\...\WTA-f2909193-dbfd-4fb3-bd54-c2932d60efed) (Version: 2.2.0.98 - WildTangent) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-cb937668-e2b3-4f75-9f3b-312a5cfdbe9b) (Version: 2.2.0.98 - WildTangent) Hidden
Online Armor 6.0 (HKLM-x32\...\OnlineArmor_is1) (Version: 6.0 - Emsisoft GmbH)
Peggle Nights (HKLM-x32\...\WTA-4ee324a0-e2db-479d-9446-aa9a0d14b93f) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-2a2b2f0a-5bd2-4bdb-862b-bf712cbdb12f) (Version: 2.2.0.98 - WildTangent) Hidden
Pharos (HKLM-x32\...\Pharos) (Version: - )
Polar Bowler (HKLM-x32\...\WTA-bd345c11-581a-41a9-86c0-21abd9742e9f) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-0769eea8-52c3-4e9d-b4a1-99e29e899002) (Version: 2.2.0.98 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-d1981cdf-c034-498a-8cf8-916c6874e714) (Version: 2.2.0.98 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Tales of Lagoona (HKLM-x32\...\WTA-923a1603-7a90-40d4-8b6d-3a34429e5b0f) (Version: 2.2.0.110 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vacation Quest™ - Australia (HKLM-x32\...\WTA-e894d0d6-11d2-4d79-9b2e-0fcb9343094d) (Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Zuma's Revenge (HKLM-x32\...\WTA-41bf6164-726f-43ad-9ff4-ddd581bf2986) (Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-03-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-19] (Cyberlink)
ContextMenuHandlers1: [OnlineArmorShell] -> {4F07DA46-8170-4859-9B5F-037EF2970034} => C:\Program Files (x86)\Online Armor\OAevent64.dll [2013-10-16] (Emsisoft GmbH)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-19] (Cyberlink)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-21] (Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-03-26] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [OnlineArmorShell] -> {4F07DA46-8170-4859-9B5F-037EF2970034} => C:\Program Files (x86)\Online Armor\OAevent64.dll [2013-10-16] (Emsisoft GmbH)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09EC3DBE-EA18-4A57-B534-8DE5F4AE5BAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-07] (Adobe Systems Incorporated)
Task: {1523AEE1-AA63-40F7-A524-8532E55DD6FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-27] (HP Inc.)
Task: {280CF9A1-917D-4C33-8E3F-C33315B28BF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)
Task: {2A8EDDC4-ED68-45C2-9AF9-08BCA537DC63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-27] (HP Inc.)
Task: {4B953C40-0E56-4B29-BFDB-8F05B18DE609} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {4EDBCE16-A545-4284-A8E5-EF8816FECF52} - System32\Tasks\{567C13E9-3647-43BC-BE1E-3EF7FDACFD08} => C:\Windows\system32\pcalua.exe -a C:\Users\Justin\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe -c /InstallType:USER
Task: {52EA0475-6662-4C4B-8B6A-EFFB3B1402EF} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-03-26] (AVG Technologies CZ, s.r.o.)
Task: {53F8A5F0-3D37-4F92-AB23-34EC85C8632A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {6AD1838B-EFD7-4E30-B449-C8FAA51FA0D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-09-27] (HP Inc.)
Task: {7017F790-8801-4B65-AB97-74A0554E0DFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {7B8EB2E1-E73E-422E-A5BF-9B3B07FCE5AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {88844F1C-148D-4526-B9A3-AD1986DF7844} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-11] (Hewlett-Packard Development Company, L.P.)
Task: {8C5822F8-9C64-4616-A9AB-5730699DD8F6} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {B3FA1DF4-C13D-4577-BB0A-1089B5D6C70C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)
Task: {BFCFF81C-B259-4193-A370-9737687B2A47} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-07-07] (Adobe Systems Incorporated)
Task: {C137EEB6-A47C-4D7B-B3C4-45E42D65F3FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {C415F8FC-9D97-4078-B77D-2E1117EFBB46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {CAE48042-49C4-4462-8234-D1459541A6CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.)
Task: {DCB4D8FB-76D2-4F16-AFA4-31150DC127D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {E1A69560-B9F7-43EC-AAC7-FBBB6E633800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-27] (HP Inc.)
Task: {F4F8C09B-73FE-4AE9-AF2A-B7DC1A23D304} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-12-18 01:38 - 2015-12-18 01:38 - 000085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-18 01:38 - 2015-12-18 01:38 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-07-07 14:58 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000722672 _____ () c:\Program Files\AVG\Antivirus\x64\vaarclient.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000913136 _____ () C:\Program Files\AVG\Antivirus\x64\ffl2.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000342768 _____ () c:\Program Files\AVG\Antivirus\x64\StreamBack.dll
2012-07-30 15:10 - 2012-07-30 15:10 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-03-26 18:07 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-26 18:07 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000289008 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000281328 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2018-07-07 14:08 - 2018-07-07 14:08 - 005839088 _____ () C:\Program Files\AVG\Antivirus\defs\18070702\algo.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000758000 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000965872 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 000476400 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll
2012-09-11 23:24 - 2012-06-25 20:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-19 23:20 - 2012-06-08 05:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 17:34 - 2012-06-08 17:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2018-03-26 18:35 - 2018-03-26 18:35 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2018-07-07 15:51 - 000000834 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\Svinoya_Sunset.jpg
DNS Servers: 62.2.24.158 - 62.2.17.60
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"
HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\StartupApproved\Run: => "Dropbox Update"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57DEA401-29EF-494E-A7D8-A1A5FD8FB2E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FED0097-013A-4337-A648-F67AAC01B840}] => (Allow) LPort=2869
FirewallRules: [{578F4212-90F0-40F4-A16D-E27B82093732}] => (Allow) LPort=1900
FirewallRules: [{25E8E181-CCD6-4C91-BC0A-FF152F3F1653}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{B0F6E075-464E-46DA-9680-233D7DDC7757}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{577EAEA3-6DC1-45A9-9CC8-6A2A4187B669}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{9A23B253-B624-44CD-A165-C3B2BD91B8CA}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{F90D3560-11C4-4D12-914B-9CFEEE9EB0A2}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{7722C9E4-DFB4-4062-825D-41589DA9871A}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{84AF9BBF-6632-4AC1-9824-E8D822EBE2C2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5B1D3875-FE94-46A8-A859-050884E4CC8F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{DB881A09-84B8-4EA7-8C4A-AEFF05668474}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{6AC68E72-6E6E-49ED-90E3-79BA56B37E30}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
FirewallRules: [{15F4C0BA-BA8D-4C30-A701-0B18C6641D15}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
FirewallRules: [{FE579E1E-C2FE-4D2D-A3F9-C21E992CA5D8}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
FirewallRules: [{BFEA9FD4-6680-4AA5-A73A-C161A918FA33}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
FirewallRules: [{3A74DBA8-1E72-4D67-ACA5-4245034B30F7}] => (Allow) C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4C042606-FCD0-4437-8C87-50391C9BB991}] => (Allow) C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1E37BB6F-101D-4266-A19A-CDA0E3101E41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4FBD4411-68B9-49C1-B89C-529213E73F1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01CF8892-CD2E-4E3C-A925-5950FA31D4F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E9543CC6-61E1-45DE-ACCE-5D3F6CEDDE21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CD4FA051-3DF3-431A-A869-D439AADDA95E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E8F77776-0A68-4BD9-8CA6-0BB420686AF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-05-2016 19:07:26 Windows Update
26-03-2018 19:07:39 Installed HP Support Assistant
07-07-2018 14:06:29 Windows Update

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2018 03:28:43 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (07/07/2018 03:26:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x521e80f5
Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x521e7ff7
Exception code: 0xc0000005
Fault offset: 0x0000000000026570
Faulting process id: 0xdb0
Faulting application start time: 0x01d415f5f930bb31
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
Report Id: 589e797d-81e9-11e8-bebc-e506f3ec907c
Faulting package full name:
Faulting package-relative application ID:

Error: (03/26/2018 07:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15578

Error: (03/26/2018 07:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15578

Error: (03/26/2018 07:27:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/26/2018 07:27:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bndaemon.exe, version: 2.2.8.2, time stamp: 0x5060c2f8
Faulting module name: bndaemon.exe, version: 2.2.8.2, time stamp: 0x5060c2f8
Exception code: 0xc0000005
Fault offset: 0x0002ca62
Faulting process id: 0x714
Faulting application start time: 0x01d3c52682dfee27
Faulting application path: C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
Faulting module path: C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
Report Id: f9edc910-311a-11e8-beba-90cdb44d513d
Faulting package full name:
Faulting package-relative application ID:

Error: (03/26/2018 07:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.634, time stamp: 0x5a7e0996
Faulting module name: SelfProtectionShim.dll_unloaded, version: 0.0.0.0, time stamp: 0x5a78dd93
Exception code: 0xc0000005
Fault offset: 0x000007fc184f319f
Faulting process id: 0x1214
Faulting application start time: 0x01d3c52759f83a46
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: SelfProtectionShim.dll
Report Id: ae56b8d9-311a-11e8-beba-90cdb44d513d
Faulting package full name:
Faulting package-relative application ID:

Error: (03/26/2018 07:24:44 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Disabled performance counter data collection from the "ASP.NET_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.


System errors:
=============
Error: (07/07/2018 05:24:41 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (07/07/2018 05:24:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/07/2018 05:13:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB3037575).

Error: (07/07/2018 05:12:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2968295).

Error: (07/07/2018 05:11:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Windows 8 for x64-based Systems (KB2977292).

Error: (07/07/2018 05:09:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Windows 8 for x64-based Systems (KB3030377).

Error: (07/07/2018 05:09:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 8 for x64-based Systems (KB2955163).

Error: (07/07/2018 05:08:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 8 for x64-based Systems (KB3013767).


Windows Defender:
===================================
Date: 2016-02-21 20:57:32.461
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {C3391186-AA7F-4351-B4B7-0EE98496597D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2015-04-30 20:47:00.908
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F11FC287-A28B-49E8-9418-D0B7D4533E5A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-04-25 14:42:04.998
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {27FA4003-AC50-431A-AB8B-629FE043A6CD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-04-25 14:27:59.293
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {0842E7C2-CA04-43DA-AEFB-1980907F0FE9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-04-23 05:28:30.087
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F7A13292-EED1-49A3-A4B4-FAF75A40C06D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-26 18:31:10.893
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.263.1173.0
Previous Signature Version: 1.221.606.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.14600.4
Previous Engine Version: 1.1.12804.0
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2018-03-26 18:31:10.893
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.263.1173.0
Previous Signature Version: 1.221.606.0
Update Source: User
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.14600.4
Previous Engine Version: 1.1.12804.0
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2018-03-26 18:31:10.893
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.14600.4
Previous Engine Version: 1.1.12804.0
Error Code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2018-03-26 18:28:24.903
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.221.606.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12804.0
Error code: 0x80244022
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-03-26 18:24:33.526
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.221.606.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.12804.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 6037.96 MB
Available physical RAM: 4452.28 MB
Total Virtual: 6997.96 MB
Available Virtual: 5474.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:672.07 GB) (Free:606.08 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.79 GB) (Free:2.96 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{75d988db-129f-4f20-afa0-e40de626987c}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: EB24C640)

Partition: GPT.

==================== End of Addition.txt ============================
Anathema
Active Member
 
Posts: 3
Joined: July 7th, 2018, 10:35 am
Advertisement
Register to Remove

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby mAL_rEm018 » July 13th, 2018, 5:53 am

Hello Anathema,

My apologies for the delay in getting to your topic. If you still need help, please post a frest set of FRST logs..

  • Right-click on FRST64.exe and select Run as administrator.
  • The tool might update. Please allow it to do so.
  • Select Scan.
  • When the scan is over two windows will open, FRST.txt and Addition.txt.
  • Please post the contents of both logs in your next reply.

If you don't require help anymore, I would be grateful if you could let me know, so that I can close this topic.

mAL
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby Anathema » July 15th, 2018, 2:18 pm

Thanks for the reply! I ran the FRST and both logs are below. I should note the Internet was not active when I ran them, and I noticed the disk usage was a lot lower (when the Internet was on and Chrome windows were up last time, the disk usage was higher)

FRST first, then Addition second below:
-----

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018

Ran by Justin (administrator) on HP (15-07-2018 19:20:27)

Running from C:\Users\Justin\Downloads

Loaded Profiles: Justin (Available Profiles: Justin)

Platform: Windows 8 (X64) Language: English (United States)

Internet Explorer Version 10 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/



==================== Processes (Whitelisted) =================



(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAcat.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAsrv.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Bradford Networks) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAui.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\OAhlp.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AvLaunch.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Bradford Networks) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe



==================== Registry (Whitelisted) ===========================



(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)



HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp

HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files (x86)\Online Armor\OAui.exe [7558464 2013-10-16] (Emsisoft GmbH)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-21] (IDT, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-18] (Apple Inc.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [294928 2018-03-26] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-18] (Apple Inc.)

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)

HKLM-x32\...\Run: [bncsaui.exe] => C:\Program Files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe [2627728 2012-09-24] (Bradford Networks)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Run: [Power2GoExpress8] => NA

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [763000 2017-03-28] (Adobe Systems Incorporated)

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\Policies\Explorer: [NoLogoff] 1

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [330240 2012-07-26] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk [2014-01-31]

ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)



==================== Internet (Whitelisted) ====================



(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)





Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

SearchScopes: HKLM -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/resu ... &ent=ch&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/resu ... &ent=ch&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {9852A465-F4BA-4556-AF53-15E0FB48A448} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKU\S-1-5-21-3716624157-4244700039-366356191-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.)

BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => No File

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-07-07] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-07-07] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.)



FireFox:

========

FF ProfilePath: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\4yruak52.default [2018-07-07]

FF Homepage: Mozilla\Firefox\Profiles\4yruak52.default -> google.com

FF Session Restore: Mozilla\Firefox\Profiles\4yruak52.default -> is enabled.

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-07-07] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)

FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-07-07] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [2013-11-25] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-07-07] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-07-07] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [] ()

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-07] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-07] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)



Chrome:

=======

CHR DefaultProfile: Default

CHR Session Restore: Default -> is enabled.

CHR Profile: C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default [2018-07-07]

CHR Extension: (Docs) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]

CHR Extension: (Google Drive) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]

CHR Extension: (YouTube) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]

CHR Extension: (Google Search) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]

CHR Extension: (Google Docs Offline) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]

CHR Extension: (AVG SafePrice) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-07-07]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-07]

CHR Extension: (Gmail) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-01]

CHR Extension: (Chrome Media Router) - C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-26]

CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx



==================== Services (Whitelisted) ====================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



S3 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-24] (Amazon.com) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [304776 2018-03-26] (AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-26] (AVG Technologies CZ, s.r.o.)

R2 BNPagent; C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [3082384 2012-09-24] (Bradford Networks)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)

S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-04-07] (Hewlett-Packard) [File not signed]

R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [584864 2013-10-16] (Emsisoft GmbH)

R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2012-12-13] (Pharos Systems International) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-04-07] (Hewlett-Packard) [File not signed]

R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-08-21] (IDT, Inc.) [File not signed]

R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4457688 2013-10-16] (Emsisoft GmbH)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)



===================== Drivers (Whitelisted) ======================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [189032 2018-03-26] (AVG Technologies CZ, s.r.o.)

R1 avgbdisk; C:\Windows\System32\drivers\avgbdiska.sys [166552 2018-03-26] (AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [221096 2018-03-26] (AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [193024 2018-03-26] (AVG Technologies CZ, s.r.o.)

R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [337344 2018-03-26] (AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [51272 2018-03-26] (AVG Technologies CZ, s.r.o.)

S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [39352 2018-03-26] (AVG Technologies CZ, s.r.o.)

R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [139040 2018-03-26] (AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [102720 2018-03-26] (AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [76760 2018-03-26] (AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1019088 2018-03-26] (AVG Technologies CZ, s.r.o.)

R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461568 2018-07-07] (AVG Technologies CZ, s.r.o.)

R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [198368 2018-03-26] (AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [372920 2018-03-26] (AVG Technologies CZ, s.r.o.)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)

S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-07] (Malwarebytes)

R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-09] (Intel Corporation)

R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [64720 2013-10-16] ()

R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62008 2013-10-16] ()

R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [52360 2013-10-16] (Emsisoft)

R3 OAnet; C:\Windows\system32\DRIVERS\oanet.sys [35368 2013-10-16] (Emsisoft)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-14] (Realtek Semiconductor Corp.)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)

S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-10] (Windows (R) Win 7 DDK provider)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)

S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-10] (Windows (R) Win 7 DDK provider)



==================== NetSvcs (Whitelisted) ===================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)





==================== One Month Created files and folders ========



(If an entry is included in the fixlist, the file/folder will be moved.)



2018-07-15 19:18 - 2018-07-15 19:18 - 000373032 _____ C:\Windows\system32\FNTCACHE.DAT

2018-07-14 20:23 - 2018-07-14 20:49 - 000000000 ____D C:\Users\Justin\Documents\Audacity

2018-07-14 19:51 - 2014-03-11 02:41 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2018-07-14 19:51 - 2014-03-11 02:41 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2018-07-14 19:51 - 2014-03-10 05:05 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2018-07-14 19:50 - 2014-03-11 02:38 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2018-07-14 19:50 - 2014-03-11 02:38 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2018-07-14 19:50 - 2014-03-11 02:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll

2018-07-14 19:50 - 2014-03-11 02:38 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2018-07-07 17:28 - 2016-01-05 22:16 - 000826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2018-07-07 17:28 - 2016-01-05 22:16 - 000176088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2018-07-07 17:18 - 2018-07-07 17:18 - 000000000 ___SD C:\Windows\system32\CompatTel

2018-07-07 17:18 - 2018-07-07 17:18 - 000000000 ____D C:\Windows\system32\appraiser

2018-07-07 16:35 - 2015-10-01 15:10 - 000869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll

2018-07-07 16:35 - 2015-10-01 15:09 - 000875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll

2018-07-07 16:25 - 2015-07-09 23:46 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2018-07-07 16:25 - 2015-07-09 23:44 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2018-07-07 16:25 - 2015-07-09 22:17 - 005095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2018-07-07 16:25 - 2015-07-09 22:16 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2018-07-07 16:25 - 2015-07-01 15:00 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2018-07-07 16:25 - 2015-07-01 14:58 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2018-07-07 16:25 - 2015-07-01 13:42 - 000198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2018-07-07 16:25 - 2015-07-01 13:41 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2018-07-07 16:24 - 2015-11-16 18:17 - 006970712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2018-07-07 16:24 - 2015-11-16 18:10 - 001821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2018-07-07 16:24 - 2015-11-16 16:55 - 001410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2018-07-07 16:24 - 2015-11-16 16:42 - 000171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2018-07-07 16:24 - 2015-11-16 16:29 - 000961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll

2018-07-07 16:24 - 2015-11-16 16:29 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll

2018-07-07 16:24 - 2015-11-16 16:29 - 000273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2018-07-07 16:24 - 2015-11-16 16:29 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2018-07-07 16:24 - 2015-11-16 16:29 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2018-07-07 16:24 - 2015-11-16 16:28 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll

2018-07-07 16:24 - 2015-11-16 16:28 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2018-07-07 16:24 - 2015-11-16 16:28 - 000384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll

2018-07-07 16:24 - 2015-11-16 16:28 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2018-07-07 16:24 - 2015-11-16 16:27 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2018-07-07 16:24 - 2015-11-16 16:26 - 001637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 001282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 001043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2018-07-07 16:24 - 2015-11-16 16:26 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2018-07-07 16:24 - 2015-07-13 23:05 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

2018-07-07 16:24 - 2015-07-13 23:05 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2018-07-07 16:24 - 2015-06-27 15:46 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2018-07-07 16:24 - 2015-06-27 15:23 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2018-07-07 16:24 - 2015-03-27 10:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll

2018-07-07 16:24 - 2015-03-12 07:31 - 001688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll

2018-07-07 16:23 - 2015-09-02 15:49 - 002341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2018-07-07 16:23 - 2015-09-02 15:49 - 001850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2018-07-07 16:23 - 2015-09-02 15:38 - 001744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2018-07-07 16:23 - 2015-09-02 15:38 - 001422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2018-07-07 16:23 - 2015-08-05 15:52 - 001287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2018-07-07 16:23 - 2015-08-04 16:42 - 008858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2018-07-07 16:23 - 2015-08-04 16:42 - 002038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2018-07-07 16:23 - 2015-08-04 16:42 - 001229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll

2018-07-07 16:23 - 2015-08-04 16:42 - 000356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll

2018-07-07 16:23 - 2015-08-04 16:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll

2018-07-07 16:23 - 2015-08-04 15:54 - 010116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll

2018-07-07 16:23 - 2015-08-04 15:54 - 001399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll

2018-07-07 16:23 - 2015-08-04 15:53 - 002307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2018-07-07 16:23 - 2015-08-04 15:53 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll

2018-07-07 16:23 - 2015-08-04 15:53 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll

2018-07-07 16:23 - 2015-07-06 18:16 - 000044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys

2018-07-07 16:23 - 2015-07-06 16:32 - 000281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys

2018-07-07 16:23 - 2015-04-13 07:32 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2018-07-07 16:23 - 2015-03-04 08:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe

2018-07-07 16:23 - 2015-03-04 08:39 - 000632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2018-07-07 16:23 - 2015-03-04 08:39 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll

2018-07-07 16:23 - 2015-03-04 06:53 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

2018-07-07 16:23 - 2015-03-04 06:52 - 000676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

2018-07-07 16:23 - 2014-06-13 01:34 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2018-07-07 16:23 - 2014-06-13 01:29 - 002146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2018-07-07 16:22 - 2018-07-07 17:36 - 000039729 _____ C:\Users\Justin\Downloads\Addition.txt

2018-07-07 16:22 - 2015-08-01 18:21 - 000073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2018-07-07 16:22 - 2015-08-01 17:22 - 000063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2018-07-07 16:22 - 2015-08-01 15:56 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2018-07-07 16:22 - 2015-08-01 15:56 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2018-07-07 16:22 - 2015-08-01 15:56 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2018-07-07 16:21 - 2018-07-15 19:21 - 000021153 _____ C:\Users\Justin\Downloads\FRST.txt

2018-07-07 16:21 - 2015-10-11 08:45 - 001160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2018-07-07 16:21 - 2015-10-11 08:45 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL

2018-07-07 16:21 - 2015-09-22 19:53 - 001405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2018-07-07 16:21 - 2015-09-22 19:53 - 001273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2018-07-07 16:21 - 2015-07-30 15:11 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2018-07-07 16:21 - 2015-07-30 15:10 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2018-07-07 16:21 - 2014-12-18 10:51 - 000096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys

2018-07-07 16:21 - 2014-12-18 08:52 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2018-07-07 16:21 - 2014-12-18 08:20 - 000702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2018-07-07 16:20 - 2018-07-15 19:20 - 000000000 ____D C:\FRST

2018-07-07 16:19 - 2018-07-07 16:19 - 002412544 _____ (Farbar) C:\Users\Justin\Downloads\FRST64.exe

2018-07-07 16:19 - 2015-10-27 16:46 - 000320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2018-07-07 16:19 - 2015-10-27 16:46 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2018-07-07 16:19 - 2015-10-27 16:46 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll

2018-07-07 16:19 - 2015-10-27 15:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2018-07-07 16:19 - 2015-10-27 15:54 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2018-07-07 16:19 - 2015-10-27 15:54 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll

2018-07-07 16:19 - 2015-09-23 15:10 - 000570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2018-07-07 16:19 - 2015-09-23 15:10 - 000377552 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll

2018-07-07 16:19 - 2015-09-23 15:10 - 000332576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll

2018-07-07 16:18 - 2016-06-25 20:09 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe

2018-07-07 16:18 - 2015-12-04 18:29 - 001636784 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll

2018-07-07 16:18 - 2015-12-04 18:12 - 000793312 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2018-07-07 16:18 - 2015-12-04 18:12 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2018-07-07 16:18 - 2015-12-04 18:12 - 000446872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2018-07-07 16:18 - 2015-12-04 18:12 - 000253624 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2018-07-07 16:18 - 2015-12-04 16:55 - 000612528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2018-07-07 16:18 - 2015-12-04 16:55 - 000463880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2018-07-07 16:18 - 2015-12-04 16:55 - 000324456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2018-07-07 16:18 - 2015-12-04 16:52 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 002615808 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 001770496 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 001376256 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 001350656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 001150464 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll

2018-07-07 16:18 - 2015-12-04 16:52 - 001100800 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll

2018-07-07 16:18 - 2015-12-04 16:52 - 001073664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL

2018-07-07 16:18 - 2015-12-04 16:52 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 002893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 001593344 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 001527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 001208832 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 001174016 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax

2018-07-07 16:18 - 2015-12-04 16:51 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:51 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll

2018-07-07 16:18 - 2015-12-04 16:51 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 002620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 002312704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 001468928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 001374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 000904192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 000846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 000382464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL

2018-07-07 16:18 - 2015-12-04 16:46 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll

2018-07-07 16:18 - 2015-12-04 16:46 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 002400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 001453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax

2018-07-07 16:18 - 2015-12-04 16:45 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL

2018-07-07 16:18 - 2015-12-04 16:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll

2018-07-07 16:18 - 2015-12-04 16:45 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll

2018-07-07 16:18 - 2015-12-03 21:57 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2018-07-07 16:18 - 2015-11-05 11:55 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys

2018-07-07 16:18 - 2015-10-13 15:16 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2018-07-07 16:18 - 2015-10-13 15:16 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2018-07-07 16:18 - 2015-09-12 15:09 - 000414559 _____ C:\Windows\system32\ApnDatabase.xml

2018-07-07 16:18 - 2015-03-12 07:31 - 002048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2018-07-07 16:18 - 2015-03-12 07:31 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll

2018-07-07 16:18 - 2015-03-12 05:52 - 001933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

2018-07-07 16:18 - 2015-02-26 06:35 - 004063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2018-07-07 16:18 - 2014-12-06 09:51 - 000267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2018-07-07 16:17 - 2016-06-25 20:28 - 000050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2018-07-07 16:17 - 2016-06-25 17:55 - 001490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2018-07-07 16:17 - 2016-06-25 17:55 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2018-07-07 16:17 - 2016-06-17 15:09 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2018-07-07 16:17 - 2016-06-04 11:42 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2018-07-07 16:17 - 2012-10-25 05:27 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe

2018-07-07 16:17 - 2012-10-25 05:26 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll

2018-07-07 16:17 - 2012-10-25 05:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll

2018-07-07 16:14 - 2015-08-01 16:50 - 017562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2018-07-07 16:14 - 2015-08-01 15:56 - 019778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2018-07-07 16:14 - 2015-04-25 05:41 - 000541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2018-07-07 16:14 - 2015-04-25 01:13 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2018-07-07 16:12 - 2015-07-15 18:09 - 000095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2018-07-07 16:12 - 2015-07-15 15:29 - 001333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2018-07-07 16:12 - 2015-06-25 20:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2018-07-07 16:12 - 2015-06-25 20:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2018-07-07 16:12 - 2015-05-02 08:28 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2018-07-07 16:12 - 2015-01-15 11:38 - 000717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2018-07-07 16:12 - 2015-01-15 11:09 - 000717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2018-07-07 16:12 - 2015-01-07 06:25 - 000403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2018-07-07 16:12 - 2014-03-11 02:39 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2018-07-07 16:12 - 2014-03-11 02:38 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2018-07-07 16:12 - 2014-03-10 03:27 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2018-07-07 16:08 - 2015-07-09 23:47 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe

2018-07-07 16:08 - 2015-07-09 23:47 - 000243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe

2018-07-07 16:08 - 2015-07-09 22:18 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

2018-07-07 14:59 - 2018-07-07 15:30 - 000000000 ____D C:\AdwCleaner

2018-07-07 14:58 - 2018-07-07 14:58 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2018-07-07 14:58 - 2018-07-07 14:58 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2018-07-07 14:58 - 2018-07-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2018-07-07 14:58 - 2018-07-07 14:58 - 000000000 ____D C:\ProgramData\Malwarebytes

2018-07-07 14:58 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2018-07-07 14:35 - 2018-07-07 16:02 - 000000000 ____D C:\Users\Justin\Downloads\JaFL_106

2018-07-07 14:34 - 2018-07-07 14:34 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\Users\Justin\AppData\Roaming\Sun

2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\Users\Justin\AppData\LocalLow\Sun

2018-07-07 14:34 - 2018-07-07 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2018-07-07 14:33 - 2018-07-07 14:33 - 000000000 ____D C:\ProgramData\Oracle

2018-07-07 14:33 - 2018-07-07 14:33 - 000000000 ____D C:\Program Files (x86)\Java

2018-07-07 14:19 - 2018-07-14 20:50 - 000000000 ____D C:\Users\Justin\AppData\Roaming\audacity

2018-07-07 14:19 - 2018-07-07 14:19 - 000000000 ____D C:\Users\Justin\AppData\Local\Audacity

2018-07-07 14:17 - 2018-07-07 14:17 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2018-07-07 14:17 - 2018-07-07 14:17 - 000001007 _____ C:\Users\Public\Desktop\Audacity.lnk

2018-07-07 14:16 - 2018-07-07 14:19 - 000000000 ____D C:\Program Files (x86)\Audacity



==================== One Month Modified files and folders ========



(If an entry is included in the fixlist, the file/folder will be moved.)



2018-07-15 19:18 - 2012-07-26 09:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2018-07-14 20:51 - 2012-07-26 09:28 - 000941178 _____ C:\Windows\system32\PerfStringBackup.INI

2018-07-14 20:51 - 2012-07-26 07:37 - 000000000 ____D C:\Windows\Inf

2018-07-14 20:04 - 2012-07-26 09:59 - 000000000 ____D C:\Windows\CbsTemp

2018-07-14 20:00 - 2013-01-27 03:57 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3716624157-4244700039-366356191-1001

2018-07-14 19:53 - 2018-03-26 18:37 - 000004162 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update

2018-07-07 17:39 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps

2018-07-07 17:39 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\AUInstallAgent

2018-07-07 17:25 - 2013-03-13 18:47 - 000000000 ____D C:\Program Files\Microsoft Silverlight

2018-07-07 17:25 - 2013-03-13 18:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ___RD C:\Windows\ToastData

2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ____D C:\Program Files\Windows Defender

2018-07-07 17:21 - 2012-07-26 10:12 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2018-07-07 17:21 - 2012-07-26 07:38 - 000000000 ____D C:\Windows\system32\AdvancedInstallers

2018-07-07 17:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\WinStore

2018-07-07 17:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\AppCompat

2018-07-07 17:04 - 2013-03-13 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2018-07-07 16:03 - 2018-03-26 18:33 - 000000000 ____D C:\ProgramData\AVG

2018-07-07 14:45 - 2012-07-26 09:52 - 000000000 ____D C:\Program Files\Windows Journal

2018-07-07 14:28 - 2018-03-26 18:36 - 000461568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys

2018-07-07 14:27 - 2012-09-11 23:01 - 000000000 ____D C:\Program Files (x86)\HP Games

2018-07-07 14:27 - 2012-09-11 23:00 - 000000000 ____D C:\ProgramData\WildTangent

2018-07-07 14:27 - 2012-09-11 23:00 - 000000000 ____D C:\Program Files (x86)\WildTangent Games

2018-07-07 14:23 - 2013-01-27 03:54 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2018-07-07 14:23 - 2013-01-27 03:54 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2018-07-07 14:23 - 2013-01-27 03:52 - 000003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DFF9E34E-B035-4BE3-99D3-23527625BE7A}

2018-07-07 14:22 - 2013-01-27 03:57 - 000000000 ____D C:\Users\Justin\AppData\Roaming\Dropbox

2018-07-07 14:20 - 2016-02-21 18:48 - 000000000 ____D C:\Users\Justin\AppData\Local\Dropbox

2018-07-07 14:20 - 2013-10-15 04:22 - 000004288 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2018-07-07 14:19 - 2018-03-26 17:32 - 000004452 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier

2018-07-07 14:19 - 2014-01-31 21:12 - 000000000 ____D C:\ProgramData\McAfee

2018-07-07 14:19 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\system32\Macromed

2018-07-07 14:18 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2018-07-07 14:13 - 2013-01-27 03:49 - 000000000 ____D C:\Users\Justin\AppData\Local\Packages



==================== Files in the root of some directories =======



2014-04-09 16:28 - 2014-04-17 20:03 - 000006144 _____ () C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini



Some files in TEMP:

====================

2016-02-21 18:43 - 2016-02-21 18:43 - 000043008 _____ () C:\Users\Justin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprqs6s_.dll

2016-02-21 18:51 - 2016-02-21 18:51 - 000043008 _____ () C:\Users\Justin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzyjp3h.dll

2014-01-04 04:00 - 2008-10-15 21:42 - 000050432 _____ () C:\Users\Justin\AppData\Local\Temp\Extract.exe

2013-03-18 19:34 - 2006-10-28 07:28 - 000145184 ____R (Microsoft Corporation) C:\Users\Justin\AppData\Local\Temp\ose00000.exe

2014-01-03 22:37 - 2014-01-03 22:37 - 002958800 _____ (Hewlett-Packard ) C:\Users\Justin\AppData\Local\Temp\SP63752.exe

2014-02-15 22:20 - 2014-02-15 22:20 - 044799704 _____ (Hewlett-Packard ) C:\Users\Justin\AppData\Local\Temp\sp64126.exe

2014-01-03 16:32 - 2014-01-03 16:32 - 006748376 _____ (Hewlett-Packard Company ) C:\Users\Justin\AppData\Local\Temp\SP64215.exe

2014-02-17 19:30 - 2017-09-27 09:33 - 000172400 _____ (HP Inc.) C:\Users\Justin\AppData\Local\Temp\UninstallHPSA.exe



==================== Bamital & volsnap ======================



(There is no automatic fix for files that do not pass verification.)



C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



LastRegBack: 2018-07-14 20:01



==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018

Ran by Justin (15-07-2018 19:22:16)

Running from C:\Users\Justin\Downloads

Windows 8 (X64) (2013-01-27 01:49:01)

Boot Mode: Normal

==========================================================





==================== Accounts: =============================



Administrator (S-1-5-21-3716624157-4244700039-366356191-500 - Administrator - Disabled)

Guest (S-1-5-21-3716624157-4244700039-366356191-501 - Limited - Disabled)

Justin (S-1-5-21-3716624157-4244700039-366356191-1001 - Administrator - Enabled) => C:\Users\Justin



==================== Security Center ========================



(If an entry is included in the fixlist, it will be removed.)



AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG Antivirus (Enabled - Out of date) {C50510DE-367A-330C-FD5C-556ACFB11243}

AS: AVG Antivirus (Enabled - Out of date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}

AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Online Armor Firewall (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}



==================== Installed Programs ======================



(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)



64 Bit HP CIO Components Installer (HKLM\...\{D7C307E7-96A7-4BEE-ACF8-D795007E7C16}) (Version: 7.2.5 - Hewlett-Packard) Hidden

Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.124 - Lavasoft)

Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)

Amazon Unbox Video (HKLM-x32\...\{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com) Hidden

Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com)

Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)

Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)

AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.2.3046 - AVG Technologies)

Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Bradford Persistent Agent (HKLM-x32\...\{97FBB5BD-BCAD-4075-B87B-DD1DB9A70AB6}) (Version: 2.2.8.2 - Bradford Networks)

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 - CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Electronic Bluebook (HKLM-x32\...\{40555C58-DD49-467F-8EFF-8F0A21AA42A2}) (Version: 4.0.0.2 - CompuTest, LLC) Hidden

Electronic Bluebook (HKLM-x32\...\Electronic Bluebook) (Version: 4.0.0.2 - CompuTest, LLC)

Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)

Final Drive Fury (HKLM-x32\...\WTA-a81fc80a-efa3-4969-9b6c-ce1432505e19) (Version: 2.2.0.95 - WildTangent) Hidden

FlatOut 2 (HKLM-x32\...\WTA-e07c66b4-493a-450e-9ccb-6421d161f677) (Version: 2.2.0.98 - WildTangent) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.9 - Google Inc.) Hidden

Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-d266139f-67b9-4ebe-851c-eabe97dba166) (Version: 2.2.0.95 - WildTangent) Hidden

Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

Hoyle Card Games (HKLM-x32\...\WTA-28d4f934-306b-4277-a26e-3e73c4beb6b8) (Version: 2.2.0.95 - WildTangent) Hidden

HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)

HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)

HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)

HP Documentation (HKLM-x32\...\{A029F666-056B-4399-B72E-214C5990B684}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)

HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)

HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)

HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)

HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.6.18.11 - HP Inc.)

HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.9.24.3 - HP Inc.)

HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)

HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)

Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)

iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)

Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)

Jewel Match 3 (HKLM-x32\...\WTA-9eacce82-e2b4-4311-aa5e-53e0ba4a0d67) (Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (HKLM-x32\...\WTA-efb13e6d-a7f6-40cd-9cc5-f406ee77bc89) (Version: 2.2.0.95 - WildTangent) Hidden

Luxor Evolved (HKLM-x32\...\WTA-6e469c29-eb8a-48e8-bcbf-8a22a5e3b35f) (Version: 2.2.0.98 - WildTangent) Hidden

Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32\...\WTA-fad31e6c-2d22-4807-bc43-67767bfbc43c) (Version: 2.2.0.98 - WildTangent) Hidden

Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)

Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mortimer Beckett and the Crimson Thief Premium Edition (HKLM-x32\...\WTA-f2909193-dbfd-4fb3-bd54-c2932d60efed) (Version: 2.2.0.98 - WildTangent) Hidden

Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-cb937668-e2b3-4f75-9f3b-312a5cfdbe9b) (Version: 2.2.0.98 - WildTangent) Hidden

Online Armor 6.0 (HKLM-x32\...\OnlineArmor_is1) (Version: 6.0 - Emsisoft GmbH)

Peggle Nights (HKLM-x32\...\WTA-4ee324a0-e2db-479d-9446-aa9a0d14b93f) (Version: 2.2.0.98 - WildTangent) Hidden

Penguins! (HKLM-x32\...\WTA-2a2b2f0a-5bd2-4bdb-862b-bf712cbdb12f) (Version: 2.2.0.98 - WildTangent) Hidden

Pharos (HKLM-x32\...\Pharos) (Version: - )

Polar Bowler (HKLM-x32\...\WTA-bd345c11-581a-41a9-86c0-21abd9742e9f) (Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (HKLM-x32\...\WTA-0769eea8-52c3-4e9d-b4a1-99e29e899002) (Version: 2.2.0.98 - WildTangent) Hidden

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)

Roads of Rome 3 (HKLM-x32\...\WTA-d1981cdf-c034-498a-8cf8-916c6874e714) (Version: 2.2.0.98 - WildTangent) Hidden

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)

Tales of Lagoona (HKLM-x32\...\WTA-923a1603-7a90-40d4-8b6d-3a34429e5b0f) (Version: 2.2.0.110 - WildTangent) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Vacation Quest™ - Australia (HKLM-x32\...\WTA-e894d0d6-11d2-4d79-9b2e-0fcb9343094d) (Version: 2.2.0.98 - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Zuma's Revenge (HKLM-x32\...\WTA-41bf6164-726f-43ad-9ff4-ddd581bf2986) (Version: 2.2.0.98 - WildTangent) Hidden



==================== Custom CLSID (Whitelisted): ==========================



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-03-26] (AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-19] (Cyberlink)

ContextMenuHandlers1: [OnlineArmorShell] -> {4F07DA46-8170-4859-9B5F-037EF2970034} => C:\Program Files (x86)\Online Armor\OAevent64.dll [2013-10-16] (Emsisoft GmbH)

ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-19] (Cyberlink)

ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-08-21] (Intel Corporation)

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-03-26] (AVG Technologies CZ, s.r.o.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

ContextMenuHandlers6: [OnlineArmorShell] -> {4F07DA46-8170-4859-9B5F-037EF2970034} => C:\Program Files (x86)\Online Armor\OAevent64.dll [2013-10-16] (Emsisoft GmbH)



==================== Scheduled Tasks (Whitelisted) =============



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



Task: {09EC3DBE-EA18-4A57-B534-8DE5F4AE5BAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-07] (Adobe Systems Incorporated)

Task: {1523AEE1-AA63-40F7-A524-8532E55DD6FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-27] (HP Inc.)

Task: {280CF9A1-917D-4C33-8E3F-C33315B28BF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)

Task: {2A8EDDC4-ED68-45C2-9AF9-08BCA537DC63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-27] (HP Inc.)

Task: {4B953C40-0E56-4B29-BFDB-8F05B18DE609} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)

Task: {4EDBCE16-A545-4284-A8E5-EF8816FECF52} - System32\Tasks\{567C13E9-3647-43BC-BE1E-3EF7FDACFD08} => C:\Windows\system32\pcalua.exe -a C:\Users\Justin\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe -c /InstallType:USER

Task: {52EA0475-6662-4C4B-8B6A-EFFB3B1402EF} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-03-26] (AVG Technologies CZ, s.r.o.)

Task: {53F8A5F0-3D37-4F92-AB23-34EC85C8632A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {6AD1838B-EFD7-4E30-B449-C8FAA51FA0D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-09-27] (HP Inc.)

Task: {7017F790-8801-4B65-AB97-74A0554E0DFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)

Task: {7B8EB2E1-E73E-422E-A5BF-9B3B07FCE5AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)

Task: {88844F1C-148D-4526-B9A3-AD1986DF7844} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-11] (Hewlett-Packard Development Company, L.P.)

Task: {8C5822F8-9C64-4616-A9AB-5730699DD8F6} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe

Task: {B3FA1DF4-C13D-4577-BB0A-1089B5D6C70C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)

Task: {BFCFF81C-B259-4193-A370-9737687B2A47} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-07-07] (Adobe Systems Incorporated)

Task: {C137EEB6-A47C-4D7B-B3C4-45E42D65F3FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

Task: {C415F8FC-9D97-4078-B77D-2E1117EFBB46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)

Task: {CAE48042-49C4-4462-8234-D1459541A6CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.)

Task: {DCB4D8FB-76D2-4F16-AFA4-31150DC127D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)

Task: {E1A69560-B9F7-43EC-AAC7-FBBB6E633800} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-27] (HP Inc.)

Task: {F4F8C09B-73FE-4AE9-AF2A-B7DC1A23D304} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)



(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)





==================== Shortcuts & WMI ========================



(The entries could be listed to be restored or removed.)





==================== Loaded Modules (Whitelisted) ==============



2015-12-18 01:38 - 2015-12-18 01:38 - 000085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-12-18 01:38 - 2015-12-18 01:38 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2018-07-07 14:58 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000722672 _____ () c:\Program Files\AVG\Antivirus\x64\vaarclient.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000913136 _____ () C:\Program Files\AVG\Antivirus\x64\ffl2.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000342768 _____ () c:\Program Files\AVG\Antivirus\x64\StreamBack.dll

2012-07-30 15:10 - 2012-07-30 15:10 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000289008 _____ () C:\Program Files\AVG\Antivirus\streamback.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000281328 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll

2018-07-07 14:08 - 2018-07-07 14:08 - 005839088 _____ () C:\Program Files\AVG\Antivirus\defs\18070702\algo.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000758000 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000965872 _____ () C:\Program Files\AVG\Antivirus\shepherdsync.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 000476400 _____ () C:\Program Files\AVG\Antivirus\gui_cache.dll

2013-08-19 23:20 - 2012-06-08 05:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2018-03-26 18:35 - 2018-03-26 18:35 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll

2012-09-11 23:24 - 2012-06-25 20:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll



==================== Alternate Data Streams (Whitelisted) =========



==================== Safe Mode (Whitelisted) ===================



(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)



HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"



==================== Association (Whitelisted) ===============



(If an entry is included in the fixlist, the registry item will be restored to default or removed.)





==================== Internet Explorer trusted/restricted ===============



(If an entry is included in the fixlist, it will be removed from the registry.)





==================== Hosts content: ===============================



(If needed Hosts: directive could be included in the fixlist to reset Hosts.)



2012-07-26 07:26 - 2018-07-07 15:51 - 000000834 _____ C:\Windows\system32\Drivers\etc\hosts





==================== Other Areas ============================



(Currently there is no automatic fix for this section.)



HKU\S-1-5-21-3716624157-4244700039-366356191-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\Svinoya_Sunset.jpg

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is disabled.



==================== MSCONFIG/TASK MANAGER disabled items ==



HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"

HKLM\...\StartupApproved\Run: => "SysTrayApp"

HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"

HKLM\...\StartupApproved\Run32: => "HP Quick Launch"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "Ad-Aware Browsing Protection"

HKU\S-1-5-21-3716624157-4244700039-366356191-1001\...\StartupApproved\Run: => "Dropbox Update"



==================== FirewallRules (Whitelisted) ===============



(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



FirewallRules: [{57DEA401-29EF-494E-A7D8-A1A5FD8FB2E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{0FED0097-013A-4337-A648-F67AAC01B840}] => (Allow) LPort=2869

FirewallRules: [{578F4212-90F0-40F4-A16D-E27B82093732}] => (Allow) LPort=1900

FirewallRules: [{25E8E181-CCD6-4C91-BC0A-FF152F3F1653}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe

FirewallRules: [{B0F6E075-464E-46DA-9680-233D7DDC7757}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

FirewallRules: [{577EAEA3-6DC1-45A9-9CC8-6A2A4187B669}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe

FirewallRules: [{9A23B253-B624-44CD-A165-C3B2BD91B8CA}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe

FirewallRules: [{F90D3560-11C4-4D12-914B-9CFEEE9EB0A2}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe

FirewallRules: [{7722C9E4-DFB4-4062-825D-41589DA9871A}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe

FirewallRules: [{84AF9BBF-6632-4AC1-9824-E8D822EBE2C2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{5B1D3875-FE94-46A8-A859-050884E4CC8F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{DB881A09-84B8-4EA7-8C4A-AEFF05668474}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{6AC68E72-6E6E-49ED-90E3-79BA56B37E30}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe

FirewallRules: [{15F4C0BA-BA8D-4C30-A701-0B18C6641D15}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe

FirewallRules: [{FE579E1E-C2FE-4D2D-A3F9-C21E992CA5D8}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe

FirewallRules: [{BFEA9FD4-6680-4AA5-A73A-C161A918FA33}] => (Allow) C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe

FirewallRules: [{3A74DBA8-1E72-4D67-ACA5-4245034B30F7}] => (Allow) C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{4C042606-FCD0-4437-8C87-50391C9BB991}] => (Allow) C:\Users\Justin\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{1E37BB6F-101D-4266-A19A-CDA0E3101E41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{4FBD4411-68B9-49C1-B89C-529213E73F1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{01CF8892-CD2E-4E3C-A925-5950FA31D4F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E9543CC6-61E1-45DE-ACCE-5D3F6CEDDE21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{CD4FA051-3DF3-431A-A869-D439AADDA95E}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{E8F77776-0A68-4BD9-8CA6-0BB420686AF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



==================== Restore Points =========================



09-05-2016 19:07:26 Windows Update

26-03-2018 19:07:39 Installed HP Support Assistant

07-07-2018 14:06:29 Windows Update

14-07-2018 20:01:14 Windows Update



==================== Faulty Device Manager Devices =============



Name: USB-IF xHCI USB Host Controller

Description: USB-IF xHCI USB Host Controller

Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}

Manufacturer: Intel Corporation

Service: XHCIPort

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver



Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter

Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Intel Corporation

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.





==================== Event log errors: =========================



Application errors:

==================

Error: (07/15/2018 07:16:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 80674579



Error: (07/15/2018 07:16:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 80674579



Error: (07/15/2018 07:16:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second



Error: (07/07/2018 05:43:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15547



Error: (07/07/2018 05:43:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15547



Error: (07/07/2018 05:43:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second



Error: (07/07/2018 03:28:43 PM) (Source: Perflib) (EventID: 1023) (User: )

Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.



Error: (07/07/2018 03:26:25 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x521e80f5

Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x521e7ff7

Exception code: 0xc0000005

Fault offset: 0x0000000000026570

Faulting process id: 0xdb0

Faulting application start time: 0x01d415f5f930bb31

Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

Faulting module path: C:\Program Files\Intel\WiFi\bin\MurocApi.dll

Report Id: 589e797d-81e9-11e8-bebc-e506f3ec907c

Faulting package full name:

Faulting package-relative application ID:





System errors:

=============

Error: (07/15/2018 07:17:38 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)

Description: 0xc000014d0



Error: (07/07/2018 05:24:41 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)

Description: 0xc000014d0



Error: (07/07/2018 05:24:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has stopped unexpectedly.



Module Path: C:\Windows\System32\IWMSSvc.dll



Error: (07/07/2018 05:13:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB3037575).



Error: (07/07/2018 05:12:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2968295).



Error: (07/07/2018 05:11:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Windows 8 for x64-based Systems (KB2977292).



Error: (07/07/2018 05:09:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Security Update for Windows 8 for x64-based Systems (KB3030377).



Error: (07/07/2018 05:09:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 8 for x64-based Systems (KB2955163).





Windows Defender:

===================================

Date: 2016-02-21 20:57:32.461

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {C3391186-AA7F-4351-B4B7-0EE98496597D}

Scan Type: Antimalware

Scan Parameters: Quick Scan



Date: 2015-04-30 20:47:00.908

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {F11FC287-A28B-49E8-9418-D0B7D4533E5A}

Scan Type: Antimalware

Scan Parameters: Quick Scan



Date: 2014-04-25 14:42:04.998

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {27FA4003-AC50-431A-AB8B-629FE043A6CD}

Scan Type: Antimalware

Scan Parameters: Quick Scan



Date: 2014-04-25 14:27:59.293

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {0842E7C2-CA04-43DA-AEFB-1980907F0FE9}

Scan Type: Antimalware

Scan Parameters: Quick Scan



Date: 2014-04-23 05:28:30.087

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {F7A13292-EED1-49A3-A4B4-FAF75A40C06D}

Scan Type: Antimalware

Scan Parameters: Quick Scan



Date: 2018-03-26 18:31:10.893

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version: 1.263.1173.0

Previous Signature Version: 1.221.606.0

Update Source: User

Signature Type: AntiSpyware

Update Type: Full

Current Engine Version: 1.1.14600.4

Previous Engine Version: 1.1.12804.0

Error code: 0x80509004

Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.



Date: 2018-03-26 18:31:10.893

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version: 1.263.1173.0

Previous Signature Version: 1.221.606.0

Update Source: User

Signature Type: AntiVirus

Update Type: Full

Current Engine Version: 1.1.14600.4

Previous Engine Version: 1.1.12804.0

Error code: 0x80509004

Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.



Date: 2018-03-26 18:31:10.893

Description:

Windows Defender has encountered an error trying to update the engine.

New Engine Version: 1.1.14600.4

Previous Engine Version: 1.1.12804.0

Error Code: 0x80509004

Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.



Date: 2018-03-26 18:28:24.903

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.221.606.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.12804.0

Error code: 0x80244022

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.



Date: 2018-03-26 18:24:33.526

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.221.606.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.12804.0

Error code: 0x8024001e

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.



==================== Memory info ===========================



Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz

Percentage of memory in use: 26%

Total physical RAM: 6037.96 MB

Available physical RAM: 4413.3 MB

Total Virtual: 6997.96 MB

Available Virtual: 5488.7 MB



==================== Drives ================================



Drive c: () (Fixed) (Total:672.07 GB) (Free:606.09 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:25.79 GB) (Free:2.96 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: () (Fixed) (Total:7.45 GB) (Free:7.26 GB) FAT32



\\?\Volume{75d988db-129f-4f20-afa0-e40de626987c}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.15 GB) NTFS



==================== MBR & Partition Table ==================



========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: EB24C640)



Partition: GPT.



========================================================

Disk: 1 (Size: 7.5 GB) (Disk ID: 38382A51)

Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)



==================== End of Addition.txt ============================
Anathema
Active Member
 
Posts: 3
Joined: July 7th, 2018, 10:35 am

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby mAL_rEm018 » July 15th, 2018, 2:46 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello Anathema,

Welcome to Malware Removal! My name is mAL_rEm018, but feel free to call me mAL. I will be helping you with your malware related problems :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

I am currently reviewing your logs and will return as soon as possible, with additional instructions. In the meantime I would like you to read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby mAL_rEm018 » July 15th, 2018, 2:53 pm

Hello Anathema,

Is this computer used for any type of business purposes, and is it or has it ever been connected to an educational network?
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby Anathema » July 15th, 2018, 6:14 pm

No worries re: any personal files--nothing there for now. I had Dropbox uninstalled after I noticed it wasn't updating properly (I wonder if this was caused by any potential virus?)

The computer isn't used for business purposes but once used wifi at a university in the US. I did take some law school exams on the laptop (hence the Electronic Bluebook mentions above, I think).
Anathema
Active Member
 
Posts: 3
Joined: July 7th, 2018, 10:35 am

Re: Potential Virus (Task Manager Missing from CTRL ALT DELE

Unread postby mAL_rEm018 » July 15th, 2018, 7:08 pm

Connected to Educational Network

I see you are posting for help for a computer connected to an "Educational" Network.

May I draw your attention to ALL USERS OF THIS FORUM MUST READ THIS FIRST topic, which you should have read before posting for help. The section here, explains why we do not offer help for such computers.

This topic is now closed
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 125 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware