Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Laptop Strucks for a while and doesn't respond

Started by koolsam , Feb 14 2019 04:27 AM

Please log in to reply

9 replies to this topic

#1 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 04:27 AM

I Use a Windows 10 32 bit Os.For the last few days my system strucks for a while and has to restart to run again Also the DVD drive strucks and doesn't open

I am Attaching the Logs of Malware bytes,FBAR and Security Scan

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/14/19
Scan Time: 2:03 PM
Log File: 2b7d1a3a-3033-11e9-a937-5453ed271987.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.527
Update Package Version: 1.0.9260
License: Expired

-System Information-
OS: Windows 10 (Build 17763.316)
CPU: x86
File System: NTFS
User: SAMRAT-VAIO\Samrat

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 217596
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 24 min, 29 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

#2 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 04:28 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-02-2019
Ran by Samrat (administrator) on SAMRAT-VAIO (14-02-2019 15:40:21)
Running from C:\Users\Samrat\Downloads\Programs
Loaded Profiles: Samrat (Available Profiles: Samrat)
Platform: Microsoft Windows 10 Pro Version 1809 17763.316 (X86) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows ® Win 7 DDK provider) C:\Program Files\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Atheros) C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Nero AG) C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(eVenture Limited) C:\Program Files\hide.me VPN\hidemesvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(eVenture Limited) C:\Program Files\hide.me VPN\Hide.me.exe
(Corel Corporation) C:\Program Files\WinZip\WinZip Smart Monitor\WinZipCompressionSmartMonitor.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm®Atheros®) C:\Program Files\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
() C:\Program Files\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nero AG) C:\Program Files\Nero\Nero 2018\Nero BackItUp\BackItUp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
(BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
(© 2015 Microsoft Corporation) C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe
( ) C:\Program Files\VJoy\VJoy.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.5.5_44994\utorrentie.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Users\Samrat\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\FileCoAuth.exe
() C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\Sony\VAIO Care\listener.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1709312 2017-10-23] (Corel Corporation -> WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [117760 2017-10-23] (WinZip Computing, S.L.) [File not signed]
HKLM\...\Run: [Nero BackItUp] => C:\Program Files\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1162104 2017-12-15] (Nero AG -> Nero AG)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3531952 2015-09-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Dolby Advanced Audio v2] => C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [126592 2014-04-02] (Qualcomm Atheros -> Qualcomm®Atheros®)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [uTorrent] => C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-16] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [BingSvc] => C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [VJoy] => C:\Program Files\VJoy\VJoy.exe [122880 2012-10-15] ( )
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [BlueStacks Agent] => C:\Program Files\Bluestacks\HD-Agent.exe [171576 2017-11-29] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5933552 2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4113520 2018-03-30] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-27] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-02] (Qualcomm Atheros -> Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-02] (Qualcomm Atheros -> Qualcomm®Atheros®)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor (1).lnk [2015-08-24]
ShortcutTarget: HP Digital Imaging Monitor (1).lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> X:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes (1).lnk [2017-09-14]
ShortcutTarget: RealTimes (1).lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-09-14]
ShortcutTarget: RealTimes.lnk -> X:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (No File)
Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2019-02-14]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files\hide.me VPN\Hide.me.exe (eVenture Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{23BAAE18-83C7-4897-8C60-E5265461F646}: [DhcpNameServer] 46.166.179.49 46.166.179.51
Tcpip\..\Interfaces\{30a954a8-dd89-4144-9adf-b72466ce5f0c}: [DhcpNameServer] 123.176.37.37 202.53.8.9
Tcpip\..\Interfaces\{4EDF9EDD-C3A4-4A2A-80C2-DA793530E2AE}: [DhcpNameServer] 109.201.137.40 109.201.137.42
Tcpip\..\Interfaces\{62eb4a9e-0e81-4bcb-8cc7-3cf3df8f503d}: [NameServer] 1.1.1.1 1.0.0.1
Tcpip\..\Interfaces\{62eb4a9e-0e81-4bcb-8cc7-3cf3df8f503d}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{6f622276-a9a8-4ebb-b4f7-1c3eb8d50739}: [DhcpNameServer] 192.168.31.1

Internet Explorer:
==================
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180525__yaie
SearchScopes: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180525__yaie&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-12-14] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-12-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: smsg44jf.default
FF ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\smsg44jf.default [2019-02-14]
FF NewTab: Mozilla\Firefox\Profiles\smsg44jf.default -> hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180525__yaff
FF Session Restore: Mozilla\Firefox\Profiles\smsg44jf.default -> is enabled.
FF SearchPlugin: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\smsg44jf.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-25]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20]
FF HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2018-02-28]
FF HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2018-04-26] [Legacy] [not signed]
FF HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-27] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-02-01] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default [2019-02-11]
CHR Extension: (Slides) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Docs) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Google Drive) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-01]
CHR Extension: (YouTube) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-27]
CHR Extension: (MySmartPrice) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bofbpdmkbmlancfihdncikcigpokmdda [2018-03-04]
CHR Extension: (DownAlbum) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2019-02-10]
CHR Extension: (Google Search) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-17]
CHR Extension: (Sheets) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Google Docs Offline) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-25]
CHR Extension: (Price Tracker - Auto Buy, Price History) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegbjcdehgihjohghnmdpebepnoalode [2019-02-10]
CHR Extension: (IDM Integration Module) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-02-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-10]
CHR Profile: C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-09]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-03-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files\Bluetooth Suite\AdminService.exe [275072 2013-11-28] (Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed]
S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [7010976 2019-01-28] (Microsoft Corporation -> Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [300120 2017-03-10] (Intel® pGFX -> Intel Corporation)
R2 hmevpnsvc; C:\Program Files\hide.me VPN\hidemesvc.exe [136864 2019-01-03] (eVenture Limited -> eVenture Limited)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [795000 2017-11-27] (Nero AG -> Nero AG)
R2 NeroBackItUpBackgroundService2018; C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG -> Nero AG)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [37104 2017-08-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [989912 2017-09-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3593264 2019-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files\Lenovo\SHAREit\SHAREit.Service.exe [33224 2016-04-15] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [218784 2015-09-03] (Synaptics Incorporated -> Synaptics Incorporated)
S2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [4677904 2017-02-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [57944 2013-08-09] (Sony Corporation -> Sony Corporation)
S2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [869464 2013-07-03] (Sony Corporation -> Sony Corporation)
S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [48872 2016-03-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [3378760 2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [91760 2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [448256 2017-09-01] (Corel Corporation -> )
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
R2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=10000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\%C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AthBTPort; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [80680 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
R3 athr; C:\WINDOWS\System32\drivers\athw8.sys [3228672 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2017-11-29] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 BTATH_A2DP; C:\WINDOWS\system32\drivers\btath_a2dp.sys [295208 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
R3 btath_avdt; C:\WINDOWS\system32\drivers\btath_avdt.sys [102184 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BTATH_RCP; C:\WINDOWS\System32\drivers\btath_rcp.sys [120616 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
S3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [417576 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [521248 2016-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2014-12-21] (Elaborate Bytes AG -> Elaborate Bytes AG)
R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [69064 2018-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [23040 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [3787392 2017-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [364504 2014-02-20] (Intel Corporation - Software and Firmware Products -> Intel® Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [230120 2019-02-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MEI; C:\WINDOWS\System32\drivers\HECI.sys [55104 2012-07-18] (Intel Corporation -> Intel Corporation)
R3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1824256 2018-09-15] (Microsoft Windows -> MediaTek Inc.)
S3 RSPCIESTOR; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [298736 2015-10-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [754456 2015-05-04] (Realtek Semiconductor Corp -> Realtek )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [192512 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [37024 2015-12-09] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [22728 2017-10-29] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-02-21] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38504 2019-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [268792 2019-01-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47608 2019-01-25] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [192512 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 15:39 - 2019-02-14 15:40 - 000000000 ____D C:\FRST
2019-02-13 18:19 - 2019-02-02 04:01 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-02-13 18:19 - 2019-02-02 04:01 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-02-13 18:17 - 2019-02-13 18:17 - 000230120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-13 17:23 - 2019-02-13 17:23 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 002449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-13 17:23 - 2019-02-13 17:23 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x40.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 17:23 - 2019-02-13 17:23 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-13 17:23 - 2019-02-13 17:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-13 17:23 - 2019-02-13 17:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 17:23 - 2019-02-13 17:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-13 17:23 - 2019-02-13 17:23 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 020655544 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 006901048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 004006912 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 003500544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 002782208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 002701312 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 002174264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 002137912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 002038608 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001725440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001357528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 17:22 - 2019-02-13 17:22 - 001344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 001094440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 17:22 - 2019-02-13 17:22 - 001012224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000994272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000981304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000841528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000806560 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 17:22 - 2019-02-13 17:22 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000442384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000394552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000393064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000365368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000348632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000331592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000331576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 17:22 - 2019-02-13 17:22 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000199696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000106512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000101944 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-13 17:22 - 2019-02-13 17:22 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 000038712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 17:22 - 2019-02-13 17:22 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 004762600 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 004016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 003279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 002843648 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 002053944 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001871872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001573888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-13 17:21 - 2019-02-13 17:21 - 000652320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000539664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-13 17:21 - 2019-02-13 17:21 - 000513064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000497680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000277536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000237072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000156680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-13 17:21 - 2019-02-13 17:21 - 000124432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000096776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000054248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 17:21 - 2019-02-13 17:21 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 17:21 - 2019-02-13 17:21 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-05 21:58 - 2019-02-05 21:58 - 000000000 ____D C:\Users\Samrat\AppData\Local\OneDrive
2019-02-04 10:30 - 2019-02-04 10:30 - 000000954 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-02-04 10:30 - 2019-02-04 10:30 - 000000906 _____ C:\Users\Samrat\Desktop\Start Tor Browser.lnk
2019-02-04 10:28 - 2019-02-04 10:29 - 000000000 ____D C:\Users\Samrat\Desktop\Tor Browser
2019-01-31 11:04 - 2019-01-31 11:04 - 000000000 ___HD C:\OneDriveTemp
2019-01-30 09:30 - 2019-01-30 09:30 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-30 09:00 - 2019-02-14 09:18 - 000000000 ____D C:\Users\Samrat\AppData\LocalLow\uTorrent
2019-01-21 23:12 - 2019-01-21 23:12 - 000001890 _____ C:\Users\Public\Desktop\WinZip.lnk
2019-01-21 19:02 - 2018-12-21 07:46 - 000527681 _____ C:\Users\Samrat\Downloads\VRO-Result-Notification-for-Certificate-Verification20122018.pdf
2019-01-16 10:59 - 2019-01-16 10:59 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-16 10:59 - 2019-01-16 10:59 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-16 10:59 - 2019-01-16 10:59 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-16 10:59 - 2019-01-16 10:59 - 001206784 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-16 10:59 - 2019-01-16 10:59 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-16 10:59 - 2019-01-16 10:59 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-16 10:59 - 2019-01-16 10:59 - 000098616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-16 10:58 - 2019-01-16 10:58 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-16 10:58 - 2019-01-16 10:58 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 15:44 - 2015-08-22 23:05 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\uTorrent
2019-02-14 15:41 - 2018-09-15 10:40 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-14 15:40 - 2016-11-19 10:20 - 000000000 ____D C:\Users\Samrat\AppData\LocalLow\Mozilla
2019-02-14 14:09 - 2015-08-23 22:51 - 000000000 ____D C:\Users\Samrat\Downloads\Compressed
2019-02-14 14:01 - 2015-08-23 22:51 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\DMCache
2019-02-14 10:46 - 2015-08-23 22:51 - 000000000 ____D C:\Users\Samrat\Downloads\Video
2019-02-14 09:54 - 2016-11-25 18:24 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\Hide.me
2019-02-14 09:23 - 2015-08-23 21:09 - 000000000 ___RD C:\Users\Samrat\OneDrive
2019-02-14 09:18 - 2018-10-03 17:07 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-14 09:18 - 2018-09-15 10:39 - 000000000 ____D C:\WINDOWS\INF
2019-02-13 23:19 - 2018-06-24 20:19 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-02-13 23:19 - 2018-06-24 20:19 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-02-13 20:43 - 2016-11-18 22:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-13 20:43 - 2015-08-23 21:28 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-02-13 19:23 - 2018-10-03 16:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-13 18:20 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-13 18:20 - 2018-05-03 21:19 - 000000000 ____D C:\Users\Samrat\AppData\Local\HTC MediaHub
2019-02-13 18:20 - 2015-09-22 20:05 - 000000000 ___RD C:\Users\Samrat\3D Objects
2019-02-13 18:20 - 2015-08-22 22:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-13 18:18 - 2018-10-03 16:40 - 000446864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-13 18:16 - 2018-10-03 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-13 18:15 - 2018-09-15 09:38 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-02-13 18:13 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-13 18:13 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-13 18:13 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-13 18:13 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-13 18:13 - 2018-09-15 09:38 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-13 18:12 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-13 18:12 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-13 18:12 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-13 17:26 - 2018-09-15 10:32 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 17:22 - 2013-08-22 13:52 - 000408344 __RSH C:\bootmgr
2019-02-13 17:15 - 2015-08-23 06:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 17:00 - 2015-08-23 06:54 - 126228304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-13 10:26 - 2018-09-15 10:40 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-12 20:42 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-11 18:50 - 2018-10-03 16:47 - 000000000 ____D C:\Users\Samrat
2019-02-11 18:46 - 2015-08-23 21:47 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\vlc
2019-02-11 17:13 - 2016-05-01 14:27 - 000000000 ____D C:\Users\Samrat\OneDrive\Documents\NFS Most Wanted
2019-02-10 08:41 - 2018-11-29 18:13 - 000000000 ____D C:\Program Files\hide.me VPN
2019-02-10 08:29 - 2017-06-15 09:59 - 000000000 ____D C:\Program Files\CCleaner
2019-02-09 19:57 - 2015-08-23 22:51 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\IDM
2019-02-09 12:37 - 2018-07-11 14:19 - 000000000 ____D C:\ProgramData\Packages
2019-02-09 08:50 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-08 09:49 - 2018-10-03 16:47 - 000002411 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-04 18:18 - 2018-09-15 10:40 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-04 16:06 - 2015-08-24 09:19 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-30 10:46 - 2018-05-25 16:30 - 000000000 ____D C:\Users\Samrat\AppData\Local\D3DSCache
2019-01-28 17:37 - 2016-11-25 18:24 - 000001056 _____ C:\Users\Public\Desktop\hide.me VPN.lnk
2019-01-28 17:37 - 2016-11-25 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2019-01-27 21:49 - 2017-08-22 17:56 - 000012650 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2019-01-25 17:04 - 2017-10-29 15:41 - 000000000 ____D C:\Users\Samrat\AppData\Local\Packages
2019-01-25 13:20 - 2018-11-25 14:59 - 000000000 ____D C:\Users\Samrat\Downloads\New folder
2019-01-25 12:41 - 2018-02-25 16:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-22 21:49 - 2018-10-02 13:54 - 000129248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-01-22 12:14 - 2018-07-11 09:37 - 000002297 _____ C:\Users\Samrat\Desktop\Duplicate File Remover.lnk
2019-01-22 11:09 - 2015-08-22 22:19 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\Adobe
2019-01-22 10:58 - 2015-08-24 09:52 - 000000000 ____D C:\Users\Samrat\AppData\Local\Adobe
2019-01-22 08:48 - 2018-03-12 23:03 - 000000000 ____D C:\Users\Samrat\AppData\Roaming\Umeng
2019-01-21 23:13 - 2015-08-23 22:06 - 000000000 ____D C:\ProgramData\WinZip
2019-01-21 23:12 - 2018-07-11 18:25 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2019-01-21 23:12 - 2018-07-11 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\W

#3 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 04:29 AM

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-02-2019
Ran by Samrat (14-02-2019 15:45:51)
Running from C:\Users\Samrat\Downloads\Programs
Microsoft Windows 10 Pro Version 1809 17763.316 (X86) (2018-10-03 11:58:43)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3818488324-2291645803-3957952478-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3818488324-2291645803-3957952478-503 - Limited - Disabled)
Guest (S-1-5-21-3818488324-2291645803-3957952478-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3818488324-2291645803-3957952478-1005 - Limited - Enabled)
Samrat (S-1-5-21-3818488324-2291645803-3957952478-1001 - Administrator - Enabled) => C:\Users\Samrat
WDAGUtilityAccount (S-1-5-21-3818488324-2291645803-3957952478-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
BlueStacks 3 (HKLM\...\BlueStacks) (Version: 3.52.66.1905 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Cheat Engine 6.7 (HKLM\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Citrix Receiver 4.6 (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
Dolby Advanced Audio v2 (HKLM\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dolby PCEE Drivers (HKLM\...\{18DAA9E2-43BC-46CD-868F-13C3C61D6474}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Duplicate File Remover (HKLM\...\{5AFA81C6-6DE9-49b0-B2C1-D53763632D59}_is1) (Version: 3.10 - Essential Data Tools)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
hide.me VPN 2.1.2 (HKLM\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 2.1.2 - eVenture Limited)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.88.3 - HTC)
IDM Crack 6.29 build 1 (HKLM\...\IDM Crack 6.29 build 1) (Version: 6.29 build 2 - Crackingpatching.com Team)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 65.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 65.0.1 (x86 en-US)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1.6981 - Mozilla)
Nero 2018 (HKLM\...\{DB8EF13D-AD5C-4893-BB41-BD010964E730}) (Version: 19.0.10200 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Online Plug-in (HKLM\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
Prerequisite installer (HKLM\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (HKLM\...\{A76CC483-4AAB-4DDF-9920-ADBEA8CCDBA2}) (Version: 8.0.1.320 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.31 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Self-service Plug-in (HKLM\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
SHAREit (HKLM\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 4.0.15 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24112}) (Version: 22.0.12663 - Corel Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.WinZipExpressForOffice.dll ()
ShellIconOverlayIdentifiers: [           IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-03-30] (Tonec Inc. -> Tonec Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-04-02] (Qualcomm Atheros -> Qualcomm®Atheros®)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2017-10-23] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-04-02] (Qualcomm Atheros -> Qualcomm®Atheros®)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2017-10-23] (Corel Corporation -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2017-10-23] (Corel Corporation -> WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0911C80E-87CE-4441-8865-4FF927B85348} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0E6182B5-0B0F-4071-8058-7C1AC7007336} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1A305368-2A6F-4F41-9CCE-4F604E43CD84} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {222F2471-7A26-4700-84D7-F9656D14ED76} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {23CC4378-3177-4C6D-84F7-D6997F684673} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {27485152-9317-44B3-B6B2-E9774C8767A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3597401B-1A96-40F7-92A0-FF8FE27FBE16} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {3C2EA690-BBFA-442A-A20D-A150FEE17ED7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {464771FA-37AF-4559-880E-7A76BAF2008D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {48A38427-1B52-4BDA-9437-9455EBFB6CCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {5011AB70-2F06-4DB4-8964-CDC180DC234F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {50521A19-055A-459D-97D8-738F7B3B3E3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {57DD7721-FEC1-4CB3-976F-26EE7A407C24} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5B7FCB62-B5F7-4B2A-B875-F074848208E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5E0ECEFA-D9BF-41C2-BEF8-368832EEF3DE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {631E65C7-88DC-49A4-95A4-778684094D45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {68270457-A075-4DE0-8E30-C61462150DD9} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Tweaking LLC -> Tweaking.com)
Task: {6F818FD1-0EBE-43F5-B02E-56D282ADFBAA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {76A80CD1-CBBC-4CF8-AF8D-02AD2D24F28F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7A6D5DC6-7CFE-41D3-8E37-656B9A701735} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7E409125-ABD8-411D-9B02-7AF70D3834B8} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-samratpv@gmail.com => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {81ACC0C0-9C15-4D47-A74A-FBBA1949F247} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9BCEFF11-0022-417E-AA0A-14F0C9EB4E00} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BF81CE9F-624A-432E-A7EA-30D7BA24982E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files\AVG Driver Updater\AVG Driver Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-09-15 10:36 - 2018-09-15 10:36 - 000591840 _____ () C:\Windows\System32\InputHost.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2018-10-02 13:54 - 2019-01-22 21:49 - 002234688 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-01 16:45 - 2017-09-01 16:45 - 000448256 _____ () C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
2017-11-02 08:23 - 2017-11-02 08:23 - 000030720 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2017-11-02 08:23 - 2017-11-02 08:23 - 000607016 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2017-11-02 08:23 - 2017-11-02 08:23 - 000059392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2017-11-02 08:23 - 2017-11-02 08:23 - 000035864 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2017-11-02 08:24 - 2017-11-02 08:24 - 000079888 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2017-11-02 08:25 - 2017-11-02 08:25 - 000129016 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2017-11-02 08:26 - 2017-11-02 08:26 - 000223240 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2018-11-29 18:13 - 2018-08-18 13:57 - 000172032 _____ () C:\Program Files\hide.me VPN\nfapi.DLL
2018-09-15 10:36 - 2018-09-15 10:36 - 000316416 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001799680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-03-16 11:25 - 2017-10-21 09:57 - 008928952 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2019-02-13 17:22 - 2019-02-13 17:22 - 001283584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 11:59 - 2018-09-15 11:59 - 000008192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 000053760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 000013312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 006905856 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\LibWrapper.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 001983488 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\skypert.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 000544256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\RtmMvrUap.dll
2019-01-31 11:19 - 2019-01-31 11:20 - 000157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-02-13 10:25 - 2019-02-13 10:25 - 005703168 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\YourPhone.exe
2019-02-13 10:25 - 2019-02-13 10:25 - 002064896 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-02-13 10:25 - 2019-02-13 10:25 - 000216576 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\AppConfig.dll
2018-10-31 20:15 - 2018-10-31 20:16 - 000662528 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-02-13 10:25 - 2019-02-13 10:25 - 002737664 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20388.0_x86__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2014-04-02 02:15 - 2014-04-02 02:15 - 000009216 _____ () C:\Program Files\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-02 02:11 - 2014-04-02 02:11 - 000072704 _____ () C:\Program Files\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-02 02:27 - 2014-04-02 02:27 - 000011904 _____ () C:\Program Files\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2017-03-10 01:27 - 2017-03-10 01:27 - 000112264 _____ () C:\Windows\System32\IccLibDll.dll
2018-04-30 16:50 - 2018-04-30 16:50 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2019-01-22 10:59 - 2019-01-22 10:59 - 000436744 _____ () C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
2019-02-01 13:04 - 2019-02-01 13:05 - 000481792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-01 13:04 - 2019-02-01 13:05 - 068541952 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-16 14:19 - 2019-01-16 14:20 - 000009728 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-06 21:31 - 2017-10-06 21:34 - 002366464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-01 13:04 - 2019-02-01 13:05 - 003317248 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-02-01 13:04 - 2019-02-01 13:05 - 009148416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 13:04 - 2019-02-01 13:04 - 001766400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 11:27 - 2018-08-31 11:28 - 000645120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 11:08 - 2018-07-27 11:08 - 003565056 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-01 13:04 - 2019-02-01 13:05 - 000070656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2019-02-01 13:04 - 2019-02-01 13:05 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\ImageDecoding.dll
2019-02-01 13:04 - 2019-02-01 13:05 - 000104448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x86__8wekyb3d8bbwe\SKU.dll
2013-03-26 11:44 - 2013-03-26 11:44 - 000062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Samrat\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Add-in Express:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Bluetooth Folder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\EasyDuplicateFinder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\HTC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Max Payne 2 Savegames:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\My Cheat Tables:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\NFS Most Wanted:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Square Enix:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Visual Studio 2015:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 11:43 - 2019-02-14 09:54 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-04-14 23:28 - 2017-11-23 21:16 - 000000442 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samrat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{f8a2ac0d-54d0-4705-8451-1f1d4e59f98a}.jpg
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "persistence module"
HKLM\...\StartupApproved\Run: => "TkBellExe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FBD3AFDD-27C6-47B0-AEDF-07354A077FFE}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{6A73D4BA-5799-493B-A093-A7316B575D6A}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{7213E6E2-FC90-437B-A343-D4D15B76EA81}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{AF9299D8-2C42-4981-9D49-C926D9B1BE3E}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{F0BD46DD-5D20-4929-8FE1-8B7F15160229}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{67A3A157-8992-4ED8-A0F6-50022AA78D01}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{E8EB1E34-D0D9-43D5-B686-C7622FDDD6BC}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{D3C16D24-FB09-48ED-BB69-0DE7B92A08CF}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{69FDB7C4-6BC8-4B9A-94E7-5E82DB21FCDE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{89F4E1C1-3593-4FDA-B4CD-CA29DA1112FC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{41F40C1A-766C-4A0D-89EC-51F78F406A9A}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{8234CAF5-4965-4CEF-9E5A-1CE0AD0F18C6}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{2D392A16-64FB-4B57-9F8C-35B298E288F3}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{DF3841E8-48F3-4253-BF85-6B4C4F3401CE}] => (Allow) C:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5FA4755-E6E2-4C87-BFD8-9CE71E4C87CA}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7C0C949E-4CB5-4D33-856D-22ACA6B562B4}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF46814C-78EE-4BEB-81C9-A730E95355B3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7121003F-E599-401E-9E7B-1D93FC98B180}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CECA1E50-BB5A-41C5-8377-C37F6A24D4CE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{473DFCA6-2116-4D16-BF50-F869B11E614F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{C5AD6301-C1A5-412B-9620-DA478C241939}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{DD790BDB-E65E-46F0-B78F-ACEC0A9B7AE1}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{C5AC8F28-07A7-41B8-9CB9-B8515124411D}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{DBA60778-C29E-479E-ACA5-C3343D668A22}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7C40F960-5EAE-4340-8846-A27FFCBD8F00}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{95DA2560-D909-4BE0-A746-90AFA7722A1A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{712667D5-FACF-4A0A-A0E7-39BEFD82DECC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3CA4057F-84CC-4463-8B68-73329E6596C0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{34552FD6-EA9F-4855-B86C-6CE3783C9769}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D81E53DC-453D-4B6E-B924-D8B0DFE4B29A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1EEBA177-AFF5-48CB-8F07-C1678238265D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FDC1DACD-6BD4-4ACD-9D89-A8CF736DAECA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{682950A2-197B-4156-B257-A7B89CD773D1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{1E2149DF-3210-4617-8EC4-4EE198BD480A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0C54D130-213C-4496-83F8-564982017BA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{443A2F94-1D6D-4EA5-A07B-6D69EFD53288}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{D94C0D05-F0E4-41DA-9F08-4283765FDAAB}] => (Allow) LPort=8743
FirewallRules: [{74D58059-EB54-4CA9-9616-B720DEB92A1C}] => (Allow) LPort=8643
FirewallRules: [{6E414F21-063C-4838-82FD-C9B901D2AC7E}] => (Allow) LPort=7676
FirewallRules: [{6FD5EEAE-75AB-451E-90F6-E97021DB860B}] => (Allow) LPort=7679
FirewallRules: [{655F2E0D-86F5-4BF7-BD22-FABC9BBAAB60}] => (Allow) LPort=24234
FirewallRules: [{1DF0E41F-B2CF-45CA-9333-602FF9C7DE6D}] => (Allow) LPort=7900
FirewallRules: [{CF3D1361-1A85-4D29-94BE-7A35D1DD0318}] => (Allow) LPort=1900
FirewallRules: [{EA60724B-7F8C-4B4C-8E26-B89076CF6FCC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CC1E9F79-4EE3-4684-8508-C4FD9CE0A958}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B5C9E2A5-39D8-4579-9F9F-9C433B208AF1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{603341FC-71EB-4DC6-9034-8D3D461428F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A242C9EE-4B34-4A88-BD56-BE3DCA116E33}C:\program files\smart view\smart view.exe] => (Allow) C:\program files\smart view\smart view.exe ()
FirewallRules: [UDP Query User{098F924C-5EC5-4AC7-B4E7-9C2C06CD020F}C:\program files\smart view\smart view.exe] => (Allow) C:\program files\smart view\smart view.exe ()
FirewallRules: [TCP Query User{E1601970-94B6-4828-9B17-5EA2B0276026}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{42F8958D-B0F2-4263-B856-33698917E9E6}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{47DC55B6-7190-4ABC-91D2-9915BA5C5FBD}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{E470F5D8-5193-42C9-9CB7-70245AC43A56}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{07E78CBF-6D59-4AA3-B426-7B581D3C95A5}] => (Allow) C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{0DA40EC7-0447-48E3-AA5E-A5D43ECE6180}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [{2D42EC07-0DEB-407F-9CDD-8ED872BA15B4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73BD7717-5FCB-409D-9F28-5B3F08CAA3D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B0CA18F-3DD9-449D-9BA1-FCB7AADCB168}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12745336-A9B3-4699-AD28-09970DC89E18}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2019 02:57:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BSvcProcessor.exe, version: 1.0.6.0, time stamp: 0x563b2359
Faulting module name: BSvcProcessor.exe, version: 1.0.6.0, time stamp: 0x563b2359
Exception code: 0xc0000005
Fault offset: 0x00007b80
Faulting process id: 0x244c
Faulting application start time: 0x01d4c44768623256
Faulting application path: C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe
Faulting module path: C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe
Report Id: 4c6e72ba-f371-4994-944c-70f84ca33f64
Faulting package full name:
Faulting package-relative application ID:

Error: (02/14/2019 01:55:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (14256,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\Samrat\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (02/14/2019 01:55:22 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (14256,R,98) WebCacheLocal: An attempt to open the file "C:\Users\Samrat\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (02/14/2019 12:21:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hide.me.exe, version: 2.1.2.0, time stamp: 0x5c2da313
Faulting module name: KERNELBASE.dll, version: 10.0.17763.292, time stamp: 0xb868bcc3
Exception code: 0xe0434352
Fault offset: 0x000df322
Faulting process id: 0xc0c
Faulting application start time: 0x01d4c431796e8512
Faulting application path: C:\Program Files\hide.me VPN\hide.me.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5a66c6d1-a68c-44f1-88ac-8ab4a88c8156
Faulting package full name:
Faulting package-relative application ID:

Error: (02/14/2019 12:21:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: hide.me.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.VisualBasic.ApplicationServices.CantStartSingleInstanceException
   at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
   at nUWu42nhrJyqZCmobU.RsnWtovcLGjBTVxHI3.EPmlfTRfd(System.String[])

Error: (02/14/2019 09:49:21 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={F4BDCC28-199C-484E-B1DB-6A716B630A3A}: The user SYSTEM dialed a connection named Hide.ME IKEV2 which has failed. The error code returned on failure is 122.

Error: (02/14/2019 09:19:00 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (02/13/2019 11:30:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.17763.1, time stamp: 0xcf838d91
Faulting module name: wpnuserservice.dll, version: 10.0.17763.1, time stamp: 0xeb4733c6
Exception code: 0xc0000409
Fault offset: 0x0000976f
Faulting process id: 0x41c
Faulting application start time: 0x01d4c39a92857ab2
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: c:\windows\system32\wpnuserservice.dll
Report Id: 8e47f8ac-2920-412a-a192-62548cfb0837
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (02/14/2019 03:27:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 03:26:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 01:54:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 01:53:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 12:19:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 12:18:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

Error: (02/14/2019 12:18:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SampleCollector service.

Error: (02/14/2019 10:30:17 AM) (Source: DCOM) (EventID: 10016) (User: SAMRAT-VAIO)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user SAMRAT-VAIO\Samrat SID (S-1-5-21-3818488324-2291645803-3957952478-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Windows Defender:
===================================
Date: 2019-02-11 10:07:32.298
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1CF3FB97-E2A2-4A34-995D-6EF27B5BB0CE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-02-08 14:33:25.929
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {00EB8F02-A83F-44FC-BF86-A208A6C03483}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-23 18:56:02.650
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {625384AC-A15C-49C5-8BBE-3F226A8797A3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-23 18:46:45.367
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E454A3FC-F11C-48C1-AA37-9378498A7126}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-23 18:36:08.873
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {06E3E0FC-5B13-4982-980B-6154C429EC2A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-01-19 16:38:24.217
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2986.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-01-19 16:38:24.216
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2986.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-01-19 16:38:24.215
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2986.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-01-19 16:37:21.115
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2986.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-01-19 16:37:21.114
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.2986.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee2
Error description: The operation timed out

CodeIntegrity:
===================================

Date: 2019-01-26 22:18:41.562
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:41.532
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:39.865
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:39.825
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:39.587
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:39.564
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:19.530
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-26 22:18:15.654
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 61%
Total physical RAM: 2726.36 MB
Available physical RAM: 1054.86 MB
Total Virtual: 6310.36 MB
Available Virtual: 3029.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:89.2 GB) (Free:28.03 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (New Volume) (Fixed) (Total:100 GB) (Free:9.11 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:50 GB) (Free:6.54 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:58.89 GB) (Free:4.32 GB) NTFS
Drive j: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:64.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 57C7EF15)
Partition 1: (Active) - (Size=89.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=58.9 GB) - (Type=0F Extended)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 6DD7CDDA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#4 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 04:30 AM

Result of Security Analysis by Rocket Grannie (x86) Updated: 16th, december 2018
Running from:C:\Users\Samrat\Downloads\Programs (15:52:20 - 02/14/2019)
***---------------------------------------------------------***
Microsoft Windows 10 Pro X86
UAC is Enabled
Internet Explorer 11
Default Browser: Microsoft Edge
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Enabled - up to Date)
Windows Defender (Enabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (32.0.0.142)
CCleaner (5.43) ==> is out of Date
Google Chrome (71.0.3578.98)
Malwarebytes (3.6.1.2711)
Mozilla Firefox (65.0.1)

***----------------Analysis Complete-------------------------***

#5 nasdaq

Forum Deity

Global Moderator
49,240 posts

Posted 14 February 2019 - 07:00 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn System Restore ON for Drives in Windows 10 - Immediately.
https://www.tenforum...ndows-10-a.html
===

IDM Crack 6.29 build 1 (HKLM\...\IDM Crack 6.29 build 1) (Version: 6.29 build 2 - Crackingpatching.com Team)
Cracked/warez versions of programs sound "good" and "cheap", but they can cause all sorts of headaches for you and damage to your computer. No reputable forum will support any method of cracking, warez, workarounds, providing any methods, tools, or posting of links designed for this express purpose.

There are people who have spent a great deal of money on developing and testing hardware and software, marketing and distributing it, and then on education and support for it. They have spent long, tedious, difficult and brain-numbing days/nights on their endeavor. They are attempting to make an honest living and feed their families.

Let's not support the thieves who rip them off and cheat them out of the fruits of their labor.
===

Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(© 2015 Microsoft Corporation) C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [BingSvc] => C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (Microsoft Corporation -> © 2015 Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> X:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-09-14]
ShortcutTarget: RealTimes.lnk -> X:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (No File)
Tcpip\..\Interfaces\{23BAAE18-83C7-4897-8C60-E5265461F646}: [DhcpNameServer] 46.166.179.49 46.166.179.51
Tcpip\..\Interfaces\{4EDF9EDD-C3A4-4A2A-80C2-DA793530E2AE}: [DhcpNameServer] 109.201.137.40 109.201.137.42
SearchScopes: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180525__yaie&p={searchTerms}
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [22728 2017-10-29] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

AlternateDataStreams: C:\Users\Samrat\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Add-in Express:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Bluetooth Folder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\EasyDuplicateFinder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\HTC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Max Payne 2 Savegames:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\My Cheat Tables:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\NFS Most Wanted:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Square Enix:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Visual Studio 2015:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

C:\WINDOWS\system32\DRIVERS\SWDUMon.sys

RemoveProxy:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

Reboot:

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the log and let me know what problem persists.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 11:35 AM

Fix result of Farbar Recovery Scan Tool (x86) Version: 13-02-2019
Ran by Samrat (14-02-2019 22:35:06) Run:1
Running from C:\Users\Samrat\Downloads\Programs
Loaded Profiles: Samrat (Available Profiles: Samrat)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(� 2015 Microsoft Corporation) C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\...\Run: [BingSvc] => C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (Microsoft Corporation -> � 2015 Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> X:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-09-14]
ShortcutTarget: RealTimes.lnk -> X:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (No File)
Tcpip\..\Interfaces\{23BAAE18-83C7-4897-8C60-E5265461F646}: [DhcpNameServer] 46.166.179.49 46.166.179.51
Tcpip\..\Interfaces\{4EDF9EDD-C3A4-4A2A-80C2-DA793530E2AE}: [DhcpNameServer] 109.201.137.40 109.201.137.42
SearchScopes: HKU\S-1-5-21-3818488324-2291645803-3957952478-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180525__yaie&p={searchTerms}
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [22728 2017-10-29] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)

AlternateDataStreams: C:\Users\Samrat\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Add-in Express:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Bluetooth Folder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Custom Office Templates:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\EasyDuplicateFinder:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\HTC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Max Payne 2 Savegames:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\My Cheat Tables:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\NFS Most Wanted:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Square Enix:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Samrat\OneDrive\Documents\Visual Studio 2015:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

C:\WINDOWS\system32\DRIVERS\SWDUMon.sys

RemoveProxy:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

Reboot:

End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\Samrat\AppData\Local\Microsoft\BingSvc\BingSvc.exe => No running process found
"HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk => moved successfully
"X:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk => moved successfully
"X:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe" => not found
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{23BAAE18-83C7-4897-8C60-E5265461F646}\\DhcpNameServer" => removed successfully.
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4EDF9EDD-C3A4-4A2A-80C2-DA793530E2AE}\\DhcpNameServer" => removed successfully.
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => removed successfully.
HKLM\Software\Classes\CLSID\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => not found
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully.
SWDUMon => service removed successfully.
C:\Users\Samrat\OneDrive => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity" ADS could not remove.
C:\Users\Samrat\OneDrive\Documents\Add-in Express => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\Bluetooth Folder => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\Custom Office Templates => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\EasyDuplicateFinder => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\HTC => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\Max Payne 2 Savegames => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\My Cheat Tables => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\NFS Most Wanted => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\Square Enix => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\Users\Samrat\OneDrive\Documents\Visual Studio 2015 => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully.
C:\WINDOWS\system32\DRIVERS\SWDUMon.sys => moved successfully

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-3818488324-2291645803-3957952478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.

========= End of RemoveProxy: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= IPCONFIG /release =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection* 16 while it has its media disconnected.
No operation can be performed on Local Area Connection* 17 while it has its media disconnected.
No operation can be performed on Wi-Fi while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 17:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 18:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi 2:

   Connection-specific DNS Suffix . :
   Default Gateway . . . . . . . . . :

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

========= End of CMD: =========

========= IPCONFIG /renew =========

Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Ethernet 2 while it has its media disconnected.
No operation can be performed on Local Area Connection* 16 while it has its media disconnected.
No operation can be performed on Local Area Connection* 17 while it has its media disconnected.
No operation can be performed on Local Area Connection* 18 while it has its media disconnected.
No operation can be performed on Wi-Fi while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Ethernet adapter Ethernet 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 17:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 18:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix . :
   IPv4 Address. . . . . . . . . . . : 192.168.31.207
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.31.1

Wireless LAN adapter Wi-Fi 2:

   Connection-specific DNS Suffix . :
   IPv4 Address. . . . . . . . . . . : 192.168.31.194
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.31.1

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52721279 B
Java, Flash, Steam htmlcache => 139436 B
Windows/system/drivers => 8339737 B
Edge => 9354599 B
Chrome => 4734972 B
Firefox => 943079047 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 8585 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 2519040 B
NetworkService => 23255334 B
Samrat => 104346399 B

RecycleBin => 1921220 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:46:15 ====

#7 koolsam

SWI Junkie

Full Member
262 posts

Posted 14 February 2019 - 11:36 AM

The Problem Still Continues...

#8 nasdaq

Forum Deity

Global Moderator
49,240 posts

Posted 15 February 2019 - 06:19 AM

Check the integrity of the operating system files.
How to run sfc /Scannow
http://support.microsoft.com/kb/929833

When completed refer to the Microsoft article again and follow the instructions to view details of the System File Checker process

Post the contents of the sfcdetails.txt file for my review.

Let me know if the problem persists.
<<<>>>

High CPU usage. Windows 8 and 10.
http://www.itphobia....high-cpu-usage/
<<<>>>

#9 koolsam

SWI Junkie

Full Member
262 posts

Posted 17 February 2019 - 12:52 AM

2019-02-15 16:49:01, Info                  CSI    00000006 [SR] Verifying 1 components
2019-02-15 16:49:01, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2019-02-15 16:49:03, Info                  CSI    0000000c [SR] Verify complete
2019-02-15 16:49:03, Info                  CSI    0000000d [SR] Verifying 1 components
2019-02-15 16:49:03, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2019-02-15 16:49:04, Info                  CSI    00000010 [SR] Verify complete
2019-02-15 16:49:04, Info                  CSI    00000011 [SR] Verifying 1 components
2019-02-15 16:49:04, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2019-02-15 16:49:06, Info                  CSI    00000015 [SR] Verify complete
2019-02-15 16:49:06, Info                  CSI    00000016 [SR] Verifying 1 components
2019-02-15 16:49:06, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2019-02-15 16:49:07, Info                  CSI    0000001b [SR] Verify complete

----

The DVD Writer Problem and the Problem of Not Responding still Exists

#10 nasdaq

Forum Deity

Global Moderator
49,240 posts

Posted 17 February 2019 - 06:58 AM

Hi,

This article is dated 2006 but some recommendation should be tried.

https://community.so...s-gt/td-p/24135

This is not caused by malware. If the problem persists you should contact Sony.

Back to Malware Removal

Laptop Strucks for a while and doesn't respond

#1 koolsam

#2 koolsam

#3 koolsam

#4 koolsam

#5 nasdaq

#6 koolsam

#7 koolsam

#8 nasdaq

#9 koolsam

#10 nasdaq

Sign In