Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Old PC slow and buffers often

Started by deejay , Mar 15 2019 02:37 PM

This topic is locked

8 replies to this topic

#1 deejay

Member

Full Member
80 posts

Posted 15 March 2019 - 02:37 PM

Good afternoon, my old pc is all of the sudden running some things very slow and a lot of buffering going on when multiple windows are open. Please check my pc for me and advise on how to clean it all up. Thank you in advance for all of your valuable time and assistance.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/15/19
Scan Time: 4:11 PM
Log File: 84de1f24-475e-11e9-a34b-001fc69e054f.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9706
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dennis-Laptop\Dennis

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 267434
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 6 min, 8 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by Dennis (administrator) on DENNIS-LAPTOP (15-03-2019 16:23:42)
Running from C:\Users\Dennis\Desktop
Loaded Profiles: Dennis (Available Profiles: Dennis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308144 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308144 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\Run: [RogueKiller Anti-Malware] => C:\Program Files\RogueKiller\RogueKiller64.exe [33370168 2019-01-07] (Adlice -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{AC95EC36-10E5-4e80-9A47-3A413963594C}] -> C:\windows\system32\tosWirelessLANIndicatorCP.dll [2011-02-17] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2011-01-17] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-12-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58F72163-F5C6-42E7-A712-C7C38081BC4C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-cnetl
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-cnetl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: denja0w9.default-1541789796335
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 [2019-03-15]
FF Homepage: Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 -> www.yahoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 -> Enabled: ff_hpset@jetpack
FF Extension: (AdBlocker Ultimate) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\adblockultimate@adblockultimate.net.xpi [2019-02-05]
FF Extension: (Yahoo Homepage) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\ff_hpset@jetpack.xpi [2018-11-09]
FF Extension: (AdBlock) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-02-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-19] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-19] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2013-01-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2013-01-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Result of Security Analysis by Rocket Grannie (x86) Updated: 16th, december 2018
Running from:C:\Users\Dennis\Desktop (16:33:02 - 03/15/2019)
***---------------------------------------------------------***
Microsoft Windows 7 Home Premium X64 Service Pack 1
UAC is Enabled
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
AVG Antivirus (Enabled - up to Date)
Malwarebytes (Enabled - up to Date)
Malwarebytes (Enabled - up to Date)
Windows Defender (Disabled - up to Date)
AVG Antivirus (Enabled - up to Date)
AVG Antivirus Firewall (Enabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (32.0.0.142)
Adobe Acrobat Reader DC (19.010.20098)
CCleaner (5.55)
Java (8.0.2010.9) ==> is out of Date
Malwarebytes (3.7.1.2839)
Microsoft Silverlight (5.1.50918.0)
Mozilla Firefox (65.0.2)
Windows Live Essentials (15.4.3502.0922) ==> is out of Date ==> is no longer supported

***----------------Analysis Complete-------------------------***

Attached Files

Malwarebytes.txt 1.2KB 2 downloads
FRST.txt 17.87KB 1 downloads
SALog.txt 1.04KB 2 downloads

Edited by deejay, 15 March 2019 - 02:53 PM.

#2 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 16 March 2019 - 06:18 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

The FRST.TXT log (posted and attached) is not complete.

Please scan the computer with the Farbar program one more time and attached bot logs.
To refresh the Addition.txt log make sure that the box to create the log is checked.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 deejay

Member

Full Member
80 posts

Posted 16 March 2019 - 07:58 AM

Good morning and thank you very much for your assistance. I reran the FRST per your request posted below.. I hope I ran it correctly this time..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by Dennis (administrator) on DENNIS-LAPTOP (16-03-2019 16:02:42)
Running from C:\Users\Dennis\Desktop
Loaded Profiles: Dennis (Available Profiles: Dennis)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2011-01-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544624 2011-05-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308144 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308144 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\...\RunOnce: [FlashPlayerUpdate] => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{AC95EC36-10E5-4e80-9A47-3A413963594C}] -> C:\windows\system32\tosWirelessLANIndicatorCP.dll [2011-02-17] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2011-01-17] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-12-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58F72163-F5C6-42E7-A712-C7C38081BC4C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3078223344-2011570511-2377942956-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-cnetl
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3078223344-2011570511-2377942956-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-cnetl
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: denja0w9.default-1541789796335
FF ProfilePath: C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 [2019-03-16]
FF Homepage: Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 -> www.yahoo.com
FF NewTabOverride: Mozilla\Firefox\Profiles\denja0w9.default-1541789796335 -> Enabled: ff_hpset@jetpack
FF Extension: (AdBlocker Ultimate) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\adblockultimate@adblockultimate.net.xpi [2019-02-05]
FF Extension: (Yahoo Homepage) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\ff_hpset@jetpack.xpi [2018-11-09]
FF Extension: (AdBlock) - C:\Users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\denja0w9.default-1541789796335\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-03-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-19] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-19] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2013-01-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2013-01-11] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [360488 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [371872 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6618744 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-01] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (ZTE CORPORATION -> Google Inc)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [205448 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdriver.sys [254760 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsh.sys [196632 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\windows\System32\drivers\avgblog.sys [320744 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniv.sys [58008 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\windows\System32\drivers\avgKbd.sys [42336 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [168944 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\windows\System32\DRIVERS\avgNetNd6.sys [29944 2017-09-26] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\windows\System32\drivers\avgNetSec.sys [518624 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [112360 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [87992 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1033968 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [476096 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [220472 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [380000 2019-03-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 ghsdiagMDM; C:\windows\System32\DRIVERS\ghsdiagMDM.sys [122496 2011-11-28] (Microsoft Windows Hardware Compatibility Publisher -> HS Incorporated)
R3 igfx; C:\windows\System32\DRIVERS\igdkmd64.sys [12262624 2011-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation)
R3 NMgamingmsFltr; C:\windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Primax Ltd)
R0 pavboot; C:\windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security S.L -> Panda Security, S.L.)
R3 RTWlanE; C:\windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ubloxusb; C:\windows\System32\DRIVERS\ubloxusb.sys [95232 2011-11-30] (Microsoft Windows Hardware Compatibility Publisher -> u-blox AG)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
U1 avgbdisk; no ImagePath
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-16 16:01 - 2019-03-16 16:02 - 002433536 _____ (Farbar) C:\Users\Dennis\Desktop\FRST64.exe
2019-03-15 16:33 - 2019-03-15 16:33 - 000001063 _____ C:\Users\Dennis\Desktop\SALog.txt
2019-03-15 16:23 - 2019-03-16 16:04 - 000023620 _____ C:\Users\Dennis\Desktop\FRST.txt
2019-03-15 16:23 - 2019-03-16 16:02 - 000000000 ____D C:\FRST
2019-03-15 16:19 - 2019-03-15 16:19 - 000001225 _____ C:\Users\Dennis\Desktop\Malwarebytes.txt
2019-03-15 16:03 - 2019-03-15 16:03 - 000000000 _____ C:\windows\SysWOW64\shoD6BF.tmp
2019-03-15 16:00 - 2019-03-15 16:00 - 000000000 ____D C:\ProgramData\MB3Install
2019-03-14 22:26 - 2019-03-14 22:26 - 000001939 _____ C:\Users\Public\Desktop\AVG.lnk
2019-03-14 22:25 - 2019-03-14 22:25 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2019-03-13 09:59 - 2019-02-16 01:32 - 000142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-03-13 09:59 - 2019-02-16 01:30 - 000123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2019-03-13 09:26 - 2019-03-05 23:18 - 000154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-03-13 09:26 - 2019-03-05 23:18 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-03-13 09:26 - 2019-03-05 23:14 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-03-13 09:26 - 2019-03-05 23:14 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-03-13 09:26 - 2019-03-05 23:13 - 005552872 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-03-13 09:26 - 2019-03-05 23:13 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-03-13 09:26 - 2019-03-05 23:12 - 001664360 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 001472512 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 001211392 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 001162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:10 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:04 - 004055784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2019-03-13 09:26 - 2019-03-05 23:04 - 003960552 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2019-03-13 09:26 - 2019-03-05 23:02 - 001314104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000556032 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2019-03-13 09:26 - 2019-03-05 23:01 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 22:45 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-03-13 09:26 - 2019-03-05 22:45 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-03-13 09:26 - 2019-03-05 22:45 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-03-13 09:26 - 2019-03-05 22:44 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-03-13 09:26 - 2019-03-05 22:42 - 003228160 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-03-13 09:26 - 2019-03-05 22:42 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-03-13 09:26 - 2019-03-05 22:41 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-03-13 09:26 - 2019-03-05 22:41 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-03-13 09:26 - 2019-03-05 22:41 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2019-03-13 09:26 - 2019-03-05 22:40 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2019-03-13 09:26 - 2019-03-05 22:38 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-03-13 09:26 - 2019-03-05 22:38 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-03-13 09:26 - 2019-03-05 22:38 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-03-13 09:26 - 2019-03-05 22:38 - 000169984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-03-13 09:26 - 2019-03-05 22:38 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-03-13 09:26 - 2019-03-05 22:38 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-03-13 09:26 - 2019-03-05 22:37 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-03-13 09:26 - 2019-03-05 22:37 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-03-13 09:26 - 2019-03-05 22:37 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2019-03-13 09:26 - 2019-03-05 22:37 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2019-03-13 09:26 - 2019-03-05 22:37 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2019-03-13 09:26 - 2019-03-05 22:37 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2019-03-13 09:26 - 2019-03-05 22:36 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2019-03-13 09:26 - 2019-03-05 22:36 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 22:36 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 22:36 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 09:26 - 2019-03-05 22:36 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 09:26 - 2019-03-04 22:44 - 000076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2019-03-13 09:26 - 2019-03-04 22:44 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-03-13 09:26 - 2019-03-04 22:44 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2019-03-13 09:26 - 2019-02-26 18:41 - 000397104 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-03-13 09:26 - 2019-02-26 17:47 - 000348984 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2019-03-13 09:26 - 2019-02-26 03:57 - 025737216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-03-13 09:26 - 2019-02-26 03:46 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-03-13 09:26 - 2019-02-26 03:45 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-03-13 09:26 - 2019-02-26 03:33 - 002902528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-03-13 09:26 - 2019-02-26 03:32 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-03-13 09:26 - 2019-02-26 03:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-03-13 09:26 - 2019-02-26 03:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-03-13 09:26 - 2019-02-26 03:31 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-03-13 09:26 - 2019-02-26 03:31 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-03-13 09:26 - 2019-02-26 03:25 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-03-13 09:26 - 2019-02-26 03:25 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-03-13 09:26 - 2019-02-26 03:24 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-03-13 09:26 - 2019-02-26 03:22 - 005777920 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-03-13 09:26 - 2019-02-26 03:21 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-03-13 09:26 - 2019-02-26 03:20 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-03-13 09:26 - 2019-02-26 03:20 - 000790528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-03-13 09:26 - 2019-02-26 03:20 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-03-13 09:26 - 2019-02-26 03:20 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-03-13 09:26 - 2019-02-26 03:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2019-03-13 09:26 - 2019-02-26 03:12 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-03-13 09:26 - 2019-02-26 03:09 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-03-13 09:26 - 2019-02-26 03:07 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-03-13 09:26 - 2019-02-26 03:07 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2019-03-13 09:26 - 2019-02-26 03:06 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2019-03-13 09:26 - 2019-02-26 03:06 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2019-03-13 09:26 - 2019-02-26 03:05 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2019-03-13 09:26 - 2019-02-26 03:04 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-03-13 09:26 - 2019-02-26 03:03 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 09:26 - 2019-02-26 03:02 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-03-13 09:26 - 2019-02-26 03:02 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-03-13 09:26 - 2019-02-26 03:01 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2019-03-13 09:26 - 2019-02-26 03:00 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2019-03-13 09:26 - 2019-02-26 02:59 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-03-13 09:26 - 2019-02-26 02:58 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2019-03-13 09:26 - 2019-02-26 02:58 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-03-13 09:26 - 2019-02-26 02:57 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-03-13 09:26 - 2019-02-26 02:57 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2019-03-13 09:26 - 2019-02-26 02:57 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2019-03-13 09:26 - 2019-02-26 02:56 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-03-13 09:26 - 2019-02-26 02:54 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-03-13 09:26 - 2019-02-26 02:49 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2019-03-13 09:26 - 2019-02-26 02:46 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-03-13 09:26 - 2019-02-26 02:44 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2019-03-13 09:26 - 2019-02-26 02:44 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-13 09:26 - 2019-02-26 02:43 - 015284224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-03-13 09:26 - 2019-02-26 02:43 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-03-13 09:26 - 2019-02-26 02:43 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-03-13 09:26 - 2019-02-26 02:43 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2019-03-13 09:26 - 2019-02-26 02:41 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-03-13 09:26 - 2019-02-26 02:41 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-03-13 09:26 - 2019-02-26 02:41 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2019-03-13 09:26 - 2019-02-26 02:41 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2019-03-13 09:26 - 2019-02-26 02:39 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2019-03-13 09:26 - 2019-02-26 02:38 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2019-03-13 09:26 - 2019-02-26 02:35 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-03-13 09:26 - 2019-02-26 02:33 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2019-03-13 09:26 - 2019-02-26 02:31 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2019-03-13 09:26 - 2019-02-26 02:31 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2019-03-13 09:26 - 2019-02-26 02:30 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2019-03-13 09:26 - 2019-02-26 02:29 - 013681664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-03-13 09:26 - 2019-02-26 02:29 - 004858880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-03-13 09:26 - 2019-02-26 02:18 - 001557504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-03-13 09:26 - 2019-02-26 02:12 - 004386304 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-03-13 09:26 - 2019-02-26 02:09 - 001332224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-03-13 09:26 - 2019-02-26 02:07 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2019-03-13 09:26 - 2019-02-26 02:06 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-03-13 09:26 - 2019-02-21 23:07 - 000058880 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-03-13 09:26 - 2019-02-21 23:07 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2019-03-13 09:26 - 2019-02-21 22:56 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2019-03-13 09:26 - 2019-02-21 22:55 - 000044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2019-03-13 09:26 - 2019-02-21 22:35 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2019-03-13 09:26 - 2019-02-16 02:02 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-03-13 09:26 - 2019-02-16 02:02 - 000972288 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2019-03-13 09:26 - 2019-02-16 02:02 - 000878080 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-03-13 09:26 - 2019-02-16 02:02 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-03-13 09:26 - 2019-02-16 02:02 - 000443904 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2019-03-13 09:26 - 2019-02-16 02:02 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-03-13 09:26 - 2019-02-16 02:01 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-03-13 09:26 - 2019-02-16 01:50 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2019-03-13 09:26 - 2019-02-16 01:50 - 000583680 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2019-03-13 09:26 - 2019-02-16 01:50 - 000321536 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2019-03-13 09:26 - 2019-02-16 01:50 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2019-03-13 09:26 - 2019-02-16 01:33 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2019-03-13 09:26 - 2019-02-15 12:09 - 000485888 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2019-03-13 09:26 - 2019-02-15 12:09 - 000355328 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2019-03-13 09:26 - 2019-02-15 12:09 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2019-03-13 09:26 - 2019-02-15 11:58 - 000382976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2019-03-13 09:26 - 2019-02-15 11:58 - 000320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2019-03-13 09:26 - 2019-02-15 11:40 - 000415744 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2019-03-13 09:26 - 2019-02-15 11:40 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2019-03-13 09:26 - 2019-02-15 11:40 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2019-03-13 09:26 - 2019-02-15 11:38 - 000360960 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2019-03-13 09:26 - 2019-02-15 11:38 - 000053760 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2019-03-13 09:26 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2019-03-13 09:26 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2019-03-13 09:26 - 2019-02-10 12:10 - 001680104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2019-03-13 09:26 - 2019-02-10 11:36 - 000328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2019-03-13 09:26 - 2019-02-10 11:36 - 000205312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2019-03-13 09:26 - 2019-02-10 11:36 - 000195584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2019-03-13 09:26 - 2019-02-10 11:35 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys
2019-03-13 09:26 - 2019-02-08 12:08 - 002009088 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2019-03-13 09:26 - 2019-02-08 12:08 - 001889280 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2019-03-13 09:26 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2019-03-13 09:26 - 2019-02-08 12:08 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2019-03-13 09:26 - 2019-02-08 12:07 - 001133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2019-03-13 09:26 - 2019-02-08 11:59 - 001391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2019-03-13 09:26 - 2019-02-08 11:59 - 001241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2019-03-13 09:26 - 2019-02-08 11:59 - 000805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2019-03-13 09:26 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2019-03-13 09:26 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2019-03-13 09:26 - 2019-02-07 12:06 - 000027648 _____ (Microsoft Corporation) C:\windows\system32\brdgcfg.dll
2019-03-13 09:26 - 2019-02-07 12:06 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\bridgeres.dll
2019-03-13 09:26 - 2019-02-07 12:01 - 000095232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2019-03-13 09:26 - 2019-02-07 11:46 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\bridgeunattend.exe
2019-03-13 09:26 - 2019-02-03 11:36 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys
2019-03-13 09:26 - 2019-01-04 12:13 - 000143592 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-03-13 09:26 - 2019-01-04 12:07 - 000727040 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 002862592 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-03-13 09:26 - 2019-01-04 10:05 - 001635328 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000799744 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000495616 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000451584 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000313856 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-03-13 09:26 - 2019-01-04 10:05 - 000253952 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-03-13 09:26 - 2019-01-03 12:10 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2019-03-13 09:26 - 2019-01-03 11:55 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 012574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2019-03-13 09:23 - 2019-02-10 12:41 - 011411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 003207168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 001177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 001005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000373248 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssign32.dll
2019-03-13 09:23 - 2019-02-10 12:41 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2019-03-13 09:23 - 2019-02-10 12:29 - 000008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2019-03-13 09:23 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2019-03-13 09:23 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2019-03-13 09:23 - 2019-02-10 12:28 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2019-03-13 09:23 - 2019-02-10 12:28 - 000023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2019-03-13 09:23 - 2019-02-10 12:10 - 000094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2019-03-13 09:23 - 2019-02-10 12:09 - 014635520 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 012574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2019-03-13 09:23 - 2019-02-10 12:09 - 001574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2019-03-13 09:23 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2019-03-13 09:23 - 2019-02-10 12:09 - 000005120 _____ (Microsoft Corporation) C:\win

Edited by deejay, 16 March 2019 - 02:11 PM.

#4 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 17 March 2019 - 06:14 AM

Hi,

No malware was found on this computer.

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U1 avgbdisk; no ImagePath
U4 npcap_wifi; no ImagePath

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [252]

cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

Reboot:

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

The problem may be due to having AVG and Malwarebytes.
Follow the instructions on this page.
https://support.malw...m/docs/DOC-1123

Please let me know what problem persists with this computer.

#5 deejay

Member

Full Member
80 posts

Posted 17 March 2019 - 03:02 PM

Good afternoon and thank you for your valuable assistance. I followed your instructions but I was somewhat unsure about where to save the file I made in notepad. I hope I did it correctly. Following is the fix log after running Farbar fix. From what I can assess for now, it seems to be running pretty good. If here are any issues I will update you in the next day or two. Also, I was wondering if you can tell me, when I open disc de-fragment there are two lines, the top line I believe is the c drive and the second line says system The c drive will de-fragment but the line that says system shows 1% fragmented but when I try to de-fragment it it will not run , can you tell me if there is a way to get that to run and defrag. Thank you again, I truly appreciate your time.

Fix result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by Dennis (17-03-2019 16:45:12) Run:1
Running from C:\Users\Dennis\Desktop
Loaded Profiles: Dennis (Available Profiles: Dennis)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U1 avgbdisk; no ImagePath
U4 npcap_wifi; no ImagePath

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [252]

cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

Reboot:

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= IPCONFIG /release =========

Windows IP Configuration

No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix . : cfl.rr.com
   Link-local IPv6 Address . . . . . : fe80::909a:6125:93e6:d817%11
   Default Gateway . . . . . . . . . :

Tunnel adapter isatap.cfl.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter isatap.{97D10082-D0F2-4ACB-A818-01B4A9A42AC2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter Reusable ISATAP Interface {7486A65C-56B3-4E24-94FD-1CC7355DC956}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

========= End of CMD: =========

========= IPCONFIG /renew =========

Windows IP Configuration

No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix . : cfl.rr.com
   Link-local IPv6 Address . . . . . : fe80::909a:6125:93e6:d817%11
   IPv4 Address. . . . . . . . . . . : 192.168.1.121
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

Tunnel adapter Reusable ISATAP Interface {C5D9BA64-1499-4408-A1CC-3AC70D36325A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter isatap.{97D10082-D0F2-4ACB-A818-01B4A9A42AC2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

Tunnel adapter Reusable ISATAP Interface {7486A65C-56B3-4E24-94FD-1CC7355DC956}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5006854 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 163842 B
Edge => 0 B
Chrome => 0 B
Firefox => 63157404 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Dennis => 229366 B

RecycleBin => 0 B
EmptyTemp: => 73.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-03-2019 16:49:05)

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected

==== End of Fixlog 16:49:05 ====

Edited by deejay, 17 March 2019 - 03:34 PM.

#6 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 18 March 2019 - 06:04 AM

Hi,

The system partition is not used to run the system. It only has the files while are used for booting the
computer and also for the recovery environment. They are not active while the system is running, so the
fragmentation of this partition has no influence on system performance.
Do not try to defragment this partition.

Glad we could help.

#7 deejay

Member

Full Member
80 posts

Posted 18 March 2019 - 12:18 PM

Good afternoon, I wanted to let you know everything seems ok with my PC. I made a small donation on your behalf. I wish it could have been more as I think what you do is fantastic especially for people like myself that are tech challenged. I want to thank you again for your valuable time and assistance it is greatly appreciated.

#8 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 19 March 2019 - 05:30 AM

Thank you for your support.

Stay safe.

#9 nasdaq

Forum Deity

Global Moderator
49,295 posts

Posted 19 August 2019 - 05:39 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Back to Resolved or inactive Malware Removal

Old PC slow and buffers often

#1 deejay

Attached Files

#2 nasdaq

#3 deejay

#4 nasdaq

#5 deejay

#6 nasdaq

#7 deejay

#8 nasdaq

#9 nasdaq

Sign In