Inactive Jittery mouse, am I infected?

learninmypc

learninmypc

Posts: 9,789   +739
Wired or wireless, it don't matter the cursor gets jittery at times even thou no changes in moude properties which is why I tried to do this to no avail. Other scans will follow.
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================

Disable Windows Defender momentarily.
 
This don't work
To turn off Windows Defender using it do the following:
  1. Tap on the Windows-key to open the Start Menu.
  2. Type gpedit.msc and hit enter.
  3. Confirm the UAC prompt to continue.
 
Sorry, I never clicked on More Info on the warning.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2017
Ran by cyber (11-06-2017 18:51:07)
Running from C:\Users\cyber\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-08 15:53:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3403886051-827337895-3073139048-500 - Administrator - Disabled)
cyber (S-1-5-21-3403886051-827337895-3073139048-1000 - Administrator - Enabled) => C:\Users\cyber
DefaultAccount (S-1-5-21-3403886051-827337895-3073139048-503 - Limited - Disabled)
Guest (S-1-5-21-3403886051-827337895-3073139048-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{67CA5B4D-32DA-B54C-1851-F68ECD83262E}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
HydraVision (x32 Version: 4.2.128.0 - ATI Technologies Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 52.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 en-US)) (Version: 52.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 53.0.3 (x64 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD)
RAIDXpert (x32 Version: 3.2.1540.5 - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller version 12.10.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.1.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1242 - SUPERAntiSpyware.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForcyber.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe 5-fh scripts\monthly.xml

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-19 15:38 - 2009-09-19 15:38 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2017-01-03 20:50 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 13:58 - 2017-03-18 13:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 13:59 - 2017-03-18 19:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-07 23:18 - 2017-06-07 23:18 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-07 23:18 - 2017-06-07 23:18 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-07 23:18 - 2017-06-07 23:18 - 43318784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-07 23:18 - 2017-06-07 23:18 - 02427904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\skypert.dll
2009-09-14 17:17 - 2009-09-14 17:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-09-19 15:40 - 2009-09-19 15:40 - 00122880 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonServer.exe
2009-09-19 15:40 - 2009-09-19 15:40 - 00139264 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonClient.exe
2017-05-08 20:16 - 2017-05-08 20:16 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 20:16 - 2017-05-08 20:16 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-05-08 20:16 - 2017-05-08 20:16 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-31 19:41 - 2017-05-31 19:41 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-05-31 19:41 - 2017-05-31 19:41 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-25 16:03 - 2017-05-25 16:03 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-31 19:41 - 2017-05-31 19:41 - 10214400 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-06 01:58 - 2017-06-06 01:58 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-06 01:58 - 2017-06-06 01:58 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-06 01:58 - 2017-06-06 01:58 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-06 01:58 - 2017-06-06 01:58 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-22 20:47 - 2017-05-22 20:47 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-06 01:58 - 2017-06-06 01:58 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-01-04 22:16 - 2017-01-04 22:16 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-06 01:58 - 2017-06-06 01:58 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-08 20:16 - 2017-05-08 20:17 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-16 07:34 - 2016-07-16 07:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2009-09-07 14:54 - 2009-09-07 14:54 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2009-10-22 19:50 - 2009-10-22 19:50 - 00931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [135]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\cyber\Pictures\HAWKS\4336deb4aaee2fd8f5fc42f826fe6070.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "PictureMover.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{07AAD60E-1E95-4E97-930C-BB8543A8C09C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E9928869-6169-4C2C-ACC7-26A8C3E9A0F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F28E9886-5880-4B12-996A-F419F0919BCD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2987C0F3-3F53-4E35-AF26-800F7D7E62D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{961AC031-AA5B-47FB-ABE3-F17AE43C8C0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D9ADB4BE-ECB3-4B9C-BC2D-B875C156F382}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9E1B5152-01F7-4F10-B33C-50DD2082E8CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D0B379E3-1866-47EA-B231-91BBA01E0584}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{90D38474-9AD2-442E-88DB-2D19369FBAC9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B0ECDAA8-DF32-40F5-8D6B-639DCB121CC4}] => (Allow) LPort=1900
FirewallRules: [{4D044AD1-2D22-4F96-ADB6-AF91207635E5}] => (Allow) LPort=2869
FirewallRules: [{6CBDC6B3-7FC1-42A6-A64F-37ED22342EA4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2534BAD2-D2D9-4420-B9E7-149801C3EAB0}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{ECA688CE-63A1-49C0-97DA-FB436E7145B8}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{DEABD766-54E3-45A2-B9F2-5F178442EC9F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{5A23F8B4-F646-48B4-8008-78ADCC5EBE85}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{574931FC-1DF5-4096-8DF2-128C5CCFF9C2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{EB08D090-3F9E-4CC0-8977-42E213533002}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{03A9E4EB-A628-44A8-BCB8-C558FEACC9BB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{A22FBC33-9D8C-4B66-A8CE-E66FAB19A63F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{728600F4-F09A-46E0-BA18-CDFF8BDA431A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{578DE34C-6863-4BC8-AAEF-E535B11B1908}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{CBCDC242-6645-4341-A4A2-4DD985F19D97}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{9F0A4983-18E0-4C18-B419-E000BE7D465F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{D61DE30B-6AB5-456D-925C-906C3D491D99}] => (Allow) svchost.exe
FirewallRules: [{0C1FAF66-2D3F-4B5F-8AE3-DE809F48C1DE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{517919FC-3B08-472B-B784-8005E41927CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{A896C207-3A95-4259-A804-78DF7DD0EC1C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BFDE9683-BA52-4822-812A-EF64C46C9093}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{1234A297-7867-437E-A234-C468A503DA97}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{82F3528D-43E3-4CAE-A5B0-FAFBCE301461}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{44134333-88CB-4BD3-AC66-7B5CD1A65152}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{677FB34E-659F-49A1-B3CC-4977F477865D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{F727B810-A348-4B58-9ECC-7A92D7CEDC45}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{4EC3D9D7-624D-421B-8862-97264B603FF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A20ECECE-B568-4B76-B765-3F8178402CA7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C74980E8-B572-469C-8512-BAC51FE81E91}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{96EEB964-5713-46DB-BC62-518245443F60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CC74E7F6-B485-45CC-B6A8-397E7E409FC3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{8CB6FE18-CC7C-48C4-B084-2C37D3C691C1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{9F5ED747-D7A9-4E89-8971-BBB28EF8817D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

05-06-2017 09:53:34 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2017 04:57:46 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: 0x80041033

Error: (06/11/2017 04:57:46 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: 0x80041033

Error: (06/10/2017 04:01:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/10/2017 03:03:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/10/2017 11:02:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/09/2017 12:49:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/09/2017 12:26:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/09/2017 11:05:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: cyber-PC)
Description: Package Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (06/07/2017 11:42:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (06/07/2017 11:39:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: cyber-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (06/10/2017 03:03:32 PM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca did not register with DCOM within the required timeout.

Error: (06/10/2017 03:00:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/10/2017 11:02:44 AM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca did not register with DCOM within the required timeout.

Error: (06/10/2017 10:59:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/09/2017 12:49:31 PM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (06/09/2017 12:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/07/2017 11:42:27 AM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (06/07/2017 11:39:57 AM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (06/05/2017 06:08:57 AM) (Source: DCOM) (EventID: 10010) (User: cyber-PC)
Description: The server Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca did not register with DCOM within the required timeout.

Error: (06/05/2017 06:06:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.


CodeIntegrity:
===================================
Date: 2017-06-11 18:48:17.743
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 18:48:17.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:54.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:54.102
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:53.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:53.121
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:48.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 17:41:48.586
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 15:11:10.264
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-06-11 15:11:10.263
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 42%
Total physical RAM: 8183.89 MB
Available physical RAM: 4718.77 MB
Total Virtual: 16375.89 MB
Available Virtual: 12342.17 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:919.46 GB) (Free:723.83 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.3 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by cyber (administrator) on CYBER-PC (11-06-2017 18:49:33)
Running from C:\Users\cyber\Desktop
Loaded Profiles: cyber (Available Profiles: cyber)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7956384 2017-05-31] (SUPERAntiSpyware)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [148992 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-02-22]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e29d7a26-daf3-4f3f-8796-4482f6715ff1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fa94d0aa-568a-4dca-bb37-6e76dd2ca3f1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)

Edge:
======
Edge Extension: (Adguard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_2.5.18.0_neutral__m055xr0c82818 [2017-04-22]
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.1.6.0_neutral__c1wakc4j0nefm [2017-05-26]

FireFox:
========
FF DefaultProfile: uisrumoo.default
FF ProfilePath: C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default [2017-06-11]
FF Homepage: Mozilla\Firefox\Profiles\uisrumoo.default -> www.kiro7.com
FF NetworkProxy: Mozilla\Firefox\Profiles\uisrumoo.default -> type", 0
FF Extension: (Adguard AdBlocker) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default\Extensions\adguardadblocker@adguard.com.xpi [2017-04-05]
FF Extension: (uBlock Origin) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (Webutation) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2017-01-09]
FF Extension: (Video DownloadHelper) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Follow-on Search Telemetry) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\uisrumoo.default\features\{8ac31ea6-924f-446c-a319-00c5d356206a}\followonsearch@mozilla.com.xpi [2017-06-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3403886051-827337895-3073139048-1000: @hulu.com/Hulu Desktop -> C:\Users\cyber\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-05-09]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.kirotv.com/
CHR StartupUrls: Default -> "hxxp://www.kiro7.com/"
CHR Profile: C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default [2017-06-11]
CHR Extension: (Earth and Moon) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmfhbdfjlfminjglfhcgcblgicnfcka [2017-05-22]
CHR Extension: (Google Drive) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-20]
CHR Extension: (Adguard AdBlocker) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-05-20]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-05-25]
CHR Extension: (YouTube) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-20]
CHR Extension: (Full Screen) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmimocjjppdelmhpcmpkhekmpoddgima [2017-05-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-20]
CHR Extension: (Gmail) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-20]
CHR Extension: (Chrome Media Router) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-06-10] (Malwarebytes)
R1 MpKsl09b9b89c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BFDF2851-AA71-4873-B545-1FCEBB71C70F}\MpKsl09b9b89c.sys [44928 2017-06-10] (Microsoft Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [23536 2009-09-16] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-11 18:49 - 2017-06-11 18:50 - 00015587 _____ C:\Users\cyber\Desktop\FRST.txt
2017-06-11 18:48 - 2017-06-11 18:49 - 00000000 ____D C:\FRST
2017-06-11 18:48 - 2017-06-11 18:48 - 02438656 _____ (Farbar) C:\Users\cyber\Desktop\FRST64.exe
2017-06-09 07:59 - 2017-06-09 07:59 - 00001767 _____ C:\Users\Public\Desktop\Defraggler.lnk
2017-06-09 07:59 - 2017-06-09 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2017-06-09 07:59 - 2017-06-09 07:59 - 00000000 ____D C:\Program Files\Defraggler
2017-06-05 12:06 - 2017-06-05 12:06 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-05 05:55 - 2017-06-05 05:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-06-04 08:25 - 2017-06-04 08:25 - 259168121 _____ C:\Users\cyber\Documents\Pink Floyd The Wall ( Full Movie ).mp4
2017-06-04 08:22 - 2017-06-04 08:22 - 00000437 _____ C:\Users\cyber\Documents\README.txt
2017-06-04 08:20 - 2017-06-04 08:20 - 00000000 ____D C:\Program Files\ConvertHelper3
2017-06-03 17:28 - 2017-06-03 17:28 - 00759776 _____ C:\Users\cyber\Desktop\KAREN.mp4
2017-05-29 15:49 - 2017-05-20 02:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-05-29 15:49 - 2017-05-20 02:13 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-29 15:49 - 2017-05-20 01:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-29 15:49 - 2017-05-20 01:53 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-29 15:49 - 2017-05-20 01:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-29 15:49 - 2017-05-20 01:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-29 15:49 - 2017-05-20 01:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-29 15:49 - 2017-05-20 01:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-29 15:49 - 2017-05-20 01:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-29 15:49 - 2017-05-20 01:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-05-29 15:49 - 2017-05-20 01:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-05-29 15:49 - 2017-05-20 01:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-05-29 15:49 - 2017-05-20 01:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-29 15:49 - 2017-05-20 01:42 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-29 15:49 - 2017-05-20 01:40 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-29 15:49 - 2017-05-20 01:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-29 15:49 - 2017-05-20 01:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-29 15:49 - 2017-05-20 01:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-05-29 15:49 - 2017-05-20 01:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-05-29 15:49 - 2017-05-20 01:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-29 15:49 - 2017-05-20 01:25 - 20505088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-29 15:49 - 2017-05-20 01:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-05-29 15:49 - 2017-05-20 01:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-05-29 15:49 - 2017-05-20 01:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-29 15:49 - 2017-05-20 01:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-29 15:49 - 2017-05-20 01:22 - 19334656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-29 15:49 - 2017-05-20 01:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-29 15:49 - 2017-05-20 01:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-05-29 15:49 - 2017-05-20 01:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-05-29 15:49 - 2017-05-20 01:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-29 15:49 - 2017-05-20 01:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-29 15:49 - 2017-05-20 01:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-05-29 15:49 - 2017-05-20 01:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-29 15:49 - 2017-05-20 01:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-29 15:49 - 2017-05-20 01:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-29 15:49 - 2017-05-20 01:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-05-29 15:49 - 2017-05-20 01:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-05-29 15:49 - 2017-05-20 01:19 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-29 15:49 - 2017-05-20 01:18 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-29 15:49 - 2017-05-20 01:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-05-29 15:49 - 2017-05-20 01:18 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-29 15:49 - 2017-05-20 01:17 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-29 15:49 - 2017-05-20 01:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-05-29 15:49 - 2017-05-20 01:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-29 15:49 - 2017-05-20 01:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-29 15:49 - 2017-05-20 01:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-29 15:49 - 2017-05-20 01:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-29 15:49 - 2017-05-20 01:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-29 15:49 - 2017-05-20 01:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-05-29 15:49 - 2017-05-20 01:16 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-29 15:49 - 2017-05-20 01:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-29 15:49 - 2017-05-20 01:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-05-29 15:49 - 2017-05-20 01:15 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-05-29 15:49 - 2017-05-20 01:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-29 15:49 - 2017-05-20 01:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-05-29 15:49 - 2017-05-20 01:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-29 15:49 - 2017-05-20 01:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-05-29 15:49 - 2017-05-20 01:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-29 15:49 - 2017-05-20 01:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-05-29 15:49 - 2017-05-20 00:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-05-29 15:49 - 2017-05-20 00:03 - 08320928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-29 15:49 - 2017-05-20 00:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-29 15:49 - 2017-05-20 00:02 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-29 15:49 - 2017-05-19 23:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-05-29 15:49 - 2017-05-19 23:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-29 15:49 - 2017-05-19 23:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-29 15:49 - 2017-05-19 23:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-29 15:49 - 2017-05-19 23:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-29 15:49 - 2017-05-19 23:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-05-29 15:49 - 2017-05-19 23:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-05-29 15:49 - 2017-05-19 23:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-05-29 15:49 - 2017-05-19 23:51 - 21352176 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-29 15:49 - 2017-05-19 23:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-05-29 15:49 - 2017-05-19 23:22 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-29 15:49 - 2017-05-19 23:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-05-29 15:49 - 2017-05-19 23:10 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-05-29 15:49 - 2017-05-19 23:08 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-29 15:49 - 2017-05-19 23:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-29 15:49 - 2017-05-19 23:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-05-29 15:49 - 2017-05-19 23:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-05-29 15:49 - 2017-05-19 23:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-05-29 15:49 - 2017-05-19 23:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-05-29 15:49 - 2017-05-19 23:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-29 15:49 - 2017-05-19 23:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-29 15:49 - 2017-05-19 23:03 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-29 15:49 - 2017-05-19 23:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-29 15:49 - 2017-05-19 23:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-29 15:49 - 2017-05-19 23:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-29 15:49 - 2017-05-19 22:58 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-29 15:49 - 2017-05-19 22:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-05-29 15:49 - 2017-05-19 22:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-29 15:49 - 2017-05-19 22:57 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-29 15:49 - 2017-05-19 22:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-29 15:49 - 2017-05-19 22:54 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-29 15:49 - 2017-05-19 22:54 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-29 15:49 - 2017-05-19 22:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-05-29 15:49 - 2017-05-19 22:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-05-29 15:48 - 2017-05-20 01:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-29 15:48 - 2017-05-20 00:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-05-29 15:48 - 2017-05-20 00:08 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-29 15:48 - 2017-05-20 00:08 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-29 15:48 - 2017-05-20 00:08 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-29 15:48 - 2017-05-20 00:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-29 15:48 - 2017-05-20 00:01 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-29 15:48 - 2017-05-19 23:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
 
2017-05-29 15:48 - 2017-05-19 23:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-29 15:48 - 2017-05-19 23:56 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-29 15:48 - 2017-05-19 23:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-29 15:48 - 2017-05-19 23:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-29 15:48 - 2017-05-19 23:55 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-29 15:48 - 2017-05-19 23:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-29 15:48 - 2017-05-19 23:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-05-29 15:48 - 2017-05-19 23:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-29 15:48 - 2017-05-19 23:54 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-29 15:48 - 2017-05-19 23:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-29 15:48 - 2017-05-19 23:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-05-29 15:48 - 2017-05-19 23:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-05-29 15:48 - 2017-05-19 23:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-05-29 15:48 - 2017-05-19 23:52 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-29 15:48 - 2017-05-19 23:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-29 15:48 - 2017-05-19 23:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-05-29 15:48 - 2017-05-19 23:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-29 15:48 - 2017-05-19 23:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-29 15:48 - 2017-05-19 23:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-05-29 15:48 - 2017-05-19 23:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-29 15:48 - 2017-05-19 23:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-29 15:48 - 2017-05-19 23:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-29 15:48 - 2017-05-19 23:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-29 15:48 - 2017-05-19 23:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-05-29 15:48 - 2017-05-19 23:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-05-29 15:48 - 2017-05-19 23:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-29 15:48 - 2017-05-19 23:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-29 15:48 - 2017-05-19 23:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-05-29 15:48 - 2017-05-19 23:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-05-29 15:48 - 2017-05-19 23:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-05-29 15:48 - 2017-05-19 23:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-05-29 15:48 - 2017-05-19 23:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-29 15:48 - 2017-05-19 23:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-29 15:48 - 2017-05-19 23:04 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-05-29 15:48 - 2017-05-19 23:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-05-29 15:48 - 2017-05-19 23:03 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-05-29 15:48 - 2017-05-19 23:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-05-29 15:48 - 2017-05-19 23:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-29 15:48 - 2017-05-19 23:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-05-29 15:48 - 2017-05-19 23:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-05-29 15:48 - 2017-05-19 23:00 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-29 15:48 - 2017-05-19 23:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-29 15:48 - 2017-05-19 23:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-29 15:48 - 2017-05-19 22:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-29 15:48 - 2017-05-19 22:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-29 15:48 - 2017-05-19 22:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-05-29 15:48 - 2017-05-19 22:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-05-29 15:48 - 2017-05-19 22:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-29 15:48 - 2017-05-19 22:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-05-29 15:48 - 2017-05-19 22:57 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-29 15:48 - 2017-05-19 22:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-29 15:48 - 2017-05-19 22:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-29 15:48 - 2017-05-19 22:56 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-29 15:48 - 2017-05-19 22:56 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-29 15:48 - 2017-05-19 22:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-29 15:48 - 2017-05-19 22:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-05-29 15:48 - 2017-05-19 22:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-29 15:48 - 2017-05-19 22:55 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-29 15:48 - 2017-05-19 22:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 02651136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-29 15:48 - 2017-05-19 22:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-29 15:48 - 2017-05-19 22:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-29 15:48 - 2017-05-19 22:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-29 15:48 - 2017-05-19 22:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-05-29 15:48 - 2017-05-19 22:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-05-29 15:48 - 2017-05-19 22:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-05-29 15:48 - 2017-05-19 22:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-29 15:48 - 2017-05-19 22:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-29 15:48 - 2017-05-19 22:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-05-29 15:48 - 2017-05-19 22:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-05-29 15:48 - 2017-05-19 22:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-05-29 15:48 - 2017-05-19 22:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-05-28 06:44 - 2017-06-11 15:58 - 00000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-05-26 05:18 - 2017-05-26 05:18 - 00000918 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-05-25 16:31 - 2017-05-26 16:48 - 00000000 ____D C:\Users\cyber\Documents\New folder 69
2017-05-25 12:38 - 2017-05-25 12:39 - 00000000 ____D C:\Users\cyber\Documents\VERBATIM NOW
2017-05-25 10:42 - 2017-05-25 12:45 - 00000000 ____D C:\Users\cyber\Documents\VERBATIM SAVE
2017-05-23 07:04 - 2017-05-23 07:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\Event Viewer Tasks
2017-05-20 14:29 - 2017-05-20 14:29 - 00799126 _____ C:\Users\cyber\Desktop\video000000 (2).mp4
2017-05-20 07:42 - 2017-05-20 07:42 - 00000000 ____D C:\Users\cyber\AppData\Roaming\Google
2017-05-20 07:39 - 2017-06-09 07:16 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 15:24 - 2017-05-19 15:24 - 01964430 _____ C:\Users\cyber\AppData\Local\tmpIMG_0013.0
2017-05-18 12:08 - 2017-05-18 12:08 - 03102150 _____ C:\Users\cyber\Documents\qip2500userguide.pdf
2017-05-17 05:15 - 2017-06-05 05:55 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-05-16 17:56 - 2017-05-26 05:19 - 00000000 ____D C:\Users\cyber\Documents\My Filehippo Downloads
2017-05-16 06:43 - 2017-05-16 06:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-16 06:42 - 2017-05-16 06:43 - 00000000 ____D C:\Program Files\iTunes
2017-05-16 06:42 - 2017-05-16 06:42 - 00000000 ____D C:\Program Files\iPod
2017-05-13 18:47 - 2017-05-13 18:47 - 01722921 _____ C:\Users\cyber\AppData\Local\tmpIMG_2289.0

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-11 18:03 - 2017-04-08 08:42 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA1DAFDB-EB48-4904-97A2-507C085DC2CF}
2017-06-11 17:30 - 2017-04-08 08:12 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-11 17:23 - 2017-01-03 22:01 - 00000000 ____D C:\Users\cyber\AppData\LocalLow\Mozilla
2017-06-11 15:59 - 2017-01-09 12:39 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-11 15:58 - 2017-02-24 17:47 - 00000000 ____D C:\Program Files\RogueKiller
2017-06-11 15:58 - 2017-01-04 06:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-06-11 05:59 - 2017-02-04 23:48 - 00000000 ____D C:\Users\cyber\AppData\Roaming\vlc
2017-06-10 15:01 - 2017-01-03 20:50 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-10 15:00 - 2017-04-08 08:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-10 11:41 - 2017-03-18 04:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-09 18:09 - 2017-03-18 14:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-09 18:09 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-09 12:23 - 2017-01-03 20:20 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForcyber.job
2017-06-09 05:22 - 2017-01-04 06:40 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2017-06-09 05:22 - 2010-02-22 19:38 - 00000000 ____D C:\ProgramData\Temp
2017-06-09 04:51 - 2017-04-08 08:41 - 00003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForcyber
2017-06-08 21:27 - 2017-01-04 21:35 - 00000000 ____D C:\Users\cyber\AppData\Roaming\HpUpdate
2017-06-08 09:40 - 2017-04-08 08:17 - 00000000 ____D C:\Users\cyber
2017-06-08 07:22 - 2017-03-18 14:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-05 12:06 - 2017-01-03 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-05 05:56 - 2017-01-04 06:45 - 00000000 ____D C:\Users\cyber\Desktop\SECURITY
2017-06-04 08:23 - 2017-01-12 11:28 - 00000000 ____D C:\Users\cyber\Documents\New folder
2017-06-01 09:23 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-31 06:28 - 2017-01-04 06:41 - 00000258 __RSH C:\ProgramData\ntuser.pol
2017-05-30 18:48 - 2017-01-04 09:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-30 17:58 - 2017-01-03 20:51 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-30 15:49 - 2017-01-03 20:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-29 15:56 - 2017-01-04 21:27 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-29 15:53 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-29 15:51 - 2017-03-18 13:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-29 14:55 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-29 05:40 - 2017-01-03 21:01 - 00000000 ____D C:\Users\cyber\AppData\Local\Windows Live
2017-05-26 05:24 - 2017-01-04 08:44 - 00000000 ____D C:\Users\cyber\AppData\Local\CrashDumps
2017-05-24 11:18 - 2017-03-18 19:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-24 11:18 - 2017-01-09 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 05:35 - 2017-01-03 21:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 05:33 - 2017-01-03 21:21 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-20 07:39 - 2017-01-03 21:54 - 00000000 ____D C:\Users\cyber\AppData\Local\Google
2017-05-20 07:38 - 2017-01-03 21:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-18 07:02 - 2017-01-04 21:27 - 00000000 ____D C:\Users\cyber\AppData\Local\Packages
2017-05-17 05:45 - 2017-04-08 08:41 - 01049120 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-16 19:06 - 2017-02-01 21:08 - 00000000 ____D C:\Program Files\MyDefrag v4.3.1

==================== Files in the root of some directories =======

2017-01-04 11:34 - 2017-04-05 17:19 - 0009216 _____ () C:\Users\cyber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-09 16:48 - 2017-01-09 16:48 - 0000017 _____ () C:\Users\cyber\AppData\Local\resmon.resmoncfg
2017-05-19 15:24 - 2017-05-19 15:24 - 1964430 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0013.0
2017-05-19 15:24 - 2017-05-19 15:24 - 0720616 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0013.JPG
2017-05-02 20:20 - 2017-05-02 20:20 - 2070671 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0446.0
2017-05-02 20:20 - 2017-05-02 20:20 - 0700450 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0446.JPG
2017-05-02 20:21 - 2017-05-02 20:21 - 1991227 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0463.0
2017-05-02 20:21 - 2017-05-02 20:21 - 0714361 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0463.JPG
2017-05-03 07:53 - 2017-05-03 07:53 - 2578507 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1655.0
2017-05-03 07:53 - 2017-05-03 07:53 - 0998864 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1655.JPG
2017-05-13 18:47 - 2017-05-13 18:47 - 1722921 _____ () C:\Users\cyber\AppData\Local\tmpIMG_2289.0
2017-05-13 18:47 - 2017-05-13 18:47 - 0554494 _____ () C:\Users\cyber\AppData\Local\tmpIMG_2289.JPG
2017-03-07 19:07 - 2017-05-08 06:02 - 0093781 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.0
2017-03-07 19:07 - 2017-05-08 06:02 - 0043673 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.1
2017-03-07 19:07 - 2017-05-08 06:02 - 0043498 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.JPG
2017-02-24 06:18 - 2017-02-24 06:18 - 2587802 _____ () C:\Users\cyber\AppData\Local\tmpPHOTO 2.JPG

Some files in TEMP:
====================
2017-06-11 15:59 - 2017-03-18 13:57 - 1930320 _____ (Microsoft Corporation) C:\Users\cyber\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-07 09:29

==================== End of FRST.txt ============================
 
I don't see much there.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Mb3 found nothing
# AdwCleaner v6.047 - Logfile created 12/06/2017 at 05:34:44
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-10.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : cyber - CYBER-PC
# Running from : C:\Users\cyber\Desktop\SECURITY\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****

[-] [C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1326 Bytes] - [14/02/2017 13:32:54]
C:\AdwCleaner\AdwCleaner[C2].txt - [1472 Bytes] - [27/02/2017 12:40:52]
C:\AdwCleaner\AdwCleaner[C3].txt - [1618 Bytes] - [03/03/2017 12:26:13]
C:\AdwCleaner\AdwCleaner[C4].txt - [1764 Bytes] - [07/03/2017 11:49:05]
C:\AdwCleaner\AdwCleaner[C5].txt - [1909 Bytes] - [11/03/2017 12:52:46]
C:\AdwCleaner\AdwCleaner[C6].txt - [2056 Bytes] - [15/03/2017 05:48:06]
C:\AdwCleaner\AdwCleaner[C7].txt - [2202 Bytes] - [23/03/2017 11:50:55]
C:\AdwCleaner\AdwCleaner[C8].txt - [2230 Bytes] - [15/04/2017 07:34:05]
C:\AdwCleaner\AdwCleaner[C9].txt - [1567 Bytes] - [12/06/2017 05:34:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [1416 Bytes] - [14/02/2017 13:32:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [1562 Bytes] - [27/02/2017 12:40:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [1708 Bytes] - [03/03/2017 12:26:02]
C:\AdwCleaner\AdwCleaner[S3].txt - [1854 Bytes] - [07/03/2017 11:48:46]
C:\AdwCleaner\AdwCleaner[S4].txt - [1999 Bytes] - [11/03/2017 12:52:32]
C:\AdwCleaner\AdwCleaner[S5].txt - [2146 Bytes] - [15/03/2017 05:47:49]
C:\AdwCleaner\AdwCleaner[S6].txt - [2292 Bytes] - [23/03/2017 11:50:45]
C:\AdwCleaner\AdwCleaner[S7].txt - [2329 Bytes] - [15/04/2017 07:33:41]
C:\AdwCleaner\AdwCleaner[S8].txt - [2319 Bytes] - [11/05/2017 07:31:29]
C:\AdwCleaner\AdwCleaner[S9].txt - [2777 Bytes] - [12/06/2017 05:34:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C9].txt - [2370 Bytes] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by cyber (Administrator) on Mon 06/12/2017 at 5:41:15.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/12/2017 at 5:44:12.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
I will recheck setting & clean the optical things on the mouse again & if that don't fix it, I'll go to Windows forum, thank you Broni :)
 
You must log in or register to reply here.

Similar threads

zohaibahd
This mouse ditches traditional batteries for supercapacitors, promises 5-minute charging
Replies
19
Views
763
Marco Mint
M
Shawn Knight
Razer launches $160 Viper V3 Pro gaming mouse with 8,000 Hz polling rate
Replies
7
Views
854
Puiu
Puiu
S
New "Big Brother" tools make it easier for employers to catch workers faking computer activity
Replies
8
Views
519
redgarl
R

Latest posts

Back