Jump to content

mkhoo1972

Members
  • Posts

    12
  • Joined

  • Last visited

Everything posted by mkhoo1972

  1. Something else I've noticed: I can't turn on Real-Time Web Protection. When I try to turn it on, it just stays "Starting," but never switches to "On."
  2. Hello, I've just installed Malwarebytes 3.0.5 and tried to run the Threatscan. However, after completing Pre-Scan Operations, the scan simply ends without actually scanning anything (ITEMS SCANNED = 0). Also, the report says "RESULT: Cancelled." Any advice is greatly appreciated! M
  3. Thanks, MrC. I will give this a try. Does this mean, however, that I don't actually have a malware infection to worry about? We have had Verizon for several months now, but the website blocking messages only just started in the past few days. Anyway -- thanks again!
  4. I am on a router. The model number is FiOS-G1100. Thanks again
  5. Thanks, MrC. I am on Verizon. The Malwarebytes log is posted below. * * * * * Malwarebytes Anti-Malwarewww.malwarebytes.org Detection, 9/12/2015 12:52 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57971, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 12:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61832, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 12:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59723, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50109, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50516, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:52 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53426, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:54 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56630, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50151, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63108, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:59 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51347, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49264, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64473, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63044, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64587, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56394, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61069, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51818, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57370, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62541, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58307, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:06 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49273, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:07 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59681, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:09 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58217, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:11 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58581, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62921, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:17 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54592, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:19 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57287, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:20 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53813, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:35 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60105, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52820, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62014, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:40 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58923, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:47 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53378, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54183, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50176, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:24 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59533, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:25 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62248, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:27 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56879, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:29 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50095, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:29 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59552, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:31 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62871, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:32 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51275, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:35 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49831, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60756, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61054, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57684, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54319, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51010, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61475, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60005, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49835, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:58 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60719, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53834, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:18 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61724, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:20 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52732, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52844, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:47 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63138, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60405, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58616, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64863, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64476, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:58 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 65051, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:27 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 55077, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:28 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59859, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:30 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 65409, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:32 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62296, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64260, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:36 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51478, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:39 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53593, Outbound, C:\Windows\System32\svchost.exe, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Remediation Database, 2015.8.28.2, 2015.9.11.1, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, AKA Domain Database, 2015.9.10.9, 2015.9.11.2, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, AKA IP Database, 2015.9.10.2, 2015.9.11.2, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, IP Database, 2015.9.11.4, 2015.9.11.5, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Domain Database, 2015.9.11.6, 2015.9.12.4, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Malware Database, 2015.9.11.5, 2015.9.12.2, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Refresh, Starting, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Stopping, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Stopped, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Refresh, Success, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Starting, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Started, Detection, 9/12/2015 8:42 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57353, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:42 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57353, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56181, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62308, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50426, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:56 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59644, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:59 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59322, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:02 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54170, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:05 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64207, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:08 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51566, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:11 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62503, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52831, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:18 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52211, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:21 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62103, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:25 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51187, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:28 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54300, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:31 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57329, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50243, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58664, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62722, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:44 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51675, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:33 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49643, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58423, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:36 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51582, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54078, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:40 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61955, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:43 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49982, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57603, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53766, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60363, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60070, Outbound, C:\Windows\System32\svchost.exe, Update, 9/12/2015 11:27 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 11:52 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 12:32 PM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 1:11 PM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Detection, 9/12/2015 1:12 PM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57059, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:13 PM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56544, Outbound, C:\Windows\System32\svchost.exe, (end)
  6. Hello, I seem to be infected with malware. Thank you in advance for your help! I have already downloaded and run the Farbar Recovery Scan Tool. The log is below and attached. I also attached "Addition.txt." It is not pasted below due to the length of the post. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01Ran by Michael Khoo (administrator) on MICHAELKHOO-PC (12-09-2015 09:08:27)Running from C:\Users\Michael Khoo\DownloadsLoaded Profiles: Michael Khoo (Available Profiles: Michael Khoo)Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(O2Micro International) C:\Windows\System32\o2flash.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7469568 2012-01-18] (Dell Inc.)HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371024 2013-03-05] (Wave Systems Corp.)HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-28] (Tonec Inc.)HKU\S-1-5-18\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HHKU\S-1-5-18\...\RunOnce: [{90140000-00A1-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HHKU\S-1-5-18\...\RunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HLsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)ShellIconOverlayIdentifiers: [uninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-08]ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-29]ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-21]ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-08]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-08]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)Startup: C:\Users\Michael Khoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-16]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{7C89128C-0E3F-4C9E-BCA4-2533EF67A68A}: [DhcpNameServer] 192.168.1.1 Internet Explorer:==================HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-4075723963-3655926743-1875676542-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\S-1-5-21-4075723963-3655926743-1875676542-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nytimes.com/SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> DefaultScope {6C601ECC-A13C-4920-98E9-F1CFC1ACE9DB} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US978D20150203&p={searchTerms}SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {6C601ECC-A13C-4920-98E9-F1CFC1ACE9DB} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US978D20150203&p={searchTerms}SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {C8D06D80-738C-4C35-9591-8E4B98820AA0} URL = SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {F30BAECB-E381-4C38-B2DC-73B83B1BAAD9} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)DPF: HKLM-x32 {A16CE6E3-6BA2-4CD6-8AFA-135D06BCB8BE} hxxps://relativity.evidenceexchange.com/Relativity/ActiveX/webclientmanager.cabDPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://vpn.jenner.com/dana-cached/sc/JuniperSetupClient.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) FireFox:========FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-12-14] (Citrix Systems, Inc.)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-03]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-08]FF HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc3FF Extension: IDM CC - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc3 [2014-10-19]FF HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc5FF Extension: IDM CC - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc5 [2015-09-12] Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR StartupUrls: Default -> "hxxp://www.google.com/"CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US978D20150203&p={searchTerms}CHR DefaultSearchKeyword: Default -> mcafeeCHR Profile: C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]CHR Extension: (SiteAdvisor) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-03]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]CHR Extension: (IDM Integration Module) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-05]CHR Extension: (Chrome Web Store Payments) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-11]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-28]CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] ()R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-02] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed]R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed]S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-08] (Microsoft Corporation)R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6157312 2012-01-18] (Dell Inc.) [File not signed]S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-11-08] (Broadcom Corporation.)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)S3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [36816 2014-06-07] (Juniper Networks) [File not signed]S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-12] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-02] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-12 09:08 - 2015-09-12 09:09 - 00032360 _____ C:\Users\Michael Khoo\Downloads\FRST.txt2015-09-12 09:07 - 2015-09-12 09:08 - 00000000 ____D C:\FRST2015-09-12 09:07 - 2015-09-12 09:07 - 02190848 _____ (Farbar) C:\Users\Michael Khoo\Downloads\FRST64.exe2015-09-12 08:32 - 2015-09-12 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2015-09-11 18:22 - 2015-09-12 09:08 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA2015-09-08 19:18 - 2015-08-17 21:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-09-08 19:18 - 2015-08-17 21:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-09-08 19:18 - 2015-08-15 02:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-09-08 19:18 - 2015-08-15 02:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-09-08 19:18 - 2015-08-15 02:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-09-08 19:18 - 2015-08-15 02:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-09-08 19:18 - 2015-08-15 02:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-09-08 19:18 - 2015-08-15 02:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-09-08 19:18 - 2015-08-15 02:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-09-08 19:18 - 2015-08-15 02:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-09-08 19:18 - 2015-08-15 02:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-09-08 19:18 - 2015-08-15 02:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-09-08 19:18 - 2015-08-15 02:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-09-08 19:18 - 2015-08-15 02:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-09-08 19:18 - 2015-08-15 02:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-09-08 19:18 - 2015-08-15 02:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-09-08 19:18 - 2015-08-15 02:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-09-08 19:18 - 2015-08-15 01:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-09-08 19:18 - 2015-08-15 01:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-09-08 19:18 - 2015-08-15 01:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-09-08 19:18 - 2015-08-15 01:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-09-08 19:18 - 2015-08-15 01:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-09-08 19:18 - 2015-08-15 01:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-09-08 19:18 - 2015-08-15 01:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-09-08 19:18 - 2015-08-15 01:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-09-08 19:18 - 2015-08-15 01:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-09-08 19:18 - 2015-08-15 01:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-09-08 19:18 - 2015-08-15 01:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-09-08 19:18 - 2015-08-15 01:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-09-08 19:18 - 2015-08-15 01:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-09-08 19:18 - 2015-08-15 01:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-09-08 19:18 - 2015-08-15 01:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-09-08 19:18 - 2015-08-15 01:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-09-08 19:18 - 2015-08-15 01:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-09-08 19:18 - 2015-08-15 01:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-09-08 19:18 - 2015-08-15 01:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-09-08 19:18 - 2015-08-15 01:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-09-08 19:18 - 2015-08-15 01:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-09-08 19:18 - 2015-08-15 01:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-09-08 19:18 - 2015-08-15 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-09-08 19:18 - 2015-08-15 01:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-09-08 19:18 - 2015-08-15 01:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-09-08 19:18 - 2015-08-15 01:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-09-08 19:18 - 2015-08-15 01:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-09-08 19:18 - 2015-08-15 01:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-09-08 19:18 - 2015-08-15 01:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-09-08 19:18 - 2015-08-15 01:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-09-08 19:18 - 2015-08-15 01:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-09-08 19:18 - 2015-08-15 01:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-09-08 19:18 - 2015-08-15 00:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-09-08 19:18 - 2015-08-15 00:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-09-08 19:18 - 2015-08-15 00:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-09-08 19:18 - 2015-08-15 00:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-09-08 19:18 - 2015-08-15 00:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-09-08 19:18 - 2015-08-05 13:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2015-09-08 19:18 - 2015-08-05 13:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll2015-09-08 19:18 - 2015-08-05 13:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll2015-09-08 19:18 - 2015-08-05 13:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll2015-09-08 19:18 - 2015-07-14 23:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2015-09-08 19:18 - 2015-07-14 22:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2015-09-08 19:18 - 2015-07-09 13:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll2015-09-08 19:18 - 2015-07-09 13:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll2015-09-08 19:18 - 2015-07-09 13:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll2015-09-08 19:18 - 2015-07-09 13:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-09-08 19:17 - 2015-09-01 22:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-09-08 19:17 - 2015-09-01 21:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-09-08 19:17 - 2015-09-01 21:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-09-08 19:17 - 2015-09-01 21:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-09-08 19:17 - 2015-08-27 14:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2015-09-08 19:17 - 2015-08-27 14:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2015-09-08 19:17 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2015-09-08 19:17 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2015-09-08 19:17 - 2015-08-27 13:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2015-09-08 19:17 - 2015-08-27 13:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2015-09-08 19:17 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2015-09-08 19:17 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2015-09-08 19:17 - 2015-08-26 14:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-09-08 19:17 - 2015-08-26 14:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-09-08 19:17 - 2015-08-26 14:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-09-08 19:17 - 2015-08-26 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-09-08 19:17 - 2015-08-26 14:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-09-08 19:17 - 2015-08-26 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-09-08 19:17 - 2015-08-26 13:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-09-08 19:17 - 2015-08-04 14:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2015-09-08 19:17 - 2015-08-04 14:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2015-09-08 19:17 - 2015-08-04 13:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll2015-09-08 19:17 - 2015-08-04 13:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-09-08 19:17 - 2015-08-04 13:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-09-08 19:17 - 2015-08-04 13:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2015-09-08 19:17 - 2015-08-04 13:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2015-09-08 19:17 - 2015-08-04 13:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-09-08 19:17 - 2015-08-04 12:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2015-09-08 19:17 - 2015-07-22 20:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-09-08 19:17 - 2015-07-22 20:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-09-08 19:17 - 2015-07-22 20:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-09-08 19:17 - 2015-07-22 20:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-09-08 19:17 - 2015-07-22 20:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-09-08 19:17 - 2015-07-22 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2015-09-08 19:17 - 2015-07-22 20:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2015-09-08 19:17 - 2015-07-22 20:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-09-08 19:17 - 2015-07-22 20:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-09-08 19:17 - 2015-07-22 19:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-09-08 19:17 - 2015-07-22 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-09-08 19:17 - 2015-07-22 13:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-09-08 19:17 - 2015-07-22 13:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-09-08 19:17 - 2015-07-22 13:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2015-09-08 19:17 - 2015-07-22 13:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-09-08 19:17 - 2015-07-22 13:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2015-09-08 19:17 - 2015-07-22 13:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2015-09-08 19:17 - 2015-07-22 13:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-09-08 19:17 - 2015-07-22 13:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll2015-09-08 19:17 - 2015-07-22 12:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2015-09-08 19:17 - 2015-07-22 12:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2015-09-08 19:17 - 2015-07-22 12:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2015-09-08 19:17 - 2015-07-22 12:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2015-09-08 19:17 - 2015-07-22 12:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2015-09-08 19:17 - 2015-07-22 12:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-09-08 19:17 - 2015-06-25 06:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2015-09-08 19:17 - 2015-06-25 06:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2015-09-08 19:17 - 2015-06-25 06:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2015-09-08 19:17 - 2015-06-25 05:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2015-09-04 22:14 - 2015-09-04 22:14 - 15493922 _____ C:\Users\Michael Khoo\Downloads\michelle-b-sample-4-hd.wmv2015-08-29 14:12 - 2015-08-29 14:12 - 00000662 _____ C:\Users\Michael Khoo\Downloads\MC_623_CURRENT_VIEW.CSV2015-08-28 08:36 - 2015-06-11 22:00 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys2015-08-13 03:19 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-08-13 03:19 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-12 09:01 - 2013-11-08 01:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-09-12 08:57 - 2013-11-29 11:34 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-09-12 08:48 - 2013-11-08 01:16 - 01155499 _____ C:\Windows\WindowsUpdate.log2015-09-12 08:41 - 2014-12-29 09:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-09-12 08:35 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-09-12 08:35 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-09-12 08:29 - 2013-11-29 11:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-09-11 08:59 - 2009-07-14 01:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI2015-09-11 08:55 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-09-11 08:55 - 2009-07-14 00:51 - 00051792 _____ C:\Windows\setupact.log2015-09-11 08:54 - 2013-12-30 10:05 - 00000000 ____D C:\Users\Michael Khoo\AppData\Roaming\DMCache2015-09-11 08:53 - 2013-11-29 17:04 - 00000000 ____D C:\Users\Michael Khoo\Documents\Finance2015-09-10 22:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache2015-09-10 09:30 - 2014-04-20 20:00 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8914996A-B233-479E-BB80-DF5ED1F46FB1}2015-09-09 03:19 - 2009-07-14 00:45 - 00341616 _____ C:\Windows\system32\FNTCACHE.DAT2015-09-09 03:17 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal2015-09-09 03:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions2015-09-09 03:14 - 2013-11-16 16:21 - 00000000 ____D C:\ProgramData\Microsoft Help2015-09-09 03:13 - 2014-01-01 09:38 - 00000000 ____D C:\Windows\system32\MRT2015-09-08 20:20 - 2013-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\McAfee2015-09-08 20:20 - 2010-11-20 23:47 - 00293906 _____ C:\Windows\PFRO.log2015-09-08 07:38 - 2015-07-29 01:38 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon2015-09-04 08:31 - 2015-01-03 15:40 - 00000258 __RSH C:\ProgramData\ntuser.pol2015-09-03 20:17 - 2013-11-29 11:35 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-08-31 08:22 - 2014-10-19 00:00 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager2015-08-31 08:20 - 2014-10-19 00:01 - 00000000 ____D C:\Users\Michael Khoo\AppData\Roaming\IDM2015-08-29 12:52 - 2013-11-29 11:34 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-08-29 12:52 - 2013-11-29 11:34 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-08-29 11:42 - 2013-12-27 14:07 - 00000000 ___HD C:\Users\Michael Khoo\dnlds2015-08-29 07:37 - 2013-11-08 01:41 - 00000000 ____D C:\Program Files\Common Files\mcafee2015-08-26 18:37 - 2014-01-01 09:38 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-08-13 11:03 - 2013-11-08 01:41 - 00000000 ____D C:\ProgramData\McAfee2015-08-13 03:39 - 2014-07-21 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight2015-08-13 03:39 - 2014-07-21 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2015-08-13 03:38 - 2015-04-16 03:28 - 00000000 ____D C:\Windows\system32\appraiser2015-08-13 03:38 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel2015-08-13 03:19 - 2014-07-21 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight ==================== Files in the root of some directories ======= 2013-11-29 10:26 - 2015-07-05 22:02 - 0002236 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP:====================C:\Users\Michael Khoo\AppData\Local\Temp\5rprigbw.dllC:\Users\Michael Khoo\AppData\Local\Temp\Quarantine.exeC:\Users\Michael Khoo\AppData\Local\Temp\sqlite3.dllC:\Users\Michael Khoo\AppData\Local\Temp\uh9vnuqy.dllC:\Users\Michael Khoo\AppData\Local\Temp\_Riva FLV Player.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-11 00:43 ==================== End of FRST.txt ============================Addition.txt FRST.txt
  7. Machine runs like new again -- very grateful for all your time and assistance!

  8. MrC., I ran SecurityCheck. It returned the following results: Results of screen317's Security Check version 0.99.93 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Reader XI Google Chrome (39.0.2171.71) Google Chrome (39.0.2171.95) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` Let me know if there's anything further to do. Thanks for all your detailed help! M.
  9. MrC., I have followed the above steps and am attaching the following logs: 1. AdwCleaner[s0].txt 2. JRT.txt I also ran a Malwarebytes Threat Scan and found no threats. Thanks for the help! M. AdwCleanerS0.txt JRT.txt
  10. MrC., Thanks very much! I've followed all of the steps above and am attaching the following files: 1. Fixlog.txt 2. ComboFix.txt Thanks again for all of your help. Fixlog.txt ComboFix.txt
  11. Thank you for the help. I ran MBAR and am attaching the logs. I also ran ESET, but it indicated there was no Poweliks virus present. I re-ran FRST and am attaching the log and addition files. mbar-log-2015-01-01 (16-51-45).txt system-log.txt FRST.txt Addition.txt
  12. Hello, Like others, I have the repeated "Malicious Website Blocked" message in connection with C:\Windows\SysWOW64\dllhost.exe. I downloaded and ran FRST and am attaching the FRST.txt and Addition.txt files. Thanks in advance! Michael FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.