mkhoo1972
Members-
Posts
12 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by mkhoo1972
-
Malwarebytes Threatscan Won't Run
mkhoo1972 replied to mkhoo1972's topic in Malwarebytes for Windows Support Forum
Something else I've noticed: I can't turn on Real-Time Web Protection. When I try to turn it on, it just stays "Starting," but never switches to "On." -
Malwarebytes Threatscan Won't Run
mkhoo1972 posted a topic in Malwarebytes for Windows Support Forum
Hello, I've just installed Malwarebytes 3.0.5 and tried to run the Threatscan. However, after completing Pre-Scan Operations, the scan simply ends without actually scanning anything (ITEMS SCANNED = 0). Also, the report says "RESULT: Cancelled." Any advice is greatly appreciated! M -
Malicious Website Blocked -- svchost.exe
mkhoo1972 replied to mkhoo1972's topic in Resolved Malware Removal Logs
Thanks, MrC. I will give this a try. Does this mean, however, that I don't actually have a malware infection to worry about? We have had Verizon for several months now, but the website blocking messages only just started in the past few days. Anyway -- thanks again! -
Malicious Website Blocked -- svchost.exe
mkhoo1972 replied to mkhoo1972's topic in Resolved Malware Removal Logs
I am on a router. The model number is FiOS-G1100. Thanks again -
Malicious Website Blocked -- svchost.exe
mkhoo1972 replied to mkhoo1972's topic in Resolved Malware Removal Logs
Thanks, MrC. I am on Verizon. The Malwarebytes log is posted below. * * * * * Malwarebytes Anti-Malwarewww.malwarebytes.org Detection, 9/12/2015 12:52 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57971, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 12:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61832, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 12:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59723, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50109, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50516, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:52 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53426, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:54 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56630, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50151, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63108, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:59 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51347, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49264, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64473, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63044, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64587, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56394, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 2:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61069, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51818, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57370, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62541, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 3:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58307, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:06 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49273, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:07 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59681, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:09 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58217, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:11 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58581, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62921, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:17 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54592, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:19 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57287, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:20 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53813, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:35 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60105, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52820, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62014, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:40 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58923, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:47 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53378, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54183, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 4:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50176, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:24 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59533, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:25 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62248, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:27 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56879, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:29 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50095, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:29 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59552, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:31 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62871, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:32 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51275, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:35 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49831, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60756, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61054, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57684, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:48 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54319, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51010, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61475, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60005, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49835, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 5:58 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60719, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53834, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:18 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61724, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:20 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52732, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52844, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:47 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 63138, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60405, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58616, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:55 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64863, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:57 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64476, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 6:58 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 65051, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:27 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 55077, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:28 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59859, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:30 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 65409, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:32 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62296, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64260, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:36 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51478, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:39 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53593, Outbound, C:\Windows\System32\svchost.exe, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Remediation Database, 2015.8.28.2, 2015.9.11.1, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, AKA Domain Database, 2015.9.10.9, 2015.9.11.2, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, AKA IP Database, 2015.9.10.2, 2015.9.11.2, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, IP Database, 2015.9.11.4, 2015.9.11.5, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Domain Database, 2015.9.11.6, 2015.9.12.4, Update, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Malware Database, 2015.9.11.5, 2015.9.12.2, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Refresh, Starting, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Stopping, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Stopped, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Refresh, Success, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Starting, Protection, 9/12/2015 8:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, Started, Detection, 9/12/2015 8:42 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57353, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:42 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57353, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56181, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:49 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62308, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50426, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:56 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59644, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 8:59 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 59322, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:02 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54170, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:05 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 64207, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:08 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51566, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:11 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62503, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:15 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52831, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:18 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 52211, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:21 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62103, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:25 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51187, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:28 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54300, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:31 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57329, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 50243, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:37 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58664, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:41 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 62722, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 9:44 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51675, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:33 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49643, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:34 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 58423, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:36 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 51582, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:38 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 54078, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:40 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 61955, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:43 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 49982, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:46 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57603, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:50 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 53766, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:51 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60363, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 10:53 AM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 60070, Outbound, C:\Windows\System32\svchost.exe, Update, 9/12/2015 11:27 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 11:52 AM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 12:32 PM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Update, 9/12/2015 1:11 PM, SYSTEM, MICHAELKHOO-PC, Scheduler, Failed, Unable to access update server, Detection, 9/12/2015 1:12 PM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 57059, Outbound, C:\Windows\System32\svchost.exe, Detection, 9/12/2015 1:13 PM, SYSTEM, MICHAELKHOO-PC, Protection, Malicious Website Protection, IP, 92.242.140.21, 56544, Outbound, C:\Windows\System32\svchost.exe, (end) -
Hello, I seem to be infected with malware. Thank you in advance for your help! I have already downloaded and run the Farbar Recovery Scan Tool. The log is below and attached. I also attached "Addition.txt." It is not pasted below due to the length of the post. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01Ran by Michael Khoo (administrator) on MICHAELKHOO-PC (12-09-2015 09:08:27)Running from C:\Users\Michael Khoo\DownloadsLoaded Profiles: Michael Khoo (Available Profiles: Michael Khoo)Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(O2Micro International) C:\Windows\System32\o2flash.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe(Microsoft Corporation) C:\Windows\System32\wisptis.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7469568 2012-01-18] (Dell Inc.)HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371024 2013-03-05] (Wave Systems Corp.)HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-01-20] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-28] (Tonec Inc.)HKU\S-1-5-18\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HHKU\S-1-5-18\...\RunOnce: [{90140000-00A1-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HHKU\S-1-5-18\...\RunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HLsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dllShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)ShellIconOverlayIdentifiers: [uninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-08]ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-11-29]ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-21]ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-08]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-08]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)Startup: C:\Users\Michael Khoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-16]ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{7C89128C-0E3F-4C9E-BCA4-2533EF67A68A}: [DhcpNameServer] 192.168.1.1 Internet Explorer:==================HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-4075723963-3655926743-1875676542-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\S-1-5-21-4075723963-3655926743-1875676542-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nytimes.com/SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> DefaultScope {6C601ECC-A13C-4920-98E9-F1CFC1ACE9DB} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US978D20150203&p={searchTerms}SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {6C601ECC-A13C-4920-98E9-F1CFC1ACE9DB} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US978D20150203&p={searchTerms}SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {C8D06D80-738C-4C35-9591-8E4B98820AA0} URL = SearchScopes: HKU\S-1-5-21-4075723963-3655926743-1875676542-1001 -> {F30BAECB-E381-4C38-B2DC-73B83B1BAAD9} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)DPF: HKLM-x32 {A16CE6E3-6BA2-4CD6-8AFA-135D06BCB8BE} hxxps://relativity.evidenceexchange.com/Relativity/ActiveX/webclientmanager.cabDPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://vpn.jenner.com/dana-cached/sc/JuniperSetupClient.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.) FireFox:========FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-12-14] (Citrix Systems, Inc.)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-03]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-08]FF HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc3FF Extension: IDM CC - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc3 [2014-10-19]FF HKU\S-1-5-21-4075723963-3655926743-1875676542-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc5FF Extension: IDM CC - C:\Users\Michael Khoo\AppData\Roaming\IDM\idmmzcc5 [2015-09-12] Chrome: =======CHR HomePage: Default -> hxxp://www.google.com/CHR StartupUrls: Default -> "hxxp://www.google.com/"CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US978D20150203&p={searchTerms}CHR DefaultSearchKeyword: Default -> mcafeeCHR Profile: C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-29]CHR Extension: (SiteAdvisor) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-03]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]CHR Extension: (IDM Integration Module) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-05]CHR Extension: (Chrome Web Store Payments) - C:\Users\Michael Khoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-11]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-28]CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-28] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] ()R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-02] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed]R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed]S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-08] (Microsoft Corporation)R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6157312 2012-01-18] (Dell Inc.) [File not signed]S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-11-08] (Broadcom Corporation.)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)S3 dsNcAdpt; C:\Windows\System32\DRIVERS\dsNcAdpt.sys [36816 2014-06-07] (Juniper Networks) [File not signed]S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-12] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-02] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-12 09:08 - 2015-09-12 09:09 - 00032360 _____ C:\Users\Michael Khoo\Downloads\FRST.txt2015-09-12 09:07 - 2015-09-12 09:08 - 00000000 ____D C:\FRST2015-09-12 09:07 - 2015-09-12 09:07 - 02190848 _____ (Farbar) C:\Users\Michael Khoo\Downloads\FRST64.exe2015-09-12 08:32 - 2015-09-12 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2015-09-11 18:22 - 2015-09-12 09:08 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA2015-09-08 19:18 - 2015-08-17 21:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-09-08 19:18 - 2015-08-17 21:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-09-08 19:18 - 2015-08-15 02:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-09-08 19:18 - 2015-08-15 02:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-09-08 19:18 - 2015-08-15 02:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-09-08 19:18 - 2015-08-15 02:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-09-08 19:18 - 2015-08-15 02:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-09-08 19:18 - 2015-08-15 02:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-09-08 19:18 - 2015-08-15 02:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-09-08 19:18 - 2015-08-15 02:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-09-08 19:18 - 2015-08-15 02:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-09-08 19:18 - 2015-08-15 02:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-09-08 19:18 - 2015-08-15 02:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-09-08 19:18 - 2015-08-15 02:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-09-08 19:18 - 2015-08-15 02:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-09-08 19:18 - 2015-08-15 02:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-09-08 19:18 - 2015-08-15 02:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-09-08 19:18 - 2015-08-15 02:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-09-08 19:18 - 2015-08-15 01:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-09-08 19:18 - 2015-08-15 01:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-09-08 19:18 - 2015-08-15 01:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-09-08 19:18 - 2015-08-15 01:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-09-08 19:18 - 2015-08-15 01:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-09-08 19:18 - 2015-08-15 01:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-09-08 19:18 - 2015-08-15 01:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-09-08 19:18 - 2015-08-15 01:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-09-08 19:18 - 2015-08-15 01:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-09-08 19:18 - 2015-08-15 01:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-09-08 19:18 - 2015-08-15 01:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-09-08 19:18 - 2015-08-15 01:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-09-08 19:18 - 2015-08-15 01:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-09-08 19:18 - 2015-08-15 01:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-09-08 19:18 - 2015-08-15 01:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-09-08 19:18 - 2015-08-15 01:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-09-08 19:18 - 2015-08-15 01:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-09-08 19:18 - 2015-08-15 01:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-09-08 19:18 - 2015-08-15 01:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-09-08 19:18 - 2015-08-15 01:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-09-08 19:18 - 2015-08-15 01:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-09-08 19:18 - 2015-08-15 01:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-09-08 19:18 - 2015-08-15 01:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-09-08 19:18 - 2015-08-15 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-09-08 19:18 - 2015-08-15 01:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-09-08 19:18 - 2015-08-15 01:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-09-08 19:18 - 2015-08-15 01:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-09-08 19:18 - 2015-08-15 01:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-09-08 19:18 - 2015-08-15 01:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-09-08 19:18 - 2015-08-15 01:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-09-08 19:18 - 2015-08-15 01:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-09-08 19:18 - 2015-08-15 01:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-09-08 19:18 - 2015-08-15 01:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-09-08 19:18 - 2015-08-15 00:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-09-08 19:18 - 2015-08-15 00:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-09-08 19:18 - 2015-08-15 00:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-09-08 19:18 - 2015-08-15 00:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-09-08 19:18 - 2015-08-15 00:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-09-08 19:18 - 2015-08-05 13:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2015-09-08 19:18 - 2015-08-05 13:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll2015-09-08 19:18 - 2015-08-05 13:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll2015-09-08 19:18 - 2015-08-05 13:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll2015-09-08 19:18 - 2015-07-14 23:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2015-09-08 19:18 - 2015-07-14 22:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2015-09-08 19:18 - 2015-07-09 13:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll2015-09-08 19:18 - 2015-07-09 13:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll2015-09-08 19:18 - 2015-07-09 13:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll2015-09-08 19:18 - 2015-07-09 13:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2015-09-08 19:17 - 2015-09-01 23:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-09-08 19:17 - 2015-09-01 22:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2015-09-08 19:17 - 2015-09-01 22:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2015-09-08 19:17 - 2015-09-01 21:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-09-08 19:17 - 2015-09-01 21:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-09-08 19:17 - 2015-09-01 21:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-09-08 19:17 - 2015-08-27 14:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2015-09-08 19:17 - 2015-08-27 14:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2015-09-08 19:17 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2015-09-08 19:17 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2015-09-08 19:17 - 2015-08-27 13:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2015-09-08 19:17 - 2015-08-27 13:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2015-09-08 19:17 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2015-09-08 19:17 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2015-09-08 19:17 - 2015-08-26 14:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-09-08 19:17 - 2015-08-26 14:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2015-09-08 19:17 - 2015-08-26 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2015-09-08 19:17 - 2015-08-26 14:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-09-08 19:17 - 2015-08-26 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll2015-09-08 19:17 - 2015-08-26 14:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-09-08 19:17 - 2015-08-26 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-09-08 19:17 - 2015-08-26 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2015-09-08 19:17 - 2015-08-26 13:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-09-08 19:17 - 2015-08-04 14:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2015-09-08 19:17 - 2015-08-04 14:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2015-09-08 19:17 - 2015-08-04 13:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll2015-09-08 19:17 - 2015-08-04 13:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-09-08 19:17 - 2015-08-04 13:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-09-08 19:17 - 2015-08-04 13:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe2015-09-08 19:17 - 2015-08-04 13:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe2015-09-08 19:17 - 2015-08-04 13:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-09-08 19:17 - 2015-08-04 12:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys2015-09-08 19:17 - 2015-07-22 20:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-09-08 19:17 - 2015-07-22 20:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-09-08 19:17 - 2015-07-22 20:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-09-08 19:17 - 2015-07-22 20:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2015-09-08 19:17 - 2015-07-22 20:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2015-09-08 19:17 - 2015-07-22 20:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-09-08 19:17 - 2015-07-22 20:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-09-08 19:17 - 2015-07-22 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-09-08 19:17 - 2015-07-22 20:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2015-09-08 19:17 - 2015-07-22 20:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2015-09-08 19:17 - 2015-07-22 20:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-09-08 19:17 - 2015-07-22 20:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-09-08 19:17 - 2015-07-22 19:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-09-08 19:17 - 2015-07-22 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 19:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-09-08 19:17 - 2015-07-22 13:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-09-08 19:17 - 2015-07-22 13:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-09-08 19:17 - 2015-07-22 13:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-09-08 19:17 - 2015-07-22 13:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2015-09-08 19:17 - 2015-07-22 13:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-09-08 19:17 - 2015-07-22 13:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-09-08 19:17 - 2015-07-22 13:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2015-09-08 19:17 - 2015-07-22 13:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2015-09-08 19:17 - 2015-07-22 13:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-09-08 19:17 - 2015-07-22 13:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll2015-09-08 19:17 - 2015-07-22 12:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2015-09-08 19:17 - 2015-07-22 12:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2015-09-08 19:17 - 2015-07-22 12:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2015-09-08 19:17 - 2015-07-22 12:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2015-09-08 19:17 - 2015-07-22 12:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2015-09-08 19:17 - 2015-07-22 12:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-09-08 19:17 - 2015-07-22 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-09-08 19:17 - 2015-06-25 06:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2015-09-08 19:17 - 2015-06-25 06:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2015-09-08 19:17 - 2015-06-25 06:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2015-09-08 19:17 - 2015-06-25 05:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2015-09-04 22:14 - 2015-09-04 22:14 - 15493922 _____ C:\Users\Michael Khoo\Downloads\michelle-b-sample-4-hd.wmv2015-08-29 14:12 - 2015-08-29 14:12 - 00000662 _____ C:\Users\Michael Khoo\Downloads\MC_623_CURRENT_VIEW.CSV2015-08-28 08:36 - 2015-06-11 22:00 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys2015-08-13 03:19 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-08-13 03:19 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-12 09:01 - 2013-11-08 01:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-09-12 08:57 - 2013-11-29 11:34 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-09-12 08:48 - 2013-11-08 01:16 - 01155499 _____ C:\Windows\WindowsUpdate.log2015-09-12 08:41 - 2014-12-29 09:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-09-12 08:35 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-09-12 08:35 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-09-12 08:29 - 2013-11-29 11:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-09-11 08:59 - 2009-07-14 01:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI2015-09-11 08:55 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-09-11 08:55 - 2009-07-14 00:51 - 00051792 _____ C:\Windows\setupact.log2015-09-11 08:54 - 2013-12-30 10:05 - 00000000 ____D C:\Users\Michael Khoo\AppData\Roaming\DMCache2015-09-11 08:53 - 2013-11-29 17:04 - 00000000 ____D C:\Users\Michael Khoo\Documents\Finance2015-09-10 22:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache2015-09-10 09:30 - 2014-04-20 20:00 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8914996A-B233-479E-BB80-DF5ED1F46FB1}2015-09-09 03:19 - 2009-07-14 00:45 - 00341616 _____ C:\Windows\system32\FNTCACHE.DAT2015-09-09 03:17 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal2015-09-09 03:17 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions2015-09-09 03:14 - 2013-11-16 16:21 - 00000000 ____D C:\ProgramData\Microsoft Help2015-09-09 03:13 - 2014-01-01 09:38 - 00000000 ____D C:\Windows\system32\MRT2015-09-08 20:20 - 2013-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\McAfee2015-09-08 20:20 - 2010-11-20 23:47 - 00293906 _____ C:\Windows\PFRO.log2015-09-08 07:38 - 2015-07-29 01:38 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon2015-09-04 08:31 - 2015-01-03 15:40 - 00000258 __RSH C:\ProgramData\ntuser.pol2015-09-03 20:17 - 2013-11-29 11:35 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-08-31 08:22 - 2014-10-19 00:00 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager2015-08-31 08:20 - 2014-10-19 00:01 - 00000000 ____D C:\Users\Michael Khoo\AppData\Roaming\IDM2015-08-29 12:52 - 2013-11-29 11:34 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-08-29 12:52 - 2013-11-29 11:34 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-08-29 11:42 - 2013-12-27 14:07 - 00000000 ___HD C:\Users\Michael Khoo\dnlds2015-08-29 07:37 - 2013-11-08 01:41 - 00000000 ____D C:\Program Files\Common Files\mcafee2015-08-26 18:37 - 2014-01-01 09:38 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-08-13 11:03 - 2013-11-08 01:41 - 00000000 ____D C:\ProgramData\McAfee2015-08-13 03:39 - 2014-07-21 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight2015-08-13 03:39 - 2014-07-21 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight2015-08-13 03:38 - 2015-04-16 03:28 - 00000000 ____D C:\Windows\system32\appraiser2015-08-13 03:38 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel2015-08-13 03:19 - 2014-07-21 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight ==================== Files in the root of some directories ======= 2013-11-29 10:26 - 2015-07-05 22:02 - 0002236 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP:====================C:\Users\Michael Khoo\AppData\Local\Temp\5rprigbw.dllC:\Users\Michael Khoo\AppData\Local\Temp\Quarantine.exeC:\Users\Michael Khoo\AppData\Local\Temp\sqlite3.dllC:\Users\Michael Khoo\AppData\Local\Temp\uh9vnuqy.dllC:\Users\Michael Khoo\AppData\Local\Temp\_Riva FLV Player.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-11 00:43 ==================== End of FRST.txt ============================Addition.txt FRST.txt
-
MrC., I ran SecurityCheck. It returned the following results: Results of screen317's Security Check version 0.99.93 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Reader XI Google Chrome (39.0.2171.71) Google Chrome (39.0.2171.95) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` Let me know if there's anything further to do. Thanks for all your detailed help! M.