Jump to content

SirPorthos

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Apologies for my late reply. I was busy with school, which took longer than expected. Nevertheless, I did the aforementioned and Here is the Export Summary. My theory is that it wasn't an infection, as much as a dump file for de-fragmentation IDs (damn you Defraggler) which got accidentally shift-deleted by an oh-so-oblivious me, leading to MalwareBytes thinking it was under some sort of malware induced digi-coma. Nevertheless, thanks a lot, Kevin and MalwareBytes support team. You saved me a lot of money and a lot of headache. Running the free version of MalwareBytes but will definitely get the Premium later on. Export Summary.txt
  2. Operation Success. I am able to get into my system again. Thanks a lot. Here is the fixlog. Before i post it though, can I ask, what went wrong? For future references. Fix result of Farbar Recovery Scan Tool (x64) Version: 21-10-2017 Ran by SYSTEM (23-10-2017 15:22:16) Run:1 Running from g:\ Boot Mode: Recovery ============================================== fixlist content: ***************** Start S3 Origin Client Service; "E:\Origin\OriginClientService.exe" [X] S2 Origin Web Helper Service; "E:\Origin\OriginWebHelperService.exe" [X] S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-16] () C:\Windows\System32\Drivers\mbamswissarmy.sys S3 gdrv; \??\C:\Windows\gdrv.sys [X] end ***************** HKLM\System\ControlSet001\Services\Origin Client Service => key removed successfully Origin Client Service => service removed successfully HKLM\System\ControlSet001\Services\Origin Web Helper Service => key removed successfully Origin Web Helper Service => service removed successfully HKLM\System\ControlSet001\Services\MBAMSwissArmy => key removed successfully MBAMSwissArmy => service removed successfully C:\Windows\System32\Drivers\mbamswissarmy.sys => moved successfully HKLM\System\ControlSet001\Services\gdrv => key removed successfully gdrv => service removed successfully d => Error: No automatic fix found for this entry. ==== End of Fixlog 15:22:16 ====
  3. Also, There should be only Drive C, D and E. Idk where the extra 0.11 GB drive came from or what Drive X is. Hitting "Disable Driver Enforcement" takes me to the System Repair and doesn't start windows.
  4. Right. Here is the content of the FRST txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2017 Ran by SYSTEM on MININT-22EBKQO (23-10-2017 15:04:29) Running from G:\ Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-26] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16293496 2016-09-29] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-06-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-06] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-09-04] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-07-31] (Adobe Systems Inc.) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-12] (Adobe Systems Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-22] (Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-08-09] () S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-04-19] (Digital Wave Ltd.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2289856 2017-07-03] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-10-11] (EasyAntiCheat Ltd) S2 GoogleInputService; C:\Program Files (x86)\Google\Google Input Tools\GoogleInputService.exe [164312 2017-03-31] (Google Inc) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-26] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-21] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-06] (Intel Corporation) S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-09-29] (Logitech Inc.) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-20] (Malwarebytes) S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-14] () S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-17] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-17] (NVIDIA Corporation) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-21] (NVIDIA Corporation) S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-17] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-16] (Overwolf LTD) S3 RaySat2016Server; C:\Program Files\Autodesk\mrsat3.13.1-maya2016\bin\raysat2016server.exe [106240 2015-05-26] (NVIDIA ARC GmbH) S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672208 2017-02-02] (Wacom Technology, Corp.) S3 Origin Client Service; "E:\Origin\OriginClientService.exe" [X] S2 Origin Web Helper Service; "E:\Origin\OriginWebHelperService.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-15] (Disc Soft Ltd) S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-15] (Disc Soft Ltd) S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-13] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-13] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-10] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-10] () S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-07-29] (Intel Corporation) S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-09-29] (Logitech Inc.) S0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-16] () S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-28] (Intel Corporation) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-24] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-24] (Microsoft Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-17] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation) S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [119952 2017-01-25] (Wacom Technology) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-15] (MBB) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-23 15:04 - 2017-10-23 15:04 - 000000000 ____D C:\FRST 2017-10-22 09:12 - 2017-10-22 09:13 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\Guild Wars 2 2017-10-21 09:04 - 2017-10-21 09:04 - 000006472 _____ C:\Users\Rakshith\Downloads\SOS_mod_list.html 2017-10-16 06:28 - 2017-10-16 06:28 - 000252232 _____ C:\Windows\System32\Drivers\mbamswissarmy.sys 2017-10-13 03:49 - 2017-10-13 03:49 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\BANDISOFT 2017-10-13 00:04 - 2017-10-13 06:12 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\Wargaming.net 2017-10-12 04:19 - 2017-10-12 04:19 - 000000000 ____D C:\Users\Rakshith\AppData\Local\CrashReportClient 2017-10-12 00:59 - 2017-10-12 00:59 - 000000000 ____D C:\Users\Rakshith\AppData\Local\UnrealEngine 2017-10-12 00:59 - 2017-10-12 00:59 - 000000000 ____D C:\Users\Rakshith\AppData\Local\Squad 2017-10-12 00:58 - 2017-10-12 00:58 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\EasyAntiCheat 2017-10-12 00:57 - 2017-10-11 23:02 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2017-10-11 22:59 - 2017-10-11 22:59 - 000053704 _____ C:\Users\Rakshith\Documents\Purchase of Squad.pdf 2017-10-11 13:32 - 2017-10-11 13:33 - 126925120 ____C (Microsoft Corporation) C:\Windows\System32\MRT-KB890830.exe 2017-10-10 18:21 - 2017-09-13 07:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi 2017-10-10 18:21 - 2017-09-13 07:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2017-10-10 18:21 - 2017-09-13 07:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi 2017-10-10 18:21 - 2017-09-13 07:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2017-10-10 18:21 - 2017-09-13 07:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2017-10-10 18:21 - 2017-09-13 07:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\System32\wlansec.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\System32\wlanapi.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll 2017-10-10 18:21 - 2017-09-13 07:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-10-10 18:21 - 2017-09-13 07:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-10-10 18:21 - 2017-09-13 07:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-10-10 18:21 - 2017-09-13 07:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 07:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys 2017-10-10 18:21 - 2017-09-13 07:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe 2017-10-10 18:21 - 2017-09-13 07:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe 2017-10-10 18:21 - 2017-09-13 07:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys 2017-10-10 18:21 - 2017-09-13 07:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe 2017-10-10 18:21 - 2017-09-13 06:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe 2017-10-10 18:21 - 2017-09-13 06:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe 2017-10-10 18:21 - 2017-09-13 06:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys 2017-10-10 18:21 - 2017-09-13 06:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys 2017-10-10 18:21 - 2017-09-13 06:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys 2017-10-10 18:21 - 2017-09-13 06:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe 2017-10-10 18:21 - 2017-09-13 06:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe 2017-10-10 18:21 - 2017-09-13 06:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-10-10 18:21 - 2017-09-13 06:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-10-10 18:21 - 2017-09-13 06:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-10-10 18:21 - 2017-09-13 06:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-10-10 18:21 - 2017-09-13 06:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-10-10 18:21 - 2017-09-08 16:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2017-10-10 18:21 - 2017-09-08 15:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-10-10 18:21 - 2017-09-08 07:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2017-10-10 18:21 - 2017-09-08 07:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\System32\Query.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\System32\mssphtb.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\System32\t2embed.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\System32\mssitlb.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\System32\mssprxy.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll 2017-10-10 18:21 - 2017-09-08 07:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\System32\msshooks.dll 2017-10-10 18:21 - 2017-09-08 07:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe 2017-10-10 18:21 - 2017-09-08 07:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe 2017-10-10 18:21 - 2017-09-08 07:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe 2017-10-10 18:21 - 2017-09-08 07:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-10-10 18:21 - 2017-09-08 07:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-10-10 18:21 - 2017-09-08 07:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-10-10 18:21 - 2017-09-08 07:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-10-10 18:21 - 2017-09-08 07:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-10-10 18:21 - 2017-09-08 07:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2017-10-10 18:21 - 2017-09-08 07:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-10-10 18:21 - 2017-09-08 07:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-10-10 18:21 - 2017-09-08 06:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-10-10 18:21 - 2017-09-08 06:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-10-10 18:21 - 2017-09-08 06:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2017-10-10 18:21 - 2017-09-08 06:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-10-10 18:21 - 2017-09-08 06:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2017-10-10 18:21 - 2017-09-07 13:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2017-10-10 18:21 - 2017-09-07 13:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2017-10-10 18:21 - 2017-09-07 13:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2017-10-10 18:21 - 2017-09-07 13:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec 2017-10-10 18:21 - 2017-09-07 13:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2017-10-10 18:21 - 2017-09-07 13:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2017-10-10 18:21 - 2017-09-07 13:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2017-10-10 18:21 - 2017-09-07 13:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2017-10-10 18:21 - 2017-09-07 13:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2017-10-10 18:21 - 2017-09-07 13:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2017-10-10 18:21 - 2017-09-07 13:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2017-10-10 18:21 - 2017-09-07 13:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2017-10-10 18:21 - 2017-09-07 13:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2017-10-10 18:21 - 2017-09-07 13:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2017-10-10 18:21 - 2017-09-07 13:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2017-10-10 18:21 - 2017-09-07 13:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2017-10-10 18:21 - 2017-09-07 12:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2017-10-10 18:21 - 2017-09-07 12:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2017-10-10 18:21 - 2017-09-07 12:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2017-10-10 18:21 - 2017-09-07 12:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2017-10-10 18:21 - 2017-09-07 12:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2017-10-10 18:21 - 2017-09-07 12:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll 2017-10-10 18:21 - 2017-09-07 12:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2017-10-10 18:21 - 2017-09-07 12:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2017-10-10 18:21 - 2017-09-07 12:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2017-10-10 18:21 - 2017-09-07 12:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll 2017-10-10 18:21 - 2017-09-07 12:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2017-10-10 18:21 - 2017-09-07 12:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2017-10-10 18:21 - 2017-09-07 12:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2017-10-10 18:21 - 2017-09-07 12:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2017-10-10 18:21 - 2017-09-07 12:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2017-10-10 18:21 - 2017-09-07 11:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2017-10-10 18:21 - 2017-09-07 11:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2017-10-10 18:21 - 2017-09-07 11:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-10-10 18:21 - 2017-09-07 11:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2017-10-10 18:21 - 2017-09-07 11:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2017-10-10 18:21 - 2017-09-07 11:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-10-10 18:21 - 2017-09-07 11:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-10-10 18:21 - 2017-09-07 11:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-10-10 18:21 - 2017-09-07 11:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-10-10 18:21 - 2017-09-07 11:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-10-10 18:21 - 2017-09-07 11:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-10-10 18:21 - 2017-09-07 11:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-10-10 18:21 - 2017-09-07 11:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-10-10 18:21 - 2017-09-07 11:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-10-10 18:21 - 2017-09-07 10:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-10-10 18:21 - 2017-09-07 10:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-10-10 18:21 - 2017-09-07 10:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-10-10 18:21 - 2017-09-07 10:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-10-10 18:21 - 2017-09-07 10:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-10-10 18:21 - 2017-09-07 10:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-10-10 18:21 - 2017-09-07 10:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-10-10 18:21 - 2017-09-07 10:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-10-10 18:21 - 2017-09-07 10:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-10-10 18:21 - 2017-09-07 10:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-10-10 18:21 - 2017-09-07 10:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-10-10 18:21 - 2017-09-07 10:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-10-10 18:21 - 2017-09-07 10:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-10-10 18:21 - 2017-09-07 10:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-10-10 18:21 - 2017-09-07 10:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-10-10 18:21 - 2017-09-07 10:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-10-10 18:21 - 2017-09-07 10:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-10-10 18:21 - 2017-09-07 10:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-10-10 18:21 - 2017-09-07 10:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-10-10 18:21 - 2017-09-07 09:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-10-10 18:21 - 2017-09-07 09:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-10-10 18:21 - 2017-09-07 07:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\System32\themeui.dll 2017-10-10 18:21 - 2017-09-07 07:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2017-10-10 18:21 - 2017-09-07 06:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys 2017-10-10 18:21 - 2017-09-07 06:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys 2017-10-10 18:21 - 2017-09-07 06:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys 2017-10-10 18:21 - 2017-08-19 07:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll 2017-10-10 18:21 - 2017-08-19 07:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll 2017-10-10 18:21 - 2017-08-19 07:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\System32\mferror.dll 2017-10-10 18:21 - 2017-08-19 07:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-10-10 18:21 - 2017-08-19 07:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2017-10-10 18:21 - 2017-08-19 07:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2017-10-10 18:21 - 2017-08-19 07:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\System32\rrinstaller.exe 2017-10-10 18:21 - 2017-08-19 07:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\System32\mfpmp.exe 2017-10-10 18:21 - 2017-08-19 06:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2017-10-10 18:21 - 2017-08-19 06:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2017-10-10 18:21 - 2017-08-14 09:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2017-10-10 18:21 - 2017-08-14 09:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2017-10-10 18:21 - 2017-08-14 09:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\System32\icaapi.dll 2017-10-10 18:21 - 2017-08-13 13:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys 2017-10-07 10:48 - 2017-10-07 10:48 - 000000026 _____ C:\Users\Rakshith\Documents\Smash user and pass.txt 2017-10-04 13:12 - 2017-10-04 13:12 - 105689072 _____ C:\Users\Rakshith\Downloads\Nuke9.0v1.pdf 2017-10-04 13:12 - 2017-10-04 13:12 - 004195133 _____ C:\Users\Rakshith\Downloads\Sillhouette.pdf 2017-10-04 09:41 - 2017-10-04 09:41 - 000009561 _____ C:\Users\Rakshith\Documents\Security - Ubisoft Account Management.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-22 15:09 - 2017-08-09 11:15 - 000000000 ____D C:\Users\Rakshith\AppData\Local\Arma 3 Launcher 2017-10-22 14:41 - 2016-12-15 03:11 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\qBittorrent 2017-10-22 14:39 - 2016-12-15 05:44 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\TS3Client 2017-10-22 14:26 - 2009-07-13 20:45 - 000022032 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-10-22 14:26 - 2009-07-13 20:45 - 000022032 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-10-22 13:57 - 2017-07-28 12:08 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\discord 2017-10-22 12:30 - 2016-12-15 02:19 - 000000000 ____D C:\Users\Rakshith\AppData\Local\Adobe 2017-10-22 11:30 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf 2017-10-22 09:16 - 2016-12-15 05:37 - 000000000 ____D C:\Users\Rakshith\Desktop\Games 2017-10-22 08:01 - 2017-08-09 11:19 - 000000000 ____D C:\Users\Rakshith\AppData\Local\Arma 3 2017-10-22 03:46 - 2016-12-16 08:23 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\vlc 2017-10-22 03:42 - 2016-12-15 02:19 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-10-22 03:42 - 2016-12-15 02:19 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-22 03:42 - 2016-12-15 02:19 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-10-22 03:42 - 2016-12-15 02:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-10-22 03:42 - 2016-12-15 02:19 - 000000000 ____D C:\Windows\System32\Macromed 2017-10-19 05:45 - 2016-12-15 02:20 - 000000000 ____D C:\Program Files (x86)\Overwolf 2017-10-19 05:11 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\System32\NDF 2017-10-18 12:55 - 2016-12-15 02:13 - 000000000 ____D C:\Users\Rakshith\AppData\Roaming\Telegram Desktop 2017-10-16 07:07 - 2017-07-01 08:06 - 000000000 ____D C:\Users\Rakshith\AppData\Local\CrashDumps 2017-10-16 06:28 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-10-13 05:17 - 2017-07-01 04:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-10-13 05:17 - 2016-12-15 01:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-13 03:49 - 2017-01-22 10:10 - 000000000 ____D C:\Users\Rakshith\Documents\Bandicam 2017-10-11 14:30 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\rescache 2017-10-11 13:59 - 2009-07-13 21:13 - 000783606 _____ C:\Windows\System32\PerfStringBackup.INI 2017-10-11 13:53 - 2009-07-13 20:45 - 005376936 _____ C:\Windows\System32\FNTCACHE.DAT 2017-10-11 13:35 - 2016-12-16 04:58 - 000000000 ____D C:\Windows\System32\MRT 2017-10-11 13:32 - 2016-12-16 04:58 - 126925120 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2017-10-11 13:31 - 2016-12-12 10:13 - 000775728 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-10-08 05:04 - 2017-09-16 15:23 - 000000000 ____D C:\Users\Rakshith\.junique 2017-10-07 17:35 - 2017-08-13 05:55 - 000077440 _____ C:\Windows\System32\Drivers\mbae64.sys 2017-10-07 11:34 - 2017-07-30 06:51 - 000000000 ____D C:\Users\Rakshith\AppData\Local\Overwolf 2017-09-30 19:52 - 2016-12-15 03:23 - 000000000 ____D C:\Program Files\CCleaner Some files in TEMP: ==================== 2017-10-22 09:12 - 2017-10-22 09:12 - 032880296 _____ (ArenaNet) C:\Users\Rakshith\AppData\Local\Temp\Gw2.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2017-09-13 05:20] - [2017-08-10 22:35] - 000512000 _____ (Microsoft Corporation) 3F1A199859B4F3F8357B2A0AF5666A54 C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 7% Total physical RAM: 16320.43 MB Available physical RAM: 15171.07 MB Total Virtual: 16318.63 MB Available Virtual: 15173.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:122.8 GB) (Free:24.8 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS Drive e: (Rak's personal) (Fixed) (Total:210.98 GB) (Free:26.6 GB) NTFS Drive f: (Movies and Setups) (Fixed) (Total:131.53 GB) (Free:28.23 GB) NTFS Drive g: (Oct 23 2017) (CDROM) (Total:4.38 GB) (Free:4.2 GB) UDF Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A89590B9) Partition 1: (Active) - (Size=122.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=211 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=131.5 GB) - (Type=07 NTFS) LastRegBack: 2017-10-19 11:14 ==================== End of FRST.txt ============================
  5. Update: I basically used another computer to format and use a CD as a flashdrive and FRST is working. Please standby.
  6. The flash drive is still not showing up. It is showing up in the BIOS, just not in the System. I have no idea why.
  7. Before I begin, I am running a Windows 7 Professional 64-bit OS. I was clearing out some stuff in my D drive (drive without the system files) and I happened upon an (innocuous) User folder. Thinking it was from Origin, I deleted it (it was about 6 GB) and now, my computer is in a bootloop. The boot critical error at the bottom of the error log was from a certain mbamswissarmy.sys. Since I remember that "mbam" was malwarebytes, here I am. Can someone please help me?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.