Jump to content

Search the Community

Showing results for tags 'undetected'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 16 results

  1. Hi there I found this thread on google. I am another customer of cloudsouth and I had similar issues in past, So I hope my information may help you in fixing the problem. Two times my server has been infected by this virus. Both time I had to format all hard drives and re-install windows. both times I sent passwords in ticket to support and I believe the hacker stole the password from ticketing system. In event viewer I saw IP address from Russia logged to my server, The IP belonged to a VPN service provider. Probably the hacker hiding behind a VPN. on Nov-2017 the hacker logged into my server and installed the below malware. I believe this is the same hacker that install on OP server as well. He download the virus from below link http://baterky-noze.sk/cache/work.exe https://www.virustotal.com/#/file/2f41840b1780ab42d1b20036a7b6b04ea84e655013d67b98c215c24a4d4223cb/detection on May-2018 he logged into my server again and he installed this malware. He executed this application on my server but he forgot to fully remove it. I uploaded it to virus total. https://www.virustotal.com/#/file/d5e28c675d4f467cb1e917818480396e992ffd1515399b4eadd3adec4031d92e/detection I tried Avast, McAfee and AVG, All of them find and remove the virus but the virus will return the next day.
  2. Hello, for a while now I have problems with some miners . Idk if its worldwide or they are targeting just https://www.cloudsouth.com/ I have 20+ servers from them and most of them are with miners. I reinstalled the OS a few times and soon after the servers will become infected again. I think they are bruteforcing them. I started using 24 characters for passwords on newly reinstalled servers. Here's a report from malwarebytes. (attached below) Even if malwarebytes cleaned the system, and a new check will result in a "clean" pc, the virus is still there and its not being detected. If I open Task Manager , the virus will instantly pause itself and the pc/server will start working normally. A few minutes later the virus will close the task manager and it will start itself. The pc/server will start to lag hard as the virus is using 90% of cpu when its running. Doing a virus scan without opening task manager is impossible. It won't even start. the pc is lagging that hard. Updated windows defender won't pick it up either. In task manager is using some of the following names SHELLEXPERIENCEHOST1.EXE Windowsshellexperiencehost.exe Windowsshellexperiencehoste.exe Windowsshellexperiencehostp.exe Any idea how can I remove these pesky miners? I can provider access via RDP to some infected servers. NP Bitcoin miners report.txt
  3. Hello, I have been using my computer with out issues, and still without any performance ones. Although I have been experiencing lots of suspicious things on my pc happening, i don't know if they really are caused by malware but i would like to assume so. None of my scanners pick up anything they always come up clean, I use malwarebytes premium as well as the full version of superantispyware. And windows defender is enabled, windows 10. So what i have been encountering is an icon popping up very quickly and then disappearing on my taskbar. the icon doesn't show more than the blackbox and the blueline underneath before it disappears but will tab me out of a game etc. Also my taskbar and desktop icons flash/refresh randomly sometimes but only flash once. Also i started getting audio pops randomly but prob just headphones maybe. And the next one is my cursor, when it changes from hovering over text to something i can click it will sometimes glitch and bulge in size. I can also see a second text cursor pop up on the right side of the glitching cursor in some cases. I would be willing to send a video from my phone of it happening if needed. My pc runs fine though, but i do idle around 30% of memory used it could be the malware but I'm not sure. Just really looking for someone to tell me what they think and maybe help me fix the issues.
  4. Hello there, So I have this malware that makes a popup to a porn site after I open Firefox browser (or possibly the computer) then disappears. I check the task manager. The popup opens a logo just like Firefox however the image is not the same and looks different. You can tell by the image I uploaded. I found out its location in my Appdata/Roaming/ComObj/update.exe Then I found out its also running a service which i will mention the name of it later after I give my laptop a restart Besides that I am assuming its a trojan of a sort as its simply is just running while your working or whatever. I disabled however it runs everytime i start up the laptop again. Now I will simply say that not one single anti-virus software or anti malware has detected it. I am sharing a copy of the file. I am an IT dude however I have no expertise when getting rid of something that cant be detected but I always do know when I am infected... I am new so please, If I have done anything wrong or posted this in the wrong place I apologize from now... Besides that any help on the matter would be greatly appreciated! Ur man THE RAGING IT dude update.7z
  5. Hi. I was listening to the radio in the backround and heard an advert for a PC "cleaner". It had that typical robotic american woman voice explaining everything it had to offer, and that made me very suspicious. After going to the website, I was hit with even more suspicions about it. I then downloaded it, the installer looked fishy yet again but the EULA looked okay. After doing a (superfast) full scan, it stated I have 254 errors on my PC. Typical run-of-the-mill rouge cleaner, except this is sponsered on a radio station. MBAM did not detect it(not as PUP, not as a threat, nothing) and it fairly concerns me. I understand this may be a brand new rouge, but it is advertised on a radio usually older people listen to, making easy targets for the fake cleaner company. I will give full details if there is a secure way to give them to researchers(or whoever is responsible for discovering rouges)., like the Radio Station name, possibly a recording of the advert, the website, all the files and screenshots.
  6. Malwarebytes can't seem to detect the virus. Here is a screenshot of it in action It every so often changes urls too, I have also attached results of the farbar scans. This malware is extremely frustrating, any help would be appreciated. Much thanks in advance. Addition.txt FRST.txt
  7. Hi, I downloaded something yesterday which apparently had malware in it (I think the program was called FileFinder?). I gave the program permission to "make changes to my computer" (hard drive), because it said the publisher was "verified" so I assumed it was safe. I was then asked to give permission for something else, at which point I decided to come out of it. After that I started experiencing browser redirects, scam popups, hijacking of my browser startup pages etc. I deleted the thing I'd downloaded from my downloads folder. I then ran a quick scan with Windows Defender, which came back with no problems. I then ran a scan with Malwarebytes, which found 4 problems and quarantined them. However, I was still having the same problems as before. I downloaded a "second opinion scanner" called HitmanPro3 from CNET and scanned with that. It deleted some cookies, but didn't find any threats. I then backed up my files using my normal sync app (it was set to back up personal files + my Google Chrome folder.) During the backup, Windows Defender found a Trojan Horse in the Google Chrome folder (in ...User Data\Default\Cache), which was quarantined and removed. I then ran a full scan with Windows Defender, which found nothing. I decided to do a System Restore - I restored my system to a point the day before I downloaded the malware. After this, when I opened my browsers they started up as normal, rather than opening on an unwanted page. I thought the malware was gone - but later while I was browsing, I again got new tabs opening with the same pages I was seeing before. That's as far as I've got. Oh, also, I tried to start in Safe Mode with Networking, but when I did, my internet connection wasn't working, so I'm now just running in normal mode. I've scanned with the Farbar recovery scan tool. Here is the FRST.txt log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2016 Ran by Joanna (administrator) on JOANNAS-LAPTOP (21-09-2016 15:44:40) Running from C:\Users\Joanna\Downloads Loaded Profiles: Joanna (Available Profiles: Joanna) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Spotify Ltd) C:\Users\Joanna\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicatorCom.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2600279645-657507863-118530354-1001\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1332224 2016-09-07] (Microsoft Corporation) HKU\S-1-5-21-2600279645-657507863-118530354-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-2600279645-657507863-118530354-1001\...\Run: [Spotify Web Helper] => C:\Users\Joanna\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-12] (Spotify Ltd) HKU\S-1-5-21-2600279645-657507863-118530354-1001\...\MountPoints2: {1ca3dbbd-f69f-11e5-9d8d-806e6f6e6963} - "E:\Setup.Now.exe" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) Startup: C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6510 series (Network).lnk [2016-09-21] ShortcutTarget: Monitor Ink Alerts - HP Photosmart 6510 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{9b99d355-4fb1-48b4-a141-1b4ab407204a}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\c3o8wio5.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Joanna\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-07-15] (Cisco WebEx LLC) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.co.uk/ CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\PepperFlash\pepflashplayer.dll () CHR Profile: C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default [2016-09-21] CHR Extension: (Google Slides) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-31] CHR Extension: (Google Docs) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-31] CHR Extension: (Google Drive) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-31] CHR Extension: (Rapport) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-04-07] CHR Extension: (YouTube) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-31] CHR Extension: (Google Calendar) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-04-07] CHR Extension: (Google Sheets) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-31] CHR Extension: (Google Docs Offline) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01] CHR Extension: (AdBlock) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21] CHR Extension: (Google Keep - notes and lists) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-09-21] CHR Extension: (Cisco WebEx Extension) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2016-07-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Recent Bookmarks) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2016-04-01] CHR Extension: (Gmail) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-31] CHR Extension: (Chrome Media Router) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21] CHR Extension: (Donation Reminder) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfknkdmhngcjepkalkhgpmhpolandfp [2016-09-16] CHR HKU\S-1-5-21-2600279645-657507863-118530354-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-31] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-31] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-09-12] (IBM Corp.) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.) S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.) R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609053.sys [1181672 2016-09-21] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [567336 2016-09-12] (IBM Corp.) R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [236264 2016-09-12] (IBM Corp.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [490792 2016-09-12] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [548968 2016-09-12] (IBM Corp.) R3 SjtWinIo; C:\Windows\System32\drivers\SjtWinIo.sys [9216 2016-04-02] (SpeedJet Technology INC.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-21 15:44 - 2016-09-21 15:45 - 00017228 _____ C:\Users\Joanna\Downloads\FRST.txt 2016-09-21 15:44 - 2016-09-21 15:44 - 00000000 ____D C:\FRST 2016-09-21 15:25 - 2016-09-21 15:25 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2016-09-21 15:25 - 2016-09-21 15:25 - 00000000 ____D C:\Windows\pss 2016-09-21 14:29 - 2016-09-21 15:43 - 02402816 _____ (Farbar) C:\Users\Joanna\Downloads\FRST64.exe 2016-09-21 13:57 - 2016-09-21 13:57 - 00000000 ____D C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2016-09-21 13:54 - 2016-09-21 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-21 13:44 - 2016-09-21 13:44 - 00000000 ___HD C:\$WINDOWS.~BT 2016-09-21 10:28 - 2016-09-21 10:40 - 00000000 ____D C:\ProgramData\HitmanPro 2016-09-20 14:35 - 2016-09-21 13:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-09-20 14:35 - 2016-09-20 14:35 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-20 12:08 - 2016-09-20 12:08 - 00000000 ____D C:\ProgramData\Webitar Production Inc 2016-09-20 09:43 - 2016-09-20 09:43 - 00326840 _____ C:\Users\Joanna\Downloads\Job_Description.pdf 2016-09-20 02:15 - 2016-09-20 02:15 - 00042792 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DbxSvc.exe 2016-09-20 02:07 - 2016-09-20 02:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-stable.sys 2016-09-20 02:07 - 2016-09-20 02:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-dev.sys 2016-09-20 02:07 - 2016-09-20 02:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-canary.sys 2016-09-15 23:42 - 2016-09-15 23:42 - 07786449 _____ C:\Users\Joanna\Downloads\PF PIDD Rprt August14 WEB (1).pdf 2016-09-15 23:38 - 2016-09-15 23:38 - 01809662 _____ C:\Users\Joanna\Downloads\GWR Customer Charter Sept 15 web.pdf 2016-09-15 23:27 - 2016-09-15 23:28 - 07786449 _____ C:\Users\Joanna\Downloads\PF PIDD Rprt August14 WEB.pdf 2016-09-14 11:45 - 2016-09-07 06:39 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll 2016-09-14 11:45 - 2016-09-07 06:39 - 01098640 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2016-09-14 11:45 - 2016-09-07 06:26 - 02544256 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-09-14 11:45 - 2016-09-07 06:26 - 01299504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-09-14 11:45 - 2016-09-07 06:26 - 01152320 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2016-09-14 11:45 - 2016-09-07 06:26 - 00588320 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll 2016-09-14 11:45 - 2016-09-07 06:25 - 02607336 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2016-09-14 11:45 - 2016-09-07 06:23 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2016-09-14 11:45 - 2016-09-07 06:19 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-09-14 11:45 - 2016-09-07 05:48 - 22379520 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-09-14 11:45 - 2016-09-07 05:43 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2016-09-14 11:45 - 2016-09-07 05:39 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2016-09-14 11:45 - 2016-09-07 05:35 - 24611840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-09-14 11:45 - 2016-09-07 05:35 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-09-14 11:45 - 2016-09-07 05:32 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2016-09-14 11:45 - 2016-09-07 05:31 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-09-14 11:45 - 2016-09-07 05:31 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-09-14 11:45 - 2016-09-07 05:30 - 18676224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-09-14 11:45 - 2016-09-07 05:30 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-09-14 11:45 - 2016-09-07 05:30 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-09-14 11:45 - 2016-09-07 05:30 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-09-14 11:45 - 2016-09-07 05:29 - 19350016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-09-14 11:45 - 2016-09-07 05:28 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2016-09-14 11:45 - 2016-09-07 05:27 - 01743872 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2016-09-14 11:45 - 2016-09-07 05:27 - 00963072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2016-09-14 11:45 - 2016-09-07 05:26 - 13392384 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-09-14 11:45 - 2016-09-07 05:26 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-09-14 11:45 - 2016-09-07 05:26 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-09-14 11:45 - 2016-09-07 05:25 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-09-14 11:45 - 2016-09-07 05:25 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Pimstore.dll 2016-09-14 11:45 - 2016-09-07 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2016-09-14 11:45 - 2016-09-07 05:24 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-09-14 11:45 - 2016-09-07 05:23 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll 2016-09-14 11:45 - 2016-09-07 05:23 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2016-09-14 11:45 - 2016-09-07 05:22 - 12134400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-09-14 11:45 - 2016-09-07 05:21 - 03046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2016-09-14 11:45 - 2016-09-07 05:21 - 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2016-09-14 11:45 - 2016-09-07 05:20 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-09-14 11:45 - 2016-09-07 05:19 - 03663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-09-14 11:45 - 2016-09-07 05:19 - 02102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2016-09-14 11:45 - 2016-09-07 05:18 - 03577344 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2016-09-14 11:45 - 2016-09-07 05:18 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2016-09-14 11:45 - 2016-09-07 05:17 - 02285568 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 02911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 02217984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 01676800 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 01194496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll 2016-09-14 11:45 - 2016-09-07 05:16 - 01123328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2016-09-14 11:45 - 2016-09-07 05:15 - 07831552 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-09-14 11:45 - 2016-09-07 05:15 - 05659136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-09-14 11:45 - 2016-09-07 05:15 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2016-09-14 11:45 - 2016-09-07 05:15 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2016-09-14 11:45 - 2016-09-07 05:14 - 06743040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-09-14 11:45 - 2016-09-07 05:14 - 04895232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-09-14 11:45 - 2016-09-07 05:14 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2016-09-14 11:45 - 2016-09-07 05:13 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-09-14 11:45 - 2016-09-07 05:13 - 02874880 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2016-09-14 11:45 - 2016-09-07 05:11 - 03065344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-09-14 11:44 - 2016-09-07 06:39 - 00845568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2016-09-14 11:44 - 2016-09-07 06:39 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2016-09-14 11:44 - 2016-09-07 06:39 - 00620176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-09-14 11:44 - 2016-09-07 06:39 - 00277848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-09-14 11:44 - 2016-09-07 06:37 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2016-09-14 11:44 - 2016-09-07 06:34 - 02587696 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-09-14 11:44 - 2016-09-07 06:33 - 01297760 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2016-09-14 11:44 - 2016-09-07 06:33 - 00986976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2016-09-14 11:44 - 2016-09-07 06:33 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-09-14 11:44 - 2016-09-07 06:27 - 00538632 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2016-09-14 11:44 - 2016-09-07 06:27 - 00413536 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe 2016-09-14 11:44 - 2016-09-07 06:26 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-09-14 11:44 - 2016-09-07 06:26 - 00858952 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2016-09-14 11:44 - 2016-09-07 06:26 - 00847648 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-09-14 11:44 - 2016-09-07 06:26 - 00785088 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-09-14 11:44 - 2016-09-07 06:26 - 00586200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-09-14 11:44 - 2016-09-07 06:26 - 00245840 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-09-14 11:44 - 2016-09-07 06:25 - 01270064 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 03693064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 01349632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-09-14 11:44 - 2016-09-07 06:24 - 00511312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 00496360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll 2016-09-14 11:44 - 2016-09-07 06:24 - 00355672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2016-09-14 11:44 - 2016-09-07 06:23 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-09-14 11:44 - 2016-09-07 06:23 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-09-14 11:44 - 2016-09-07 06:23 - 06536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2016-09-14 11:44 - 2016-09-07 06:23 - 01603224 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2016-09-14 11:44 - 2016-09-07 06:23 - 01040792 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2016-09-14 11:44 - 2016-09-07 06:23 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2016-09-14 11:44 - 2016-09-07 06:22 - 02937384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-09-14 11:44 - 2016-09-07 06:22 - 01128096 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2016-09-14 11:44 - 2016-09-07 06:22 - 01085728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2016-09-14 11:44 - 2016-09-07 06:22 - 00604920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-09-14 11:44 - 2016-09-07 06:20 - 00569744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2016-09-14 11:44 - 2016-09-07 06:15 - 00911640 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2016-09-14 11:44 - 2016-09-07 06:12 - 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-09-14 11:44 - 2016-09-07 06:12 - 01174008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-09-14 11:44 - 2016-09-07 06:08 - 00116216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-09-14 11:44 - 2016-09-07 05:52 - 01035776 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll 2016-09-14 11:44 - 2016-09-07 05:52 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-09-14 11:44 - 2016-09-07 05:49 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2016-09-14 11:44 - 2016-09-07 05:48 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-09-14 11:44 - 2016-09-07 05:47 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2016-09-14 11:44 - 2016-09-07 05:46 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2016-09-14 11:44 - 2016-09-07 05:46 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-09-14 11:44 - 2016-09-07 05:44 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll 2016-09-14 11:44 - 2016-09-07 05:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2016-09-14 11:44 - 2016-09-07 05:42 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2016-09-14 11:44 - 2016-09-07 05:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\fwcfg.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll 2016-09-14 11:44 - 2016-09-07 05:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll 2016-09-14 11:44 - 2016-09-07 05:40 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\CheckNetIsolation.exe 2016-09-14 11:44 - 2016-09-07 05:39 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll 2016-09-14 11:44 - 2016-09-07 05:39 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll 2016-09-14 11:44 - 2016-09-07 05:38 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2016-09-14 11:44 - 2016-09-07 05:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\LegacyNetUXHost.exe 2016-09-14 11:44 - 2016-09-07 05:38 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe 2016-09-14 11:44 - 2016-09-07 05:38 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe 2016-09-14 11:44 - 2016-09-07 05:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2016-09-14 11:44 - 2016-09-07 05:37 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll 2016-09-14 11:44 - 2016-09-07 05:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe 2016-09-14 11:44 - 2016-09-07 05:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\authfwcfg.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll 2016-09-14 11:44 - 2016-09-07 05:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00814592 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00393216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp 2016-09-14 11:44 - 2016-09-07 05:35 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.ps.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll 2016-09-14 11:44 - 2016-09-07 05:35 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll 2016-09-14 11:44 - 2016-09-07 05:34 - 00952320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll 2016-09-14 11:44 - 2016-09-07 05:34 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-09-14 11:44 - 2016-09-07 05:34 - 00387072 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-09-14 11:44 - 2016-09-07 05:34 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2016-09-14 11:44 - 2016-09-07 05:34 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll 2016-09-14 11:44 - 2016-09-07 05:34 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll 2016-09-14 11:44 - 2016-09-07 05:33 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\SmartCardSimulator.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00643584 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2016-09-14 11:44 - 2016-09-07 05:32 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\das.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-09-14 11:44 - 2016-09-07 05:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll 2016-09-14 11:44 - 2016-09-07 05:32 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2016-09-14 11:44 - 2016-09-07 05:32 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00753664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2016-09-14 11:44 - 2016-09-07 05:31 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00435200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2016-09-14 11:44 - 2016-09-07 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-09-14 11:44 - 2016-09-07 05:31 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 02476032 _____ (Microsoft Corporation) C:\Windows\system32\MSAJApi.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 01707520 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 00904704 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 00436224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll 2016-09-14 11:44 - 2016-09-07 05:30 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-09-14 11:44 - 2016-09-07 05:29 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll 2016-09-14 11:44 - 2016-09-07 05:29 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00879616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2016-09-14 11:44 - 2016-09-07 05:28 - 00674816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc_ssp.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2016-09-14 11:44 - 2016-09-07 05:28 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2016-09-14 11:44 - 2016-09-07 05:28 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl 2016-09-14 11:44 - 2016-09-07 05:28 - 00284160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00708608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll 2016-09-14 11:44 - 2016-09-07 05:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-09-14 11:44 - 2016-09-07 05:26 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2016-09-14 11:44 - 2016-09-07 05:26 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncutil.dll 2016-09-14 11:44 - 2016-09-07 05:25 - 06312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2016-09-14 11:44 - 2016-09-07 05:25 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2016-09-14 11:44 - 2016-09-07 05:25 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2016-09-14 11:44 - 2016-09-07 05:25 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe 2016-09-14 11:44 - 2016-09-07 05:25 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2016-09-14 11:44 - 2016-09-07 05:24 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2016-09-14 11:44 - 2016-09-07 05:24 - 01276928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2016-09-14 11:44 - 2016-09-07 05:24 - 00785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2016-09-14 11:44 - 2016-09-07 05:23 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2016-09-14 11:44 - 2016-09-07 05:23 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-09-14 11:44 - 2016-09-07 05:23 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2016-09-14 11:44 - 2016-09-07 05:22 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-09-14 11:44 - 2016-09-07 05:22 - 02106368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2016-09-14 11:44 - 2016-09-07 05:21 - 02527232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2016-09-14 11:44 - 2016-09-07 05:21 - 01410560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2016-09-14 11:44 - 2016-09-07 05:20 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2016-09-14 11:44 - 2016-09-07 05:19 - 05325824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-09-14 11:44 - 2016-09-07 05:19 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-09-14 11:44 - 2016-09-07 05:19 - 01072128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2016-09-14 11:44 - 2016-09-07 05:19 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 07536640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 04826624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll 2016-09-14 11:44 - 2016-09-07 05:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll 2016-09-14 11:44 - 2016-09-07 05:17 - 03459584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2016-09-14 11:44 - 2016-09-07 05:17 - 02679808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2016-09-14 11:44 - 2016-09-07 05:17 - 02175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-09-14 11:44 - 2016-09-07 05:17 - 01526784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll 2016-09-14 11:44 - 2016-09-07 05:17 - 01502208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-09-14 11:44 - 2016-09-07 05:16 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-09-14 11:44 - 2016-09-07 05:16 - 02361856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll 2016-09-14 11:44 - 2016-09-07 05:16 - 02155008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-09-14 11:44 - 2016-09-07 05:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll 2016-09-14 11:44 - 2016-09-07 05:16 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2016-09-14 11:44 - 2016-09-07 05:15 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 01626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 00835072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2016-09-14 11:44 - 2016-09-07 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 03078656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 02573824 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 02553856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 02177024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 01708032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2016-09-14 11:44 - 2016-09-07 05:14 - 01487872 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2016-09-14 11:44 - 2016-09-07 05:12 - 02180096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2016-09-14 11:44 - 2016-09-07 05:11 - 03053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-09-14 11:44 - 2016-09-07 05:10 - 01035776 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2016-09-14 11:44 - 2016-09-07 05:10 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2016-09-14 11:44 - 2016-09-05 01:37 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml 2016-09-14 11:43 - 2016-09-07 06:39 - 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-09-14 11:43 - 2016-09-07 06:39 - 01238584 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe 2016-09-14 11:43 - 2016-09-07 06:39 - 01142560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-09-14 11:43 - 2016-09-07 06:39 - 01030408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-09-14 11:43 - 2016-09-07 06:39 - 00875480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-09-14 11:43 - 2016-09-07 06:39 - 00799568 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00705576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00601744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00414232 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00337328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00328520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll 2016-09-14 11:43 - 2016-09-07 06:39 - 00175120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-09-14 11:43 - 2016-09-07 06:37 - 00129888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-09-14 11:43 - 2016-09-07 06:36 - 00528736 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2016-09-14 11:43 - 2016-09-07 06:36 - 00405856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-09-14 11:43 - 2016-09-07 06:35 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-09-14 11:43 - 2016-09-07 06:35 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2016-09-14 11:43 - 2016-09-07 06:35 - 00523616 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2016-09-14 11:43 - 2016-09-07 06:33 - 02026736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2016-09-14 11:43 - 2016-09-07 06:26 - 01554152 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-09-14 11:43 - 2016-09-07 06:26 - 00693592 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-09-14 11:43 - 2016-09-07 06:26 - 00439136 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2016-09-14 11:43 - 2016-09-07 06:26 - 00131424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufxsynopsys.sys 2016-09-14 11:43 - 2016-09-07 06:25 - 01447776 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2016-09-14 11:43 - 2016-09-07 06:25 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 02180128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 01118200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 00925064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 00709176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 00652312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-09-14 11:43 - 2016-09-07 06:24 - 00451928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-09-14 11:43 - 2016-09-07 06:22 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-09-14 11:43 - 2016-09-07 06:22 - 00359256 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-09-14 11:43 - 2016-09-07 06:21 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-09-14 11:43 - 2016-09-07 06:21 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-09-14 11:43 - 2016-09-07 06:20 - 01355336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2016-09-14 11:43 - 2016-09-07 06:16 - 02773088 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2016-09-14 11:43 - 2016-09-07 06:16 - 02548936 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-09-14 11:43 - 2016-09-07 06:16 - 02144512 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2016-09-14 11:43 - 2016-09-07 06:16 - 01988448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-09-14 11:43 - 2016-09-07 06:15 - 01415200 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-09-14 11:43 - 2016-09-07 06:15 - 00550656 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll 2016-09-14 11:43 - 2016-09-07 06:13 - 01865584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2016-09-14 11:43 - 2016-09-07 06:12 - 01522152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-09-14 11:43 - 2016-09-07 06:12 - 00871776 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2016-09-14 11:43 - 2016-09-07 06:11 - 00503600 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2016-09-14 11:43 - 2016-09-07 06:11 - 00057912 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-09-14 11:43 - 2016-09-07 06:07 - 01951848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll 2016-09-14 11:43 - 2016-09-07 05:53 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2016-09-14 11:43 - 2016-09-07 05:51 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll 2016-09-14 11:43 - 2016-09-07 05:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll 2016-09-14 11:43 - 2016-09-07 05:46 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll 2016-09-14 11:43 - 2016-09-07 05:46 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2016-09-14 11:43 - 2016-09-07 05:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll 2016-09-14 11:43 - 2016-09-07 05:45 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll 2016-09-14 11:43 - 2016-09-07 05:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll 2016-09-14 11:43 - 2016-09-07 05:44 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll 2016-09-14 11:43 - 2016-09-07 05:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\IconCodecService.dll 2016-09-14 11:43 - 2016-09-07 05:43 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2016-09-14 11:43 - 2016-09-07 05:43 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll 2016-09-14 11:43 - 2016-09-07 05:43 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe 2016-09-14 11:43 - 2016-09-07 05:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys 2016-09-14 11:43 - 2016-09-07 05:42 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-09-14 11:43 - 2016-09-07 05:42 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll 2016-09-14 11:43 - 2016-09-07 05:42 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll 2016-09-14 11:43 - 2016-09-07 05:42 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll 2016-09-14 11:43 - 2016-09-07 05:42 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll 2016-09-14 11:43 - 2016-09-07 05:42 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2016-09-14 11:43 - 2016-09-07 05:41 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2016-09-14 11:43 - 2016-09-07 05:41 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\MediaFoundation.DefaultPerceptionProvider.dll 2016-09-14 11:43 - 2016-09-07 05:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2016-09-14 11:43 - 2016-09-07 05:40 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll 2016-09-14 11:43 - 2016-09-07 05:40 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll 2016-09-14 11:43 - 2016-09-07 05:39 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2016-09-14 11:43 - 2016-09-07 05:39 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll 2016-09-14 11:43 - 2016-09-07 05:39 - 00096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoipRT.dll 2016-09-14 11:43 - 2016-09-07 05:39 - 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Cortana.ProxyStub.dll 2016-09-14 11:43 - 2016-09-07 05:38 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2016-09-14 11:43 - 2016-09-07 05:38 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-09-14 11:43 - 2016-09-07 05:38 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll 2016-09-14 11:43 - 2016-09-07 05:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\dialserver.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll 2016-09-14 11:43 - 2016-09-07 05:37 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00752128 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-09-14 11:43 - 2016-09-07 05:36 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2016-09-14 11:43 - 2016-09-07 05:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwcfg.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00715264 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2016-09-14 11:43 - 2016-09-07 05:35 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\PhoneOm.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usbceip.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll 2016-09-14 11:43 - 2016-09-07 05:35 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CheckNetIsolation.exe 2016-09-14 11:43 - 2016-09-07 05:34 - 00667136 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2016-09-14 11:43 - 2016-09-07 05:34 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00510464 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00300032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll 2016-09-14 11:43 - 2016-09-07 05:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll 2016-09-14 11:43 - 2016-09-07 05:33 - 01813504 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2016-09-14 11:43 - 2016-09-07 05:33 - 00904704 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll 2016-09-14 11:43 - 2016-09-07 05:33 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll 2016-09-14 11:43 - 2016-09-07 05:33 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 04213248 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc_ssp.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00651776 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll 2016-09-14 11:43 - 2016-09-07 05:32 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl 2016-09-14 11:43 - 2016-09-07 05:31 - 09920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00852992 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00607232 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authfwcfg.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2016-09-14 11:43 - 2016-09-07 05:31 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 01558528 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 01500160 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe 2016-09-14 11:43 - 2016-09-07 05:30 - 01318400 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00576000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00569856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\filemgmt.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll 2016-09-14 11:43 - 2016-09-07 05:30 - 00294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneOm.dll 2016-09-14 11:43 - 2016-09-07 05:29 - 07977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2016-09-14 11:43 - 2016-09-07 05:29 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-09-14 11:43 - 2016-09-07 05:29 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-09-14 11:43 - 2016-09-07 05:29 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2016-09-14 11:43 - 2016-09-07 05:29 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2016-09-14 11:43 - 2016-09-07 05:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2016-09-14 11:43 - 2016-09-07 05:29 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 04143104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 01783808 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 01717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 01671168 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 01648640 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll 2016-09-14 11:43 - 2016-09-07 05:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2016-09-14 11:43 - 2016-09-07 05:27 - 01872896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00651776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comuid.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00517632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2016-09-14 11:43 - 2016-09-07 05:27 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 01915392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2016-09-14 11:43 - 2016-09-07 05:26 - 01537536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00673280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00645632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00501760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2016-09-14 11:43 - 2016-09-07 05:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 02578432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 01052160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2016-09-14 11:43 - 2016-09-07 05:25 - 00759808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2016-09-14 11:43 - 2016-09-07 05:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe 2016-09-14 11:43 - 2016-09-07 05:24 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2016-09-14 11:43 - 2016-09-07 05:24 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll 2016-09-14 11:43 - 2016-09-07 05:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2016-09-14 11:43 - 2016-09-07 05:24 - 00460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2016-09-14 11:43 - 2016-09-07 05:23 - 04646912 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2016-09-14 11:43 - 2016-09-07 05:23 - 01562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2016-09-14 11:43 - 2016-09-07 05:23 - 00918016 _____ (Microsoft Corporation) C:\Windows\system32\XpsFilt.dll 2016-09-14 11:43 - 2016-09-07 05:22 - 03093504 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2016-09-14 11:43 - 2016-09-07 05:22 - 01987072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2016-09-14 11:43 - 2016-09-07 05:22 - 01297408 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe 2016-09-14 11:43 - 2016-09-07 05:22 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2016-09-14 11:43 - 2016-09-07 05:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll 2016-09-14 11:43 - 2016-09-07 05:21 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00900608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00882688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00513024 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll 2016-09-14 11:43 - 2016-09-07 05:20 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 03589120 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-09-14 11:43 - 2016-09-07 05:19 - 03555840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2016-09-14 11:43 - 2016-09-07 05:19 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 01997312 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2016-09-14 11:43 - 2016-09-07 05:19 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2016-09-14 11:43 - 2016-09-07 05:18 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-09-14 11:43 - 2016-09-07 05:17 - 02062336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-09-14 11:43 - 2016-09-07 05:17 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-09-14 11:43 - 2016-09-07 05:16 - 02680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2016-09-14 11:43 - 2016-09-07 05:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2016-09-14 11:43 - 2016-09-07 05:16 - 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2016-09-14 11:43 - 2016-09-07 05:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2016-09-14 11:43 - 2016-09-07 05:15 - 02772480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2016-09-14 11:43 - 2016-09-07 05:15 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll 2016-09-14 11:43 - 2016-09-07 05:14 - 03355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2016-09-14 11:43 - 2016-09-07 05:14 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-09-14 11:43 - 2016-09-07 05:14 - 01732096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-09-14 11:43 - 2016-09-07 05:12 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2016-09-14 11:43 - 2016-09-07 05:12 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-09-14 11:43 - 2016-09-07 05:12 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-09-14 11:43 - 2016-09-07 05:11 - 03294208 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-09-14 11:43 - 2016-09-07 05:10 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2016-09-14 11:43 - 2016-09-07 05:10 - 00712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll 2016-09-14 11:43 - 2016-09-07 05:10 - 00627200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll 2016-09-14 11:43 - 2016-09-07 05:09 - 00824832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-09-14 11:43 - 2016-09-07 05:09 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2016-09-14 11:43 - 2016-09-07 05:09 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-09-14 11:43 - 2016-09-07 05:09 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-09-14 11:42 - 2016-09-07 06:39 - 07468896 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-09-14 11:42 - 2016-09-07 06:39 - 01997832 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-09-14 11:42 - 2016-09-07 06:39 - 01862000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-09-14 11:42 - 2016-09-07 06:39 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-09-14 11:42 - 2016-09-07 06:39 - 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2016-09-14 11:42 - 2016-09-07 06:34 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-09-14 11:42 - 2016-09-07 06:26 - 01552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2016-09-14 11:42 - 2016-09-07 06:26 - 00516544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-09-14 11:42 - 2016-09-07 06:23 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-09-14 11:42 - 2016-09-07 06:23 - 01540216 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2016-09-14 11:42 - 2016-09-07 06:23 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2016-09-14 11:42 - 2016-09-07 06:23 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2016-09-14 11:42 - 2016-09-07 06:23 - 00565600 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-09-14 11:42 - 2016-09-07 06:23 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-09-14 11:42 - 2016-09-07 06:23 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe 2016-09-14 11:42 - 2016-09-07 06:22 - 01824264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2016-09-14 11:42 - 2016-09-07 06:22 - 00742192 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll 2016-09-14 11:42 - 2016-09-07 06:22 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-09-14 11:42 - 2016-09-07 06:22 - 00638816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys 2016-09-14 11:42 - 2016-09-07 06:22 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-09-14 11:42 - 2016-09-07 06:22 - 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-09-14 11:42 - 2016-09-07 06:21 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-09-14 11:42 - 2016-09-07 06:21 - 05240952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-09-14 11:42 - 2016-09-07 06:20 - 00836752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2016-09-14 11:42 - 2016-09-07 06:19 - 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-09-14 11:42 - 2016-09-07 06:15 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-09-14 11:42 - 2016-09-07 06:14 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-09-14 11:42 - 2016-09-07 06:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-09-14 11:42 - 2016-09-07 06:13 - 02186856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2016-09-14 11:42 - 2016-09-07 06:12 - 28851224 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll 2016-09-14 11:42 - 2016-09-07 06:11 - 02187408 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll 2016-09-14 11:42 - 2016-09-07 06:11 - 00388888 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2016-09-14 11:42 - 2016-09-07 06:11 - 00305296 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2016-09-14 11:42 - 2016-09-07 06:08 - 28083144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll 2016-09-14 11:42 - 2016-09-07 06:07 - 00253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll 2016-09-14 11:42 - 2016-09-07 05:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2016-09-14 11:42 - 2016-09-07 05:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll 2016-09-14 11:42 - 2016-09-07 05:44 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\VoipRT.dll 2016-09-14 11:42 - 2016-09-07 05:44 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll 2016-09-14 11:42 - 2016-09-07 05:44 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll 2016-09-14 11:42 - 2016-09-07 05:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe 2016-09-14 11:42 - 2016-09-07 05:42 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll 2016-09-14 11:42 - 2016-09-07 05:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2016-09-14 11:42 - 2016-09-07 05:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2016-09-14 11:42 - 2016-09-07 05:40 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll 2016-09-14 11:42 - 2016-09-07 05:40 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll 2016-09-14 11:42 - 2016-09-07 05:39 - 09324032 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2016-09-14 11:42 - 2016-09-07 05:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2016-09-14 11:42 - 2016-09-07 05:39 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll 2016-09-14 11:42 - 2016-09-07 05:38 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll 2016-09-14 11:42 - 2016-09-07 05:38 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll 2016-09-14 11:42 - 2016-09-07 05:38 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2016-09-14 11:42 - 2016-09-07 05:38 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll 2016-09-14 11:42 - 2016-09-07 05:38 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2016-09-14 11:42 - 2016-09-07 05:37 - 00846848 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll 2016-09-14 11:42 - 2016-09-07 05:37 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2016-09-14 11:42 - 2016-09-07 05:37 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-09-14 11:42 - 2016-09-07 05:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\fhsvc.dll 2016-09-14 11:42 - 2016-09-07 05:37 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll 2016-09-14 11:42 - 2016-09-07 05:36 - 01582080 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2016-09-14 11:42 - 2016-09-07 05:36 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll 2016-09-14 11:42 - 2016-09-07 05:36 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll 2016-09-14 11:42 - 2016-09-07 05:36 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-09-14 11:42 - 2016-09-07 05:36 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll 2016-09-14 11:42 - 2016-09-07 05:36 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\eapsvc.dll 2016-09-14 11:42 - 2016-09-07 05:35 - 09324032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2016-09-14 11:42 - 2016-09-07 05:35 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2016-09-14 11:42 - 2016-09-07 05:35 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2016-09-14 11:42 - 2016-09-07 05:35 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll 2016-09-14 11:42 - 2016-09-07 05:35 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2016-09-14 11:42 - 2016-09-07 05:35 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-09-14 11:42 - 2016-09-07 05:35 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack_win.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\filemgmt.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll 2016-09-14 11:42 - 2016-09-07 05:34 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00448000 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll 2016-09-14 11:42 - 2016-09-07 05:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-09-14 11:42 - 2016-09-07 05:32 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2016-09-14 11:42 - 2016-09-07 05:32 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll 2016-09-14 11:42 - 2016-09-07 05:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-09-14 11:42 - 2016-09-07 05:31 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 14251520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 02012672 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 01500672 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-09-14 11:42 - 2016-09-07 05:30 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 01037824 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2016-09-14 11:42 - 2016-09-07 05:30 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00531456 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2016-09-14 11:42 - 2016-09-07 05:30 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 01487360 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 01239552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00785408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll 2016-09-14 11:42 - 2016-09-07 05:29 - 00238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2016-09-14 11:42 - 2016-09-07 05:28 - 02731008 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2016-09-14 11:42 - 2016-09-07 05:28 - 01466368 _____ (Microsoft Corporation) C:\Windows\system32\Pimstore.dll 2016-09-14 11:42 - 2016-09-07 05:28 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll 2016-09-14 11:42 - 2016-09-07 05:28 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2016-09-14 11:42 - 2016-09-07 05:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 03415040 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2016-09-14 11:42 - 2016-09-07 05:27 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2016-09-14 11:42 - 2016-09-07 05:26 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2016-09-14 11:42 - 2016-09-07 05:25 - 02445312 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2016-09-14 11:42 - 2016-09-07 05:25 - 01965568 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2016-09-14 11:42 - 2016-09-07 05:25 - 01228800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2016-09-14 11:42 - 2016-09-07 05:25 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2016-09-14 11:42 - 2016-09-07 05:25 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2016-09-14 11:42 - 2016-09-07 05:25 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2016-09-14 11:42 - 2016-09-07 05:25 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-09-14 11:42 - 2016-09-07 05:24 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2016-09-14 11:42 - 2016-09-07 05:24 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2016-09-14 11:42 - 2016-09-07 05:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2016-09-14 11:42 - 2016-09-07 05:23 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2016-09-14 11:42 - 2016-09-07 05:22 - 12585472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-09-14 11:42 - 2016-09-07 05:22 - 01113600 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2016-09-14 11:42 - 2016-09-07 05:22 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe 2016-09-14 11:42 - 2016-09-07 05:21 - 00636928 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-09-14 11:42 - 2016-09-07 05:21 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsFilt.dll 2016-09-14 11:42 - 2016-09-07 05:21 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-09-14 11:42 - 2016-09-07 05:20 - 06976000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-09-14 11:42 - 2016-09-07 05:20 - 06675968 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2016-09-14 11:42 - 2016-09-07 05:20 - 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-09-14 11:42 - 2016-09-07 05:20 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2016-09-14 11:42 - 2016-09-07 05:20 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2016-09-14 11:42 - 2016-09-07 05:19 - 06471168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2016-09-14 11:42 - 2016-09-07 05:19 - 04078592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 02902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 02563584 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll 2016-09-14 11:42 - 2016-09-07 05:19 - 00515584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2016-09-14 11:42 - 2016-09-07 05:17 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2016-09-14 11:42 - 2016-09-07 05:16 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-09-14 11:42 - 2016-09-07 05:16 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-09-14 11:42 - 2016-09-07 05:16 - 00574976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-09-14 11:42 - 2016-09-07 05:15 - 01755648 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2016-09-14 11:42 - 2016-09-07 05:15 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2016-09-14 11:42 - 2016-09-07 05:14 - 02519552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-09-14 11:42 - 2016-09-07 05:14 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-09-14 11:42 - 2016-09-07 05:14 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2016-09-14 11:42 - 2016-09-07 05:13 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-09-14 11:42 - 2016-09-07 05:13 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-09-14 11:42 - 2016-09-07 05:13 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2016-09-14 11:42 - 2016-09-07 05:12 - 02632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-09-14 11:42 - 2016-09-07 05:12 - 01036288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2016-09-14 11:42 - 2016-09-07 05:11 - 00958976 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll 2016-09-14 11:42 - 2016-09-07 05:11 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll 2016-09-14 11:42 - 2016-09-07 05:11 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-09-14 11:42 - 2016-09-07 05:10 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll 2016-09-14 11:42 - 2016-09-07 05:10 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll 2016-09-14 11:42 - 2016-09-07 05:09 - 00824832 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-09-14 11:42 - 2016-09-07 05:09 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-09-14 11:42 - 2016-09-07 04:57 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2016-09-14 11:41 - 2016-09-07 05:39 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\FingerprintEnrollment.dll 2016-09-14 11:41 - 2016-09-07 05:38 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll 2016-09-14 11:41 - 2016-09-07 05:36 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll 2016-09-14 11:41 - 2016-09-07 05:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DictationManager.dll 2016-09-14 11:41 - 2016-09-07 05:35 - 00813056 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll 2016-09-14 11:41 - 2016-09-07 05:35 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2016-09-14 11:41 - 2016-09-07 05:35 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll 2016-09-14 11:41 - 2016-09-07 05:35 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll 2016-09-14 11:41 - 2016-09-07 05:34 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll 2016-09-14 11:41 - 2016-09-07 05:31 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll 2016-09-14 11:41 - 2016-09-07 05:31 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2016-09-14 11:41 - 2016-09-07 05:30 - 00607232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2016-09-14 11:41 - 2016-09-07 05:29 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe 2016-09-14 11:41 - 2016-09-07 05:28 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-09-14 11:41 - 2016-09-07 05:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2016-09-14 11:41 - 2016-09-07 05:19 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll 2016-09-14 11:38 - 2016-09-14 11:38 - 00170739 _____ C:\Users\Joanna\Downloads\University of Sheffield Offer.pdf 2016-09-14 11:34 - 2016-09-14 11:40 - 00000000 ____D C:\Users\Joanna\Documents\Graduate Certificate in Statistics 2016-09-12 09:36 - 2016-09-12 09:36 - 00828332 _____ C:\Users\Joanna\Downloads\SN06594.pdf 2016-09-09 09:46 - 2016-09-09 09:47 - 00683174 _____ C:\Users\Joanna\Documents\Booking Reference.pdf 2016-09-08 14:41 - 2016-09-08 14:41 - 00550404 _____ C:\Users\Joanna\Downloads\NPF Report 2016 .pdf 2016-09-02 14:58 - 2016-09-02 14:58 - 00002217 _____ C:\Users\Joanna\Downloads\Jo_Final day Newington (1).txt 2016-08-29 13:40 - 2016-08-29 13:40 - 00000025 _____ C:\Users\Joanna\Downloads\ATT00001.txt 2016-08-28 16:37 - 2016-08-28 16:37 - 00014812 _____ C:\Users\Joanna\Downloads\Reference-Joanna1.odt 2016-08-25 17:16 - 2016-08-25 17:16 - 04480976 _____ C:\Users\Joanna\Downloads\16.08.15 Summer Campaign Pack - Workplace 2020.pdf 2016-08-25 17:16 - 2016-08-25 17:16 - 00081668 _____ C:\Users\Joanna\Downloads\7935_16 GOTV PV script 2016.pdf 2016-08-25 17:15 - 2016-08-25 17:15 - 03609545 _____ C:\Users\Joanna\Downloads\Local Elections Handbook 2016.pdf 2016-08-25 17:14 - 2016-08-25 17:14 - 00085509 _____ C:\Users\Joanna\Downloads\2015-04-02 Propensity scores in Contact Creator.pdf 2016-08-25 08:48 - 2016-08-25 08:48 - 00229888 _____ C:\Users\Joanna\Downloads\Pros-and-Cons-of-AMS.ppt 2016-08-22 12:32 - 2016-08-22 12:33 - 03752564 _____ C:\Users\Joanna\Downloads\LSTATS GUIDE.pdf 2016-08-22 09:50 - 2016-08-22 09:50 - 00145644 _____ C:\Users\Joanna\Downloads\quals-reform-reference-guidance.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-21 15:41 - 2016-04-13 21:42 - 00004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D79D5A54-9241-4281-B018-9287EB6BF5F5} 2016-09-21 15:40 - 2016-03-30 18:52 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI 2016-09-21 15:40 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF 2016-09-21 15:36 - 2016-06-01 14:37 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-21 15:36 - 2016-03-31 19:17 - 00000000 ___RD C:\Users\Joanna\Dropbox 2016-09-21 15:36 - 2016-03-31 19:14 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-09-21 15:34 - 2016-02-13 14:14 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-21 15:34 - 2015-10-30 07:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-09-21 15:22 - 2016-03-30 19:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-21 14:19 - 2016-03-31 19:14 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-09-21 14:02 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-21 14:02 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness 2016-09-21 13:54 - 2016-03-31 19:14 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-09-21 13:50 - 2016-04-07 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection 2016-09-21 13:44 - 2016-03-31 03:44 - 00000000 ____D C:\Windows\Panther 2016-09-21 13:38 - 2016-06-01 14:38 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-21 13:38 - 2016-06-01 14:38 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-21 13:38 - 2016-02-13 14:20 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-09-21 13:35 - 2016-03-30 18:48 - 00000000 ____D C:\Users\Joanna 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 __RSD C:\Windows\Media 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\setup 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\setup 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\oobe 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\migwiz 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\MailContactsCalendarSync 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\L2Schemas 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\IME 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\bcastdvr 2016-09-21 13:33 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-09-21 13:33 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-09-21 13:33 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Dism 2016-09-21 13:32 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Sysprep 2016-09-21 13:28 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\registration 2016-09-21 13:26 - 2016-03-31 17:08 - 00000000 __RHD C:\MSOCache 2016-09-21 13:26 - 2016-03-30 19:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-09-19 22:29 - 2016-03-30 19:47 - 00000000 ____D C:\Users\Joanna\Documents\Issues 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ___SD C:\Windows\SysWOW64\F12 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ___SD C:\Windows\system32\F12 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\PrintDialog 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ___RD C:\Windows\DevicesFlow 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-09-16 13:03 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-09-16 13:03 - 2015-10-30 07:31 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2016-09-16 13:03 - 2015-10-30 07:31 - 00000000 ____D C:\Windows\system32\AdvancedInstallers 2016-09-15 19:01 - 2016-03-30 19:47 - 00000000 ____D C:\Users\Joanna\Documents\Practical info and spreadsheets 2016-09-15 18:56 - 2016-03-30 19:17 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-09-14 12:50 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp 2016-09-14 12:42 - 2016-03-30 19:04 - 00000000 ____D C:\Windows\system32\MRT 2016-09-14 12:42 - 2016-02-13 14:03 - 00000000 ____D C:\Windows\ShellNew 2016-09-14 12:36 - 2016-03-30 19:04 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-09-14 08:44 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsnap.dll 2016-09-14 08:44 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcertui.dll 2016-09-14 08:44 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\mqcertui.dll 2016-09-13 10:22 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-09-13 10:22 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\Macromed 2016-09-12 20:21 - 2016-04-07 15:25 - 00490792 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys 2016-09-12 20:21 - 2016-04-07 15:25 - 00236264 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys 2016-09-11 22:46 - 2016-03-30 19:47 - 00000000 ____D C:\Users\Joanna\Documents\Jobs and careers 2016-09-10 09:05 - 2016-04-02 10:11 - 00000000 ____D C:\Users\Joanna\AppData\Local\HP 2016-09-07 07:04 - 2016-02-13 14:17 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2016-09-07 02:00 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-09-07 02:00 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-09-02 16:05 - 2016-03-30 19:48 - 00000000 ____D C:\Users\Joanna\Documents\Thanet Food Link 2016-09-02 14:51 - 2016-03-30 19:47 - 00000000 ____D C:\Users\Joanna\Documents\Labour Party ==================== Files in the root of some directories ======= 2016-04-02 10:11 - 2016-04-02 10:11 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Joanna\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-09-21 14:14 ==================== End of FRST.txt ============================ The Addition.txt log: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2016 Ran by Joanna (21-09-2016 15:45:45) Running from C:\Users\Joanna\Downloads Windows 10 Home Version 1511 (X64) (2016-03-30 17:48:06) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2600279645-657507863-118530354-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2600279645-657507863-118530354-503 - Limited - Disabled) Guest (S-1-5-21-2600279645-657507863-118530354-501 - Limited - Disabled) Joanna (S-1-5-21-2600279645-657507863-118530354-1001 - Administrator - Enabled) => C:\Users\Joanna ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broken Sword 1 (HKLM-x32\...\{2A22C55D-408A-4B2F-B85A-C4132DB22BEC}) (Version: 1.00.000 - Revolution Software) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP) Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden FEZ version 1.10 (HKLM-x32\...\{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1) (Version: 1.10 - Polytron) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HP Photosmart 6510 series Basic Device Software (HKLM\...\{1952AED6-2908-418F-B9D8-AC359651F92D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 45.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-GB)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team) Rapport (x32 Version: 3.5.1609.100 - Trusteer) Hidden RStudio (HKLM-x32\...\RStudio) (Version: 0.99.902 - RStudio) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2600279645-657507863-118530354-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft) Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.100 - Trusteer) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2600279645-657507863-118530354-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joanna\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2781AAE2-724D-4D4B-9D74-9990066B96D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated) Task: {54724672-E7D3-4C85-8466-42F68B20D10A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Joanna\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation) Task: {6D750765-0A9D-4402-94BD-72E288B7CBB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {8652478B-EB90-4740-8C1D-CDA2CB6E8D34} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated) Task: {92BDBA88-4172-48F8-B26B-6057DE59CA3C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {AFE39D3A-EFA5-4822-AD53-72342B93BDC3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.) Task: {BFF51364-868F-4172-916A-DD2F4355868C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {D16F8E8D-FD5F-4CDB-A8C2-737CF24D6CCE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-31] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Joanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\Joanna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c61f4dda77f3b4ca\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-09-14 11:45 - 2016-09-07 06:39 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-09-14 11:45 - 2016-09-07 06:39 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-02-13 13:54 - 2016-02-13 13:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-13 18:16 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-09-14 11:42 - 2016-09-07 05:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-14 11:42 - 2016-09-07 05:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-14 11:42 - 2016-09-07 05:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-14 11:42 - 2016-09-07 05:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-09-21 13:38 - 2016-09-14 03:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll 2016-09-21 13:38 - 2016-09-14 03:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll 2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2016-08-18 22:31 - 2016-08-18 22:31 - 01383616 _____ () C:\Users\Joanna\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-08-18 22:31 - 2016-08-18 22:31 - 00118976 _____ () C:\Users\Joanna\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll 2016-09-15 21:05 - 2016-08-24 05:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-09-21 13:54 - 2016-08-24 05:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-09-21 13:54 - 2016-08-24 05:43 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-09-21 13:54 - 2016-08-24 05:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-09-15 21:05 - 2016-08-24 05:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-07-11 21:42 - 2016-08-24 05:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-07-11 21:42 - 2016-08-24 05:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-09-15 21:05 - 2016-08-24 05:43 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-08-05 19:23 - 2016-09-20 02:15 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-09-21 13:54 - 2016-08-24 05:43 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-09-21 13:54 - 2016-08-24 05:45 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-08-05 19:23 - 2016-09-20 02:15 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-09-15 21:05 - 2016-08-24 05:43 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-09-15 21:05 - 2016-08-24 05:44 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-09-15 21:05 - 2016-08-24 05:45 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-09-21 13:54 - 2016-08-24 05:41 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-09-21 13:54 - 2016-09-20 02:15 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-09-21 13:54 - 2016-09-20 02:07 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-09-21 13:54 - 2016-09-20 02:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-09-21 13:54 - 2016-09-20 02:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-07-11 21:42 - 2016-08-24 05:43 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-08-05 19:23 - 2016-09-20 02:15 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-07-11 21:42 - 2016-08-24 05:45 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-07-11 21:42 - 2016-09-20 02:15 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-08-05 19:23 - 2016-09-20 02:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-09-21 13:54 - 2016-09-20 02:15 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2600279645-657507863-118530354-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joanna\Pictures\Desktop background images\f6c3bd2e-cc53-4cf8-8b4e-051a4fb567e8_4.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D07FC96D-11C6-4B9D-AD0E-5FD7242FAF42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D2B59F39-130C-47E4-948A-DDFC9710630A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{18C73F58-AAC2-4B8B-ADFF-6646A2679487}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5FFF20BC-2C90-4EAA-9F25-6136069D66CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5AF53E6B-0AAF-4A9A-8387-BBB1721D06D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AA00C0A9-1CD8-4423-965C-8CBEB9BAB9B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{919702EB-A784-440E-9454-202831571738}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{266FE712-AD73-4427-980E-D620802DF6DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A92B64E0-64AF-4994-B309-390BBA75E96C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4537BA3A-1C40-450C-9CDC-1AD9FC13FDC9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{489D59C7-5DF8-480F-B770-DA859147E5EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{DE1AD332-AE99-45C7-94D8-7B3F26017D28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{D5F8BC7F-C539-4009-93AB-F0A3307E0CCA}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\DeviceSetup.exe FirewallRules: [{C4E4299F-ECA3-4695-AC56-3AA45F5D5C31}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{75CE483B-ACE4-4823-A4E6-17803FC104E0}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{8B68F7C1-F8F0-4910-A79F-F90771B245CD}C:\users\joanna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joanna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B9C1BABF-E5A7-4FAE-ADD5-A5EB54C402BF}C:\users\joanna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joanna\appdata\roaming\spotify\spotify.exe FirewallRules: [{5E728162-AB3A-4D08-BDA3-98A968B15CC2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D5015153-F57E-4DEB-B171-99546E532982}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{035CD170-EE1D-4344-A8B6-D5F7A1E21D57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DD1A16CA-F5E8-46AB-A7BD-FD3010651C0F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 01-09-2016 16:44:55 Scheduled Checkpoint 10-09-2016 12:00:57 Scheduled Checkpoint 14-09-2016 12:33:45 Windows Update 19-09-2016 09:09:30 Installed Rapport 21-09-2016 13:24:17 Restore Operation ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/21/2016 03:25:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JOANNAS-LAPTOP) Description: Activation of app Microsoft.Getstarted_4.0.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (09/21/2016 01:54:40 PM) (Source: DbxSvc) (EventID: 270) (User: ) Description: Filter Unload failed with: (-2145452013) The system could not find the filter specified. Error: (09/21/2016 01:36:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -528. Error: (09/21/2016 01:36:22 PM) (Source: ESENT) (EventID: 455) (User: ) Description: Catalog Database (1304) Catalog Database: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\CatRoot2\edb00096.log. Error: (09/21/2016 01:34:40 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (456) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU00C31.log. Error: (09/21/2016 01:24:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (09/21/2016 11:27:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.589, time stamp: 0x57cf98db Faulting module name: eModel.dll, version: 11.0.10586.589, time stamp: 0x57cf9505 Exception code: 0xc0000409 Fault offset: 0x0000000000129b6f Faulting process id: 0x13b0 Faulting application start time: 0x01d213f2b0a169e9 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Faulting module path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll Report Id: fe04f50c-d8b5-4e86-8671-d226d9e10f8a Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (09/20/2016 04:37:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2719 Error: (09/20/2016 04:37:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2719 Error: (09/20/2016 04:37:27 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (09/21/2016 03:34:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (09/21/2016 03:34:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (09/21/2016 03:31:17 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (09/21/2016 03:30:30 PM) (Source: DCOM) (EventID: 10005) (User: JOANNAS-LAPTOP) Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} CodeIntegrity: =================================== Date: 2016-09-21 15:15:17.822 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-21 14:30:22.431 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-21 14:30:22.409 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-21 14:14:20.976 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-21 13:34:57.455 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-20 12:12:35.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-20 12:12:35.300 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-20 12:12:33.681 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-20 12:12:33.661 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-20 12:12:29.949 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Percentage of memory in use: 72% Total physical RAM: 2806.7 MB Available physical RAM: 772.61 MB Total Virtual: 6646.7 MB Available Virtual: 4371.49 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:446.64 GB) (Free:367.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 2AEC0161) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Thank you in advance for any help!
  8. Hello, Due to lack of better judgment I have clicked what seems to be a phishing link for a game code give away (for Far Cry 4 at www.addictingcheats.com/2014/11/far-cry-4.html). Unfortunately, I went the extra step to install a "7-zip" program under their survey list to download. Needless to say, it looked fishy. From what I could see on VirusTotal, it seems that there are malicious files here so I scanned my computer with Malwarebytes (free version). It didn't detect anything. There seems to be no particular problems with computer functionality but my ethernet port is now red/orange as opposed to green with another yellow light blinking next to it. Could you help me get rid of these files? I'm more worried that these may take important private information as opposed to outright destroying my PC. Thank you. I'll have to attach the Addition text log due to the length of this post, but here is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01Ran by admin (administrator) on ADMIN-PC on 28-11-2014 19:31:00Running from D:\Private\DownloadsLoaded Profile: admin (Available profiles: admin)Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Windows\SysWOW64\srvany.exe() C:\Windows\KMService.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe() C:\Windows\SysWOW64\PnkBstrA.exe(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE() C:\Program Files\Rainmeter\Rainmeter.exe(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\audiodg.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-18] (Realtek Semiconductor)HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-413325314-233438866-1116144180-1000\...\Run: [iSUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)HKU\S-1-5-21-413325314-233438866-1116144180-1000\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)HKU\S-1-5-21-413325314-233438866-1116144180-1000\...\Run: [AdobeBridge] => [X]Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnkShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnkShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No FileBootExecute: autocheck autochk * SmartDefragBootTime.exeGroupPolicy: Group Policy on Chrome detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-413325314-233438866-1116144180-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cabHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) FireFox:========FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\topfc4ar.default-1396377874880FF SelectedSearchEngine: GoogleFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No FileFF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=1.0.3 -> D:\VLC Player\VLC\npvlc.dll (the VideoLAN Team)FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> D:\VLC Player\VLC\npvlc.dll (the VideoLAN Team)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\VLC Player\VLC\npvlc.dll (the VideoLAN Team)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-413325314-233438866-1116144180-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKU\S-1-5-21-413325314-233438866-1116144180-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()FF Extension: Flashblock - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\topfc4ar.default-1396377874880\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-04-01]FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\topfc4ar.default-1396377874880\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-01]FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\topfc4ar.default-1396377874880\extensions\ascsurfingprotection@iobit.com [Not Found]FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found] Chrome: =======CHR HomePage: Default -> CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-01]CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-18]CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-11-28]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-18]CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-18]CHR Extension: (AdBlock Premium) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-04-01]CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-01]CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-18] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-09-22] (Adobe Systems) [File not signed]S4 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [905504 2014-09-06] (IObit)S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-06-15] () [File not signed]S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2281248 2014-07-31] (IObit)S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)S3 Origin Client Service; D:\Origin\OriginClientService.exe [1900400 2014-11-07] (Electronic Arts)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-05] ()S4 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4368952 2014-11-08] (SoftEther VPN Project at University of Tsukuba, Japan.)S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-22] (AVG Technologies)R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-21] (Intel Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0042.sys [28768 2014-11-08] (SoftEther VPN Project at University of Tsukuba, Japan.)S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)U5 NPF; C:\Windows\System32\Drivers\NPF.sys [47632 2010-02-03] (CACE Technologies, Inc.)S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] ()S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)R3 cpuz137; \??\C:\Users\admin\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]S3 gdrv; \??\C:\Windows\gdrv.sys [X]S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]S3 VGPU; System32\drivers\rdvgkmd.sys [X]S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-28 19:30 - 2014-11-28 19:31 - 00000000 ____D () C:\FRST2014-11-28 19:18 - 2014-11-28 19:19 - 00000794 _____ () C:\Users\admin\Desktop\unhide.txt2014-11-28 19:14 - 2014-11-28 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip2014-11-28 18:43 - 2014-11-28 18:49 - 00000000 ___SD () C:\32788R22FWJFW2014-11-28 18:43 - 2014-11-28 18:49 - 00000000 ____D () C:\Windows\erdnt2014-11-26 23:04 - 2014-11-26 23:04 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2014-11-24 18:29 - 2014-11-24 18:29 - 00000000 ____D () C:\ProgramData\Riot Games2014-11-24 18:28 - 2014-11-24 18:28 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk2014-11-24 18:28 - 2014-11-24 18:28 - 00000000 ____D () C:\Riot Games2014-11-24 18:28 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll2014-11-24 18:28 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll2014-11-24 18:28 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll2014-11-23 17:11 - 2014-11-23 17:11 - 00000000 ___SD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mabinogi2014-11-23 16:52 - 2014-11-23 16:52 - 00000000 ____D () C:\Nexon2014-11-23 16:51 - 2014-11-23 16:55 - 00000000 ____D () C:\Users\admin\AppData\Roaming\NexonLauncher2014-11-23 16:51 - 2014-11-23 16:55 - 00000000 ____D () C:\Users\admin\AppData\Local\NexonLauncher2014-11-20 16:04 - 2014-11-20 16:04 - 00000000 ____D () C:\Windows\pss2014-11-20 13:05 - 2014-11-28 19:06 - 00016714 _____ () C:\Windows\PFRO.log2014-11-20 13:05 - 2014-11-28 19:06 - 00001456 _____ () C:\Windows\setupact.log2014-11-20 13:05 - 2014-11-20 13:05 - 00000000 _____ () C:\Windows\setuperr.log2014-11-20 13:04 - 2014-11-20 13:04 - 00000000 _____ () C:\asc_rdflag2014-11-19 20:42 - 2014-11-19 20:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-11-19 20:42 - 2014-11-19 20:42 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-11-19 20:42 - 2014-11-19 20:42 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2014-11-19 20:42 - 2014-11-19 20:42 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2014-11-19 20:27 - 2014-11-12 12:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe2014-11-19 20:25 - 2014-11-12 16:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2014-11-19 20:25 - 2014-11-12 16:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2014-11-19 20:25 - 2014-11-12 16:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2014-11-19 20:25 - 2014-11-12 16:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2014-11-19 20:25 - 2014-11-12 16:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2014-11-19 20:25 - 2014-11-12 16:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2014-11-19 20:25 - 2014-11-12 16:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2014-11-19 20:25 - 2014-11-12 16:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2014-11-19 20:25 - 2014-11-12 16:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2014-11-19 20:25 - 2014-11-12 16:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2014-11-19 20:25 - 2014-11-12 16:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2014-11-19 20:25 - 2014-11-12 16:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2014-11-19 20:25 - 2014-11-12 16:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2014-11-19 20:25 - 2014-11-12 16:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll2014-11-19 20:25 - 2014-11-12 16:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2014-11-19 20:25 - 2014-11-12 16:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2014-11-19 20:23 - 2014-11-19 20:23 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-11-19 20:12 - 2014-10-03 11:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys2014-11-19 20:12 - 2014-10-03 11:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll2014-11-17 22:14 - 2014-11-17 22:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-11-17 21:54 - 2014-11-17 21:54 - 00001706 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk2014-11-17 21:54 - 2014-11-17 21:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Rainmeter2014-11-17 21:54 - 2014-11-17 21:54 - 00000000 ____D () C:\Program Files\Rainmeter2014-11-17 00:27 - 2014-11-17 22:16 - 00007596 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg2014-11-15 23:46 - 2014-11-15 23:47 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.12014-11-15 23:46 - 2014-11-15 23:46 - 00001985 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk2014-11-11 16:18 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-11-11 16:18 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-11-11 16:18 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-11-11 16:18 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-11-11 16:18 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-11-11 16:18 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-11-11 16:18 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-11-11 16:18 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-11-11 16:18 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-11-11 16:18 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-11-11 16:18 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-11-11 16:18 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-11-11 16:18 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-11-11 16:18 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-11-11 16:18 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-11-11 16:18 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-11-11 16:18 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-11-11 16:18 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-11-11 16:18 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-11-11 16:18 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-11-11 16:18 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-11-11 16:18 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-11-11 16:18 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-11-11 16:18 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-11-11 16:18 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-11-11 16:18 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-11-11 16:18 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-11-11 16:18 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-11-11 16:18 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-11-11 16:18 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-11-11 16:18 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-11-11 16:18 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-11-11 16:18 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-11-11 16:18 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-11-11 16:18 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-11-11 16:18 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-11-11 16:18 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-11-11 16:18 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-11-11 16:18 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-11-11 16:18 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-11-11 16:18 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-11-11 16:18 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-11-11 16:18 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-11-11 16:18 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-11-11 16:18 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-11-11 16:18 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-11-11 16:18 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-11-11 16:18 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-11-11 16:18 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-11-11 16:18 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-11-11 16:18 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-11-11 16:18 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-11-11 16:18 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-11-11 16:18 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-11-11 16:18 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-11-11 16:18 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-11-11 16:18 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-11-11 16:18 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-11-11 16:18 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-11-11 16:18 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-11-11 16:18 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-11-11 16:18 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-11-11 16:18 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2014-11-11 16:18 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2014-11-11 16:18 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-11-11 16:18 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-11-11 16:18 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-11-11 16:18 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2014-11-11 16:18 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2014-11-11 16:18 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-11-11 16:18 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll2014-11-11 16:18 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2014-11-11 16:18 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll2014-11-11 16:18 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll2014-11-11 16:18 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll2014-11-11 16:18 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll2014-11-11 16:18 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll2014-11-11 16:18 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-11-11 16:18 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-11-11 16:18 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-11-11 16:18 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-11-11 16:18 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-11-11 16:18 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-11-11 16:18 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-11-11 16:18 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL2014-11-11 16:18 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL2014-11-11 16:17 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2014-11-11 16:17 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2014-11-08 22:46 - 2014-01-22 00:04 - 05267776 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des2014-11-08 22:46 - 2005-01-02 04:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys2014-11-08 22:46 - 2003-07-18 13:17 - 00005174 _____ () C:\Windows\SysWOW64\nppt9x.vxd2014-11-08 22:43 - 2014-11-08 22:43 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared2014-11-08 18:15 - 2014-11-08 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasy Star Online 22014-11-08 17:53 - 2014-11-08 17:53 - 00000000 ____D () C:\Program Files (x86)\SEGA2014-11-08 15:42 - 2014-11-08 15:42 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0042.sys2014-11-08 15:41 - 2014-11-28 19:08 - 00000000 ____D () C:\Program Files\SoftEther VPN Client2014-11-08 15:41 - 2014-11-08 15:41 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe2014-11-08 15:41 - 2014-11-08 15:41 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk2014-11-08 15:41 - 2014-11-08 15:41 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk2014-11-08 15:41 - 2014-11-08 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client2014-11-06 18:22 - 2014-11-06 18:22 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe2014-11-06 18:22 - 2014-11-06 18:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe2014-11-06 18:22 - 2014-11-06 18:22 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe2014-11-06 18:22 - 2014-11-06 18:22 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll2014-11-06 18:21 - 2014-11-06 18:21 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-11-06 18:21 - 2014-11-06 18:21 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-11-06 18:21 - 2014-11-06 18:21 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-11-06 18:21 - 2014-11-06 18:21 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-11-06 18:21 - 2014-11-06 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-11-06 18:07 - 2014-11-06 18:07 - 00000000 ____D () C:\Users\admin\AppData\Roaming\.OtherTechnic2014-11-06 18:05 - 2014-11-06 18:08 - 00000000 ____D () C:\Users\admin\AppData\Roaming\.technic2014-11-06 15:56 - 2014-11-06 15:56 - 00003166 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup2014-11-06 15:56 - 2014-11-06 15:56 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-28 19:30 - 2013-09-18 03:04 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype2014-11-28 19:26 - 2014-10-09 16:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-11-28 19:11 - 2013-09-11 17:10 - 01724672 _____ () C:\Windows\WindowsUpdate.log2014-11-28 19:08 - 2013-09-18 03:20 - 00000000 ____D () C:\Program Files (x86)\Steam2014-11-28 19:08 - 2013-09-18 02:56 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-11-28 19:07 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-11-28 19:06 - 2013-09-11 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA2014-11-28 19:05 - 2014-04-01 11:04 - 00000000 ____D () C:\AdwCleaner2014-11-28 19:05 - 2009-07-13 20:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-11-28 19:05 - 2009-07-13 20:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-11-28 19:04 - 2013-09-11 17:31 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-11-28 18:57 - 2013-09-18 02:56 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-11-28 18:19 - 2013-10-09 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime2014-11-26 23:04 - 2013-09-11 17:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-11-26 23:04 - 2013-09-11 17:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-11-26 23:04 - 2013-09-11 17:31 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-11-24 18:30 - 2013-09-17 15:14 - 00000000 ____D () C:\Program Files (x86)\Pando Networks2014-11-24 18:27 - 2013-09-17 15:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Riot Games2014-11-24 16:32 - 2013-11-25 18:52 - 00000000 ____D () C:\ProgramData\ProductData2014-11-23 16:57 - 2014-01-19 16:39 - 00003204 _____ () C:\console.log2014-11-23 16:55 - 2014-01-19 18:46 - 00000000 ____D () C:\Program Files (x86)\Nexon2014-11-21 09:47 - 2009-07-13 21:13 - 00788438 _____ () C:\Windows\system32\PerfStringBackup.INI2014-11-20 20:18 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache2014-11-20 13:11 - 2013-09-25 17:36 - 00000000 ____D () C:\Users\admin\AppData\Local\LogMeIn Hamachi2014-11-20 13:08 - 2013-10-25 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation2014-11-20 13:04 - 2014-03-06 15:45 - 76771328 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak2014-11-20 13:04 - 2014-03-06 15:45 - 00290816 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak2014-11-20 13:04 - 2014-03-06 15:45 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak2014-11-20 13:04 - 2014-03-06 15:45 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak2014-11-20 13:04 - 2013-09-11 17:08 - 00000000 ____D () C:\Users\admin2014-11-19 21:21 - 2013-09-29 13:13 - 00000000 ____D () C:\Users\admin\AppData\Roaming\.minecraft2014-11-19 20:27 - 2013-09-11 17:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-11-19 20:23 - 2014-10-09 16:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-11-16 22:52 - 2013-09-18 02:56 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-11-16 22:52 - 2013-09-18 02:56 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-11-16 00:02 - 2013-09-19 19:39 - 00000000 ____D () C:\Users\admin\AppData\Local\Akamai2014-11-15 23:46 - 2014-08-29 19:49 - 00000000 ____D () C:\ProgramData\Package Cache2014-11-12 22:24 - 2009-07-13 20:45 - 05344296 _____ () C:\Windows\system32\FNTCACHE.DAT2014-11-12 22:22 - 2013-09-11 17:19 - 00165456 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT2014-11-12 16:20 - 2013-10-25 09:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2014-11-12 16:20 - 2013-09-11 17:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb2014-11-12 16:20 - 2013-09-11 17:22 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2014-11-12 16:20 - 2013-09-11 17:22 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2014-11-12 16:20 - 2013-09-11 17:22 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2014-11-12 16:20 - 2013-09-11 17:22 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2014-11-12 13:56 - 2013-09-11 17:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2014-11-12 13:56 - 2013-09-11 17:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2014-11-12 13:56 - 2013-09-11 17:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll2014-11-12 13:56 - 2013-09-11 17:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2014-11-12 13:56 - 2013-09-11 17:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2014-11-12 13:56 - 2013-09-11 17:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2014-11-11 23:43 - 2013-09-11 17:31 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-11-11 23:42 - 2014-05-02 17:25 - 00000000 ____D () C:\Windows\system32\MRT2014-11-11 23:38 - 2014-05-02 17:25 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-11-11 02:29 - 2013-09-11 17:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin2014-11-10 19:29 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Registration2014-11-09 21:50 - 2013-10-13 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon2014-11-07 23:33 - 2013-09-18 11:39 - 00000000 ____D () C:\ProgramData\Origin2014-11-06 20:15 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Trine22014-11-06 18:22 - 2013-09-25 18:01 - 00000000 ____D () C:\Program Files\Java2014-11-06 18:21 - 2013-09-17 17:44 - 00000000 ____D () C:\ProgramData\Oracle2014-11-06 16:44 - 2014-05-31 23:09 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Tera_Awesomium2014-11-06 16:35 - 2014-07-21 17:05 - 00000000 ____D () C:\Program Files (x86)\TERA2014-11-06 15:56 - 2014-01-20 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 32014-11-06 09:06 - 2014-07-30 08:05 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll2014-11-06 09:06 - 2014-07-30 08:05 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll2014-11-06 09:06 - 2013-10-28 16:14 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll2014-11-06 09:06 - 2013-10-28 16:14 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll2014-10-30 03:25 - 2010-11-20 19:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe Some content of TEMP:====================C:\Users\admin\AppData\Local\Temp\Quarantine.exeC:\Users\admin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe[2014-10-19 21:25] - [2011-01-15 16:01] - 0389632 ____A (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F C:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll[2010-11-20 19:24] - [2011-01-15 16:01] - 1008640 ____A (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF C:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-19 17:53 ==================== End Of Log ============================Addition.txt
  9. Hello, I believe I have malware in my computer. I ran both a threat scan and full body scan, and nothing is showing up. I don't know what kind of virus it is, but boot up times and overall slowness is taking effect. If anyone can help, that would be great! Thanks.
  10. In the process of reinstalling my programs after a (Windows 8.1 64-bit) refresh, I have somehow aquired Sweetpacks. My Malwarebytes Premium doesn't detect it, even when I set it to treat PUPs as malware. But it sure is there, everytime I launch Chrome (but not IE). I've looked all over the web for a way to get rid of it, but unfortunately each solution wants me to download something else that I'm not sure I trust. (Once burned.....) Actually, Norton didn't like me trying to download FRST64.exe, but I trust Malwarebytes, so turned off Norton and downloaded. Please help. I've attached the files requested. Addition.txt FRST.txt
  11. My laptop is currently infected with a more advanced strain of the iexplore.exe virus. Symptoms include - multiple iexplore.exe and iexplore.exe*32 processes despite not using internet explorer - multiple Chrome.exe*32 processes - frequently running out of memory - computer is very slow - random windows noises playing periodically in the background i have been searching the internet for a solution or removal guide, but so far nothing has worked. in addition anti-malware software like Malwarebytes does not seem to be able to detect the virus. i am currently running windows 7 32bit if someone could help me i would be very grateful! - Jake
  12. Hi Everyone, A few months ago keys on my keyboard stopped working and randomly started typing qqqqqq until stopped. I've been using everything to try to find the malware/keylogger that was doing this. No programs found it, and I couldn't find anything myself until today. Finally a break. So instead of deleating the program I to find where this is going, the keystrokes are translated to Israli/Hebrew so I'm hoping someone can help me with all of this. I've disabled all premissions for the associated files, but it won't let me remove the Read & Execute and Read allows. Thanks for any help with this.
  13. attach.txt: .DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3Install Date: 25/05/2012 4:58:08 PMSystem Uptime: 25/12/2013 5:19:59 PM (0 hours ago).Motherboard: Dell Inc. | | 0U990CProcessor: Intel® Core2 Duo CPU T5750 @ 2.00GHz | Microprocessor | 2000/166mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 99 GiB total, 22.41 GiB free.D: is FIXED (NTFS) - 10 GiB total, 5.912 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 298 GiB total, 151.766 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)7-Zip 9.20Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.4)AllShare Framework DMSApple Application SupportApple Mobile Device SupportApple Software UpdateBonjourCanon MP280 series MP DriversCCleanerD3DX10DefragglerDell TouchpadDropboxEyeLeof.luxFacebook Video Calling 1.2.0.287Folder Size 2.0.0.0Google ChromeGoogle DriveGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)iCloudIntel® Graphics Media Accelerator DriverIntel® PROSet/Wireless SoftwareiTunesJava 7 Update 45Java Auto UpdaterJava 6 Update 32K-Lite Codec Pack 8.8.0 (Full)Laptop Integrated Webcam Driver (1.04.01.1011) Malwarebytes Anti-Malware version 1.75.0.1300Marvell Miniport DrivermCoremDriverMesh RuntimemHelpMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219mMHouseMozilla Firefox 12.0 (x86 en-US)Mozilla Maintenance ServicemPfMgrMSVCRTmWMIRICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01Samsung KiesSAMSUNG USB Driver for Mobile PhonesSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UISkype™ 5.9Spybot - Search & DestroyTeraCopy 2.27Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VC80CRTRedist - 8.0.50727.6195VLC media player 2.0.1Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language Pack.==== End Of File =========================== DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.45.2Run by user at 17:22:31 on 2013-12-25Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3061.1996 [GMT -5:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\SLsvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exeC:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\OEM02Mon.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Spybot - Search & Destroy 2\SDTray.exeC:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exeC:\Windows\ehome\ehtray.exeC:\Program Files\AeroSnap\AeroSnap.exeC:\Program Files\EyeLeo\EyeLeo.exeC:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\conime.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroup.============== Pseudo HJT Report ===============.uProxyServer = 208.97.135.54:80BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dlluRun: [F.lux] "c:\users\user\appdata\local\fluxsoftware\flux\flux.exe" /noshowuRun: [ehTray.exe] c:\windows\ehome\ehTray.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exemRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\user\appdata\roaming\dropbox\bin\Dropbox.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\aerosnap.lnk - c:\program files\aerosnap\AeroSnap.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\eyeleo.lnk - c:\program files\eyeleo\EyeLeo.exemPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 192.168.0.1TCP: Interfaces\{51C024C2-8D34-41C0-99D8-6AA9A4A2DF33} : DHCPNameServer = 192.168.0.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: igfxcui - igfxdev.dllNotify: SDWinLogon - SDWinLogon.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\7hvqq0a7.default\FF - prefs.js: browser.search.selectedEngine - Ask.comFF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dllFF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLLFF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\users\user\appdata\local\facebook\video\skype\npFacebookVideoCalling.dllFF - plugin: c:\users\user\appdata\local\google\update\1.3.21.145\npGoogleUpdate3.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-12-24 3921880]R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-12-24 1042272]R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-12-24 171416]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2012-5-25 111616]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-23 83864]S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2013-2-18 37344]S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 104768]S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-23 181912]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 756392]S4 AllShare Framework DMS;AllShare Framework DMS;c:\program files\samsung\allshare framework dms\1.3.18\AllShareFrameworkManagerDMS.exe [2013-9-10 401800]S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-2-18 233472]S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040].=============== Created Last 30 ================.2013-12-25 19:49:17 -------- d-----w- c:\users\user\appdata\roaming\BitTorrent2013-12-25 02:55:09 18968 ----a-w- c:\windows\system32\sdnclean.exe2013-12-25 02:54:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy2013-12-25 02:54:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 22013-12-25 00:36:02 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a42f272e-3da9-4eed-8025-b54618e72bfb}\mpengine.dll2013-12-21 22:46:29 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2013-12-09 22:51:03 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4dd89be2-b553-4af4-9e52-de10de0436e3}\gapaengine.dll.==================== Find3M ====================.2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe2013-10-13 09:48:06 1806848 ----a-w- c:\windows\system32\jscript9.dll2013-10-13 09:35:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2013-10-13 09:35:38 1129472 ----a-w- c:\windows\system32\wininet.dll2013-10-13 09:30:14 142848 ----a-w- c:\windows\system32\ieUnatt.exe2013-10-13 09:29:02 420864 ----a-w- c:\windows\system32\vbscript.dll2013-10-13 09:25:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb2013-10-11 02:08:02 444928 ----a-w- c:\windows\system32\IKEEXT.DLL2013-10-11 02:07:57 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL2013-10-08 12:50:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-10-03 12:45:50 297984 ----a-w- c:\windows\system32\gdi32.dll2013-10-03 12:45:45 993792 ----a-w- c:\windows\system32\crypt32.dll2013-09-27 14:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys2013-09-27 14:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys.============= FINISH: 17:26:29.16 =============== So I'm pretty sure I have a virus and I'm pretty stuck on what to do. When I try and open any sort of folder, windows explorer crashes, and restarts. Sometimes I can open a folder, but most of the time I can't, if I open it right after startup then it works but otherwise it does not. Sometimes mbam doesn't open and I get "runtime error 2147417848 (80010108)". These are all things that change though, randomly, right now I can open folders and mbam is working but if I restart my computer they probably wont, but all is fine in safe mode. I've tried a bunch of things (in safe mode too), I've tried running spybot, which detects things and then doesn't, I've used ccleaner and cleaned(?) the registry, I've performed a full scan with mbam which detected nothing, I've checked startup programs, also used shell cleaner thing****, I've opened command prompt and scanned (sfc/scannow), I've used shellexview and disabled everything that wasn't microsoft. I'm just stumped, and lost and confused. Sorry if the way I explain isn't clear, please help.
  14. Hello. My son has reported to me that his computer is acting very slow. He said that the internet was running much slower than usual, and some of his applications would not connect to the internet, and would run slowly as well. I used the anti-malwarebytes anti-malware scan, and ran a full scan, and found nothing. I am hoping that someone could help me resolve this problem, so he can continue his use on the computer. I am also hoping that this won't cost anything too expensive, as it is a very expensive computer. Please report back if you can with further information and/or instructions on how I can remove the virus. Thank you!
  15. Sorry to bother everyone but I could use some help. Recently my computer has started playing random audio at irregular intervals. The audio can last for just a few moments or a few minutes, and has nothing to do with any program I have open. The audio plays even when I have no programs running and just started up the computer. The sounds vary from adds to self help sound bites to what sounds like radio talk shows. So far I have been unable to detect the problem with Malwarebytes or Norton Internet Security. If anyone has any insights on this I would really appreciate the help. I've included the logs from a malwarebytes scan and DDS.txt Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Connor :: CONNOR-HP [administrator] 6/20/2013 10:25:21 AM mbam-log-2013-06-20 (10-25-21).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 210454 Time elapsed: 6 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2 Run by Connor at 10:33:06 on 2013-06-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5610.2740 [GMT -4:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\taskmgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe C:\Windows\notepad.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [AmazonMP3DownloaderHelper] C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe StartupFolder: C:\Users\Connor\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{458402C4-FF41-40E3-BC2E-0A8558735FA1} : DHCPNameServer = 172.168.11.12 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{9F75D245-BE67-4A96-BC49-8357830E0405}\4565331423 : DHCPNameServer = 192.168.1.1 71.252.0.12 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Connor\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-06-02 13:30; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: 2013-06-04 23:20; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn FF - ExtSQL: 2013-06-04 23:20; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn FF - ExtSQL: 2013-06-19 23:51; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\595buj5v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2013-6-10 89600] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-28 204288] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-11-5 197536] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-28 2413056] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-19 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-19 701512] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-6-6 138272] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208] R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-7-16 96896] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-1-28 46136] R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-7-16 214144] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130531.001\BHDrvx64.sys [2013-5-31 1393240] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-6-6 167072] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-6-5 138912] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130619.001\IDSviA64.sys [2013-6-19 513184] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-19 25928] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-1-28 338536] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-28 428136] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-1-28 1145448] R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-6-6 451192] R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-6-6 1129120] R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-6-6 190072] R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-6-6 405624] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-31 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128] S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-06-20 03:55:59 -------- d-----w- C:\Users\Connor\AppData\Local\Program Files 2013-06-20 02:14:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-20 02:14:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-17 02:52:21 -------- d-----w- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF} 2013-06-16 01:09:15 -------- d-----w- C:\Users\Connor\AppData\Roaming\IDT 2013-06-16 01:07:36 -------- d-----w- C:\Users\Connor\AppData\Local\CrashDumps 2013-06-13 02:09:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR 2013-06-13 02:09:48 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT 2013-06-13 02:09:47 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL 2013-06-13 02:09:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT 2013-06-13 02:09:45 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE 2013-06-13 02:09:44 -------- d-----w- C:\Windows\System32\drivers\UMDF\fr-FR 2013-06-13 02:09:43 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES 2013-06-11 21:37:56 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-06-10 18:52:11 654336 ------w- C:\Windows\System32\stapi64.dll 2013-06-10 18:50:32 535552 ----a-w- C:\Windows\System32\drivers\stwrt64.sys 2013-06-10 18:50:30 448512 ----a-w- C:\Windows\System32\stcplx64.dll 2013-06-10 18:50:30 1987072 ----a-w- C:\Windows\System32\stapo64.dll 2013-06-10 18:49:57 -------- d-----w- C:\Program Files\IDT 2013-06-07 01:37:16 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys 2013-06-07 01:37:16 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys 2013-06-07 01:37:16 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys 2013-06-07 01:37:16 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys 2013-06-07 01:37:16 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys 2013-06-07 01:37:16 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys 2013-06-07 01:37:16 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys 2013-06-07 01:37:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309010.00E 2013-06-06 01:15:03 -------- d-----w- C:\Users\Connor\AppData\Roaming\.minecraft 2013-06-06 00:40:24 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-06 00:40:23 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-06 00:40:11 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-05 03:18:23 -------- d-----w- C:\Windows\System32\drivers\NISx64 2013-06-05 03:18:20 -------- d-----w- C:\Program Files (x86)\Norton Internet Security 2013-06-05 02:54:03 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{816559E5-8BF5-4D45-8164-87C6A69BDEA4}\mpengine.dll 2013-06-05 02:52:28 -------- d-----w- C:\Users\Connor\AppData\Local\Diagnostics 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105\x64 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8\009D.105 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP\0C0103E8 2013-06-04 04:21:42 -------- d-----w- C:\Windows\System32\drivers\SEP 2013-06-04 03:52:40 -------- d-----w- C:\ProgramData\Symantec 2013-06-04 02:43:39 -------- d-----w- C:\Users\Connor\AppData\Roaming\Malwarebytes 2013-06-04 02:43:36 -------- d-----w- C:\ProgramData\Malwarebytes 2013-06-04 02:43:13 -------- d-----w- C:\Users\Connor\AppData\Local\Programs 2013-06-03 20:43:30 -------- d-----w- C:\Windows\System32\%LOCALAPPDATA% 2013-06-03 20:23:46 -------- d-----w- C:\Users\Connor\AppData\Local\Symantec 2013-06-03 20:22:59 -------- d-----w- C:\Program Files\Symantec 2013-06-03 20:22:30 42632 ----a-w- C:\Windows\System32\drivers\WGX64.SYS 2013-06-03 20:22:30 118768 ----a-w- C:\Windows\System32\drivers\SysPlant.sys 2013-06-03 20:21:57 -------- d-----w- C:\ProgramData\regid.1992_12.com.symantec 2013-06-03 20:21:50 -------- d-----w- C:\Program Files (x86)\Symantec 2013-06-03 20:12:11 -------- d-----w- C:\VT-SEPVersion 2013-06-03 20:10:45 -------- d-----w- C:\VT AntiVirus 2013-06-03 20:07:18 -------- d-----w- C:\VT-SecureTools 2013-06-03 20:03:53 -------- d-----w- C:\Program Files\Microsoft Lync 2013-06-03 20:03:45 -------- d-----w- C:\Program Files (x86)\Microsoft Lync 2013-06-03 20:03:35 -------- d-----w- C:\Users\Connor\Tracing 2013-06-03 20:03:35 -------- d-----w- C:\Program Files (x86)\OCSetup 2013-06-03 19:45:43 -------- d-----w- C:\Program Files (x86)\Microsoft Small Business 2013-06-03 19:45:21 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls 2013-06-03 19:43:46 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$MSSMLBIZ-sqlagtctr10.1.2531.0.dll 2013-06-03 19:43:35 79896 ----a-w- C:\Windows\SysWow64\perf-MSSQL$MSSMLBIZ-sqlctr10.1.2531.0.dll 2013-06-03 19:41:57 -------- d-----w- C:\Windows\SysWow64\1033 2013-06-03 19:41:57 -------- d-----w- C:\Windows\System32\1033 2013-06-03 19:41:57 -------- d-----w- C:\Program Files\Microsoft SQL Server 2013-06-03 19:38:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server 2013-06-03 18:03:16 -------- d-----w- C:\Program Files (x86)\MSECache 2013-06-03 17:55:54 -------- d-----w- C:\Users\Connor\AppData\Local\LogMeIn Rescue Applet 2013-06-03 17:23:00 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2013-06-03 17:19:50 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-06-03 17:19:10 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2013-06-03 17:18:57 -------- d-----w- C:\Windows\SHELLNEW 2013-06-03 17:18:39 -------- d-----w- C:\Users\Connor\AppData\Local\Microsoft Help 2013-06-03 02:10:05 -------- d-----w- C:\Users\Connor\AppData\Local\HP 2013-06-03 01:43:23 1671680 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM3.dll 2013-06-03 01:43:23 1669120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM6.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM5.dll 2013-06-03 01:43:23 1668608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM4.dll 2013-06-03 01:43:23 1667072 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com\components\FFXPCOM7.dll 2013-06-02 17:34:29 -------- d-----w- C:\Users\Connor\AppData\Local\Macromedia 2013-06-02 17:34:17 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-02 00:14:24 -------- d-----w- C:\Users\Connor\AppData\Local\Skyrim 2013-06-02 00:04:15 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll 2013-06-02 00:04:15 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll 2013-06-02 00:04:15 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll 2013-06-02 00:04:15 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll 2013-06-02 00:04:14 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll 2013-06-02 00:04:14 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll 2013-06-02 00:04:13 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll 2013-06-02 00:04:13 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll 2013-06-01 23:31:52 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2013-06-01 23:01:29 -------- d-----w- C:\Program Files (x86)\dumps 2013-06-01 23:00:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-06-01 23:00:17 -------- d-----w- C:\Program Files (x86)\Steam 2013-06-01 03:54:50 -------- d-----w- C:\Users\Connor\AppData\Local\CyberLink 2013-06-01 03:03:42 -------- d-----w- C:\ProgramData\Amazon 2013-06-01 03:03:29 -------- d-----w- C:\Program Files (x86)\Amazon 2013-06-01 03:02:44 -------- d-----w- C:\Windows\Downloaded Installations 2013-06-01 02:57:28 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2013-06-01 02:46:54 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP 2013-06-01 02:20:18 -------- d-----w- C:\Windows\SysWow64\Wat 2013-06-01 02:20:18 -------- d-----w- C:\Windows\System32\Wat 2013-06-01 00:53:14 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-06-01 00:53:14 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-06-01 00:53:14 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-06-01 00:53:14 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-01 00:01:40 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-06-01 00:01:40 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-06-01 00:01:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-06-01 00:01:39 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-06-01 00:00:09 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-06-01 00:00:09 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-06-01 00:00:09 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-06-01 00:00:09 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-06-01 00:00:08 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-06-01 00:00:08 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-06-01 00:00:08 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-05-31 23:43:39 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-05-31 23:43:39 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-05-31 23:43:39 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-05-31 23:43:39 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-05-31 23:28:52 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2013-05-31 23:27:33 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-05-31 23:26:54 67072 ----a-w- C:\Windows\splwow64.exe 2013-05-31 23:25:30 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-05-31 23:25:29 3216384 ----a-w- C:\Windows\System32\msi.dll 2013-05-31 23:25:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2013-05-31 23:25:00 715776 ----a-w- C:\Windows\System32\kerberos.dll 2013-05-31 23:25:00 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2013-05-31 23:17:09 77312 ----a-w- C:\Windows\System32\packager.dll 2013-05-31 23:17:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-05-31 23:03:50 -------- d-----w- C:\Users\Connor\AppData\Local\AMD 2013-05-31 23:03:40 -------- d-----w- C:\Users\Connor\AppData\Local\ATI 2013-05-31 23:02:38 -------- d-----w- C:\Users\Connor\AppData\Roaming\Synaptics 2013-05-31 23:00:06 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2013-05-31 23:00:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2013-05-31 23:00:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2013-05-31 22:59:20 -------- d-----w- C:\Users\Connor\AppData\Roaming\hpqlog 2013-05-31 22:59:18 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard 2013-05-31 22:58:00 -------- d-----w- C:\Users\Connor\AppData\Local\RemEngine 2013-05-31 22:57:50 -------- d-----w- C:\Users\Connor\AppData\Local\Hewlett-Packard_Company 2013-05-31 22:56:48 -------- d-----w- C:\Users\Connor\AppData\Local\AuthenTec 2013-05-31 22:55:29 -------- d-----w- C:\Users\Connor\AppData\Local\VirtualStore 2013-05-31 22:55:12 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-31 22:55:03 99840 ----a-w- C:\Windows\System32\wudriver.dll . ==================== Find3M ==================== . 2013-06-16 02:13:36 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-06 00:33:21 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-06-01 00:34:18 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 05:24:10 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-10 05:24:10 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 10:45:17.11 ===============
  16. I recently ran a quick scan on Malwarebytes Antimalware and it detected 4 malicious software. It asked me if I wanted to delete it, and I canceled it because I wanted to delete it in the full scan I was about run. But, I ran a quick scan a second time and it found no malicious software, even though I did not delete them the first time. What happened to them? I want to delete these files but they went undetected. I even restarted my computer and reinstalled Malwarebytes Antimalware, but still nothing was detected in the quick scan.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.