Quantcast
Channel: Tech Support Forum - Virus/Trojan/Spyware Help
Viewing all 2798 articles
Browse latest View live

interpol virus encrypted

November 30, 2015, 2:10 pm
$
0
0
hi all
i had infected from interpol virus
i had deep freeze in c partition
when i restart pc the infected disappear from c files because of deep freeze

now all my important files i can not open it or use because encrypted :banghead:


can any one help me to remove that encrypted :confused:



i use win 7
i do not use antivirus


thanks in advance for your help

with my best regards

saad
Search

Google Chrome keeps opening pop-ups randomly

December 19, 2015, 12:28 am
$
0
0
Hi guys,

I actually had this problem exactly 2 months ago and you helped me solve it.
A few days ago it was back, exactly the same.
I don't recall installing any app, clicking any weird banner or e-mail attachment so I really don't know what's the cause of it.
The only symptom is that I keep getting pop-ups out of nowhere every few minutes, even if I don't touch the computer.

Here are the DDS and attach file:
===================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.18124 BrowserJavaVersion: 11.31.2
Run by Shahar Ben-Porath at 20:39:50 on 2015-12-18
Microsoft Windows 7 Professional 6.1.7601.1.1255.972.1033.18.2922.890 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\Av\avgrsx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\Av\avgidsagent.exe
C:\Program Files\AVG\Framework\Common\avgsvcx.exe
C:\Program Files\AVG\Av\avgwdsvcx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE
C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\AVG\Av\avgnsx.exe
C:\Program Files\AVG\Av\avgemcx.exe
C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Lenovo\System Update\SUService.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
c:\program files\soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\AVG\Av\avgui.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_TATINGE.EXE
C:\Users\Shahar Ben-Porath\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Shahar Ben-Porath\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\AVG\Av\avgcsrvx.exe
C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid={8EF4AC3F-B710-440B-80A5-E852EC322E5C}&mid=5c331a67e17647d1a646957ea0dfaa80-f60f1bc55ce20c250fa1c1a05d7706fc14e0d932&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-11-18 08:42:40&v=4.2.1.951&pid=wtu&sg=&sap=hp
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.maxiwe.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: ActiveMail Add-on: {2BBC8EDB-3D27-4FD3-9F9F-DFDC5B4A27A4} - c:\program files\activepath\addon\apieinbodyBHO.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: {54B02808-B60E-44CD-A72D-9865117E4E62} - <orphaned>
BHO: AGFormHelperObj Class: {6620E618-1AB9-4EB2-ACA4-CBBE9066DBE6} - c:\program files\agat\agform\AGFormsHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_31\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg web tuneup\4.2.4.155\AVG Web TuneUp.dll
BHO: WinZip Courier BHO: {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - c:\program files\winzip courier\wzwmcie.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_31\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: AGForms Toolbar: {8fe28f46-37ad-47b2-8258-34c128636ace} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Google Update] "c:\users\shahar ben-porath\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [AVG-Secure-Search-Update_0913b] c:\users\shahar ben-porath\appdata\roaming\avg 0913b campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 5c331a67e17647d1a646957ea0dfaa80-f60f1bc55ce20c250fa1c1a05d7706fc14e0d932 --CMPID 0913b
uRun: [GoogleChromeAutoLaunch_B1CFEE270F926F92FBAC5A26A0459617] "c:\users\shahar ben-porath\appdata\local\google\chrome\application\chrome.exe" --no-startup-window
uRun: [Dropbox Update] "c:\users\shahar ben-porath\appdata\local\dropbox\update\DropboxUpdate.exe" /c
uRun: [Web Companion] c:\program files\lavasoft\web companion\application\WebCompanion.exe --minimize
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatinge.exe /ept "epltarget\P0000000000000000" /M "L455 Series"
mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [Power Manager Power Agenda] c:\progra~1\thinkpad\utilit~1\DPMHost.exe
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AvgUi] "c:\program files\avg\framework\common\avguix.exe" /fmw.trayonly
mRun: [AVG_UI] "c:\program files\avg\av\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg web tuneup\vprot.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
StartupFolder: c:\users\shahar~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\shahar ben-porath\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &ייצוא אל Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: ש&לח אל OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\LavasoftTcpService.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 192.117.235.235 62.219.186.7
TCP: Interfaces\{A68E97FE-3021-4C69-AB0D-F919893DC660} : DHCPNameServer = 192.117.235.235 62.219.186.7
TCP: Interfaces\{F64C6EC5-5E94-4367-97B9-C4EB5204B9AA} : DHCPNameServer = 192.168.42.129
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "c:\windows\system32\rundll32.exe" "c:\program files\adobe\acrobat reader dc\esl\AiodLite.dll",CreateReaderUserSettings
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\shahar ben-porath\appdata\roaming\mozilla\firefox\profiles\pnmycuye.default\
FF - prefs.js: browser.search.selectedEngine - Bing®
FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\program files\winzip courier\npwzwmc.dll
FF - plugin: c:\users\shahar ben-porath\appdata\local\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\users\shahar ben-porath\appdata\local\google\update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\users\shahar ben-porath\appdata\roaming\mozilla\firefox\profiles\pnmycuye.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
FF - plugin: c:\users\shahar ben-porath\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\shahar ben-porath\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_19_0_0_245.dll
FF - ExtSQL: !HIDDEN! 2011-07-16 08:40; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2015-8-20 231344]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2015-8-14 308656]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2015-11-6 193968]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2015-8-10 36784]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2011-7-18 51144]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2015-11-6 149936]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2015-11-6 255920]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2015-11-20 31664]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2015-10-21 229296]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2015-10-8 231856]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-3 26984]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-5-17 269824]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-18 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-10-18 170200]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2011-5-17 41088]
R3 PCDSRVC{3037D694-FD904ACA-06020200}_0;PCDSRVC{3037D694-FD904ACA-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2011-6-27 22640]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2010-9-28 38336]
R3 VAD_DEV;Virtual Audio Service;c:\windows\system32\drivers\vad.sys [2011-8-7 16256]
S3 andnetadb;ADB Interface DriverNet;c:\windows\system32\drivers\lgandnetadb.sys [2011-9-6 25856]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\drivers\lgandnetdiag.sys [2011-9-6 23040]
S3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\drivers\lgandnetmodem.sys [2011-9-6 27776]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\drivers\lgandnetndis.sys [2011-9-16 73728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-18 51928]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-2-16 11520]
.
=============== Created Last 30 ================
.
2015-12-18 14:33:47 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e8a502c4-8525-429c-805b-69723632d1bb}\offreg.5268.dll
2015-12-18 14:29:12 9014120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e8a502c4-8525-429c-805b-69723632d1bb}\mpengine.dll
2015-12-09 17:17:01 487936 ----a-w- c:\windows\system32\catsrvut.dll
2015-12-09 17:17:01 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2015-12-09 05:30:06 9498816 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2015-12-03 13:38:43 -------- d-----w- c:\program files\EPSON Software
2015-12-03 10:28:51 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2015-12-03 10:28:49 142848 ----a-w- c:\windows\system32\E_TLMBNGE.DLL
2015-12-03 10:28:48 81408 ----a-w- c:\windows\system32\E_TD4BNGE.DLL
2015-11-25 12:15:05 -------- d--h--w- C:\$WINDOWS.~BT
2015-11-20 06:05:14 31664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
==================== Find3M ====================
.
2015-12-18 18:37:33 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-09 05:30:15 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-12-09 05:30:15 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-02 11:25:18 247976 ------w- c:\windows\system32\MpSigStub.exe
2015-11-20 18:34:36 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:34:36 2956800 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:34:36 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:34:11 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:33:59 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:33:56 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-11-17 09:54:35 170200 ----a-w- c:\windows\system32\drivers\24AB5392.sys
2015-11-15 07:56:54 170200 ----a-w- c:\windows\system32\drivers\0F7A5D3C.sys
2015-11-13 07:54:43 170200 ----a-w- c:\windows\system32\drivers\0D013F4C.sys
2015-11-10 18:39:18 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:39:18 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:39:15 811520 ----a-w- c:\windows\system32\user32.dll
2015-11-10 17:40:30 2386944 ----a-w- c:\windows\system32\win32k.sys
2015-11-10 07:40:15 170200 ----a-w- c:\windows\system32\drivers\67B849D3.sys
2015-11-10 00:24:59 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-11-10 00:24:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-11-10 00:13:04 496640 ----a-w- c:\windows\system32\vbscript.dll
2015-11-10 00:13:03 62464 ----a-w- c:\windows\system32\iesetup.dll
2015-11-10 00:12:29 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-11-10 00:12:19 341504 ----a-w- c:\windows\system32\html.iec
2015-11-10 00:11:38 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-11-10 00:03:07 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-11-10 00:03:01 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2015-11-10 00:02:42 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2015-11-09 23:57:53 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-11-09 23:50:28 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-09 23:46:18 4514816 ----a-w- c:\windows\system32\jscript9.dll
2015-11-09 23:36:09 2050560 ----a-w- c:\windows\system32\inetcpl.cpl
2015-11-09 23:35:17 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-11-09 23:17:36 2011136 ----a-w- c:\windows\system32\wininet.dll
2015-11-07 18:29:26 345360 ----a-w- c:\windows\system32\LavasoftTcpService.dll
2015-11-06 13:48:44 255920 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-11-06 13:48:42 149936 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2015-11-05 19:02:52 14848 ----a-w- c:\windows\system32\wshrm.dll
2015-11-05 19:00:18 2048 ----a-w- c:\windows\system32\tzres.dll
2015-11-05 09:48:20 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-11-03 19:45:28 170200 ----a-w- c:\windows\system32\drivers\08D051F4.sys
2015-11-03 18:56:18 627712 ----a-w- c:\windows\system32\usp10.dll
2015-11-03 18:55:58 179712 ----a-w- c:\windows\system32\els.dll
2015-11-03 07:51:36 170200 ----a-w- c:\windows\system32\drivers\42122F95.sys
2015-10-29 17:50:21 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:49:58 295936 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:49:57 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:49:57 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-26 20:51:53 170200 ----a-w- c:\windows\system32\drivers\01A113B9.sys
2015-10-26 20:44:33 170200 ----a-w- c:\windows\system32\drivers\57CE0E1C.sys
2015-10-25 05:31:09 170200 ----a-w- c:\windows\system32\drivers\4DF704E4.sys
2015-10-21 14:24:24 229296 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2015-10-20 00:52:02 3991488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 00:52:00 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 00:52:00 138176 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 00:48:47 1308160 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 00:44:53 22528 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 00:44:35 50176 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 00:39:32 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:35:03 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:35:00 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-19 23:29:22 225792 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-10-19 23:28:57 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-10-19 23:28:56 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-10-13 16:31:53 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-10-13 16:31:24 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-10-13 04:50:31 712640 ----a-w- c:\windows\system32\drivers\ndis.sys
2015-10-12 23:29:08 875720 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-08 23:17:35 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-10-08 23:13:41 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-10-08 23:13:41 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-10-08 05:48:58 231856 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2015-10-05 06:50:16 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 06:50:08 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 06:50:04 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-01 17:50:53 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 17:50:43 22528 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\jnwppr.dll
2015-10-01 17:50:43 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-10-01 17:50:43 19968 ----a-w- c:\windows\system32\jnwmon.dll
2015-10-01 17:50:35 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 17:50:35 28160 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 17:50:00 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50:00 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 16:53:22 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-23 13:09:58 371920 ----a-w- c:\windows\system32\drivers\cng.sys
2015-09-23 13:09:57 251000 ----a-w- c:\windows\system32\bcryptprimitives.dll
2015-07-16 05:07:57 6420480 ----a-w- c:\program files\GUTAD7B.tmp
2014-03-30 16:02:59 6000640 ----a-w- c:\program files\GUTA2A7.tmp
.
============= FINISH: 20:46:11.80 ===============
DDS1812.txt
2 of 2 items
Attach1812.txtDDS1812.txtDisplaying Attach1812.txt.

Attached Files
File Type: txt Attach1812.txt (13.3 KB)

BSOD and other problems ESET online sees something

December 19, 2015, 9:21 am
$
0
0
Sorry, this may take 2 posts to post as a lot of screen shots on the general account and some on the admin account.

I had my win 7 upgraded to win 10 about 4 weeks ago with the computer manufacturer (Puget Systems).

I've been having problems with magnifier working and error messages (even did a system restore to the earliest point). Then today problems with FF and Chrome. When vids wouldn't run in FF I tried to open in chrome and got a BSOD (see screen shots - probably in a second posting on this as on the other account). I called the number and got weird advice from the MS people. Almost seemed like a scam so I screen shot everything.

They said that windows defender wasn't any good and to install something else and they said not comodo when I bought that up.

They said I needed my computer company to do a system tuneup and one time resolution - whatever that means. I think system tuneup is stuff I routinely do like disk defragmenter (which I do every other day), cleaning files (use CCleaner (used to use old timers TFC but that doesn't run on win10) - I don't use the registry stuff, just cleaning up files), backing up files - I may be wrong about all this.

I run ESET online scanner after downloading any new program or problems or if nothing once/month to be sure.

Anyway, ESET online also found something (but I think maybe download for the last CCleaner update and I went in and deleted that).

So, I don't know what is wrong with my computer but if it's malware thought should have it checked out.

Thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by 777 at 9:01:16 on 2015-12-19
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.7105.5426 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\777\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\777\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [OneDrive] "C:\Users\777\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [f.lux] "C:\Users\777\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{d3d0495a-0e40-4629-919d-47020fe6d347} : DHCPNameServer = 192.168.0.1 205.171.2.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\777\AppData\Roaming\Mozilla\Firefox\Profiles\rtq5fwqz.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-29 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-29 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-29 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-29 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-29 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-29 8192]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-11-12 936728]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-29 43944]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-11-12 359848]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-29 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-29 20480]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2015-10-22 192648]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-29 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-29 364464]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-29 216064]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-29 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-29 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-29 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-29 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-29 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-29 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-12 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-29 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-29 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-29 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-29 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-29 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-29 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-29 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-29 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-8 473864]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-29 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-29 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-29 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-29 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-29 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-29 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-29 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-29 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-29 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-29 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-29 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-29 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-29 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-29 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-29 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-29 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-29 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-29 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-29 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-29 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-29 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-29 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-29 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-29 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-29 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-29 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-29 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-29 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-29 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-29 43944]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-29 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-29 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-29 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S4 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-29 43944]
S4 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
.
=============== Created Last 30 ================
.
2015-12-19 16:35:17 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FDD59327-8C51-4A4B-BB06-1A237F701557}\mpengine.dll
2015-12-19 15:29:59 -------- d-----w- C:\ProgramData\WRData
2015-12-18 16:04:40 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-12 19:44:25 -------- d-----w- C:\Users\777\AppData\Local\FluxSoftware
2015-12-12 19:12:58 -------- d-----w- C:\Users\777\AppData\Local\Comms
2015-12-12 19:11:17 -------- d-----w- C:\Users\777\AppData\Local\Publishers
2015-12-12 19:10:02 -------- d-----w- C:\Users\777\AppData\Local\Mozilla
2015-12-12 18:56:47 -------- d-----r- C:\Users\777\OneDrive
2015-12-12 18:55:35 -------- d-----w- C:\Users\777\AppData\Local\ActiveSync
2015-12-12 18:54:11 -------- d-----r- C:\Users\777\Searches
2015-12-12 18:54:11 -------- d-----r- C:\Users\777\Contacts
2015-12-12 17:59:30 75264 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll
2015-12-12 17:40:09 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{295B625E-A0CE-4262-AD53-4B559927C24C}\gapaengine.dll
2015-12-09 20:02:26 -------- d-----w- C:\Program Files (x86)\ESET
2015-11-27 17:34:56 -------- d-----w- C:\Program Files\CCleaner
2015-11-24 14:29:42 -------- d-----w- C:\Program Files\VideoLAN
2015-11-23 22:16:09 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu
2015-11-23 22:13:16 -------- d-----w- C:\ProgramData\CanonIJPLM
2015-11-23 22:11:56 -------- d-----w- C:\ProgramData\Canon IJ Network Tool
2015-11-23 22:11:52 336896 ----a-w- C:\WINDOWS\SysWow64\CNC_C9L.dll
2015-11-23 22:11:52 15872 ----a-w- C:\WINDOWS\SysWow64\CNHMCA.dll
2015-11-23 22:11:37 39424 ----a-w- C:\WINDOWS\System32\CNMN6UI.DLL
2015-11-23 22:11:37 380928 ----a-w- C:\WINDOWS\SysWow64\CNMNPPM.DLL
2015-11-23 22:11:37 375296 ----a-w- C:\WINDOWS\System32\CNMN6PPM.DLL
2015-11-23 22:11:37 -------- d-----w- C:\WINDOWS\System32\STRING
2015-11-23 22:10:11 -------- d-----w- C:\ProgramData\CanonIJWSpt
2015-11-23 22:08:26 -------- d-----w- C:\Program Files\Canon
2015-11-23 22:07:51 369664 ----a-w- C:\WINDOWS\System32\CNC_C9L.dll
2015-11-23 22:07:51 316928 ----a-w- C:\WINDOWS\System32\CNC_C9C.dll
2015-11-23 22:07:51 17920 ----a-w- C:\WINDOWS\System32\CNHMCA6.dll
2015-11-23 22:07:51 105984 ----a-w- C:\WINDOWS\System32\CNC_C9I.dll
2015-11-23 21:35:27 -------- d-----w- C:\Program Files (x86)\Canon
.
==================== Find3M ====================
.
2015-12-19 16:54:24 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-09 03:39:31 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-12-07 04:57:01 973664 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2015-12-07 04:55:42 1281376 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2015-12-07 04:49:31 412512 ----a-w- C:\WINDOWS\System32\wifitask.exe
2015-12-07 04:47:58 116720 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2015-12-07 04:47:57 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-12-07 04:47:57 898184 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2015-12-07 04:47:54 716928 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2015-12-07 04:45:46 264544 ----a-w- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2015-12-07 04:15:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2015-12-07 04:15:08 75776 ----a-w- C:\WINDOWS\System32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-07 04:10:37 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2015-12-07 04:09:36 30208 ----a-w- C:\WINDOWS\System32\StorageUsage.dll
2015-12-07 04:09:27 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2015-12-07 04:09:07 133120 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2015-12-07 04:07:43 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2015-12-07 04:07:34 77312 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
2015-12-07 04:07:13 16984064 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-12-07 04:06:52 231936 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
2015-12-07 04:06:38 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2015-12-07 04:06:36 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2015-12-07 04:06:32 572928 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2015-12-07 04:05:28 36864 ----a-w- C:\WINDOWS\System32\BackgroundTransferHost.exe
2015-12-07 04:05:15 192000 ----a-w- C:\WINDOWS\System32\provisioningcsp.dll
2015-12-07 04:04:28 56320 ----a-w- C:\WINDOWS\System32\provtool.exe
2015-12-07 04:04:20 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2015-12-07 04:03:46 13017600 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-12-07 04:02:54 477696 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-12-07 04:02:49 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2015-12-07 04:02:01 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2015-12-07 04:01:43 34304 ----a-w- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
2015-12-07 04:01:07 543232 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
2015-12-07 04:00:55 323072 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2015-12-07 04:00:52 203776 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2015-12-07 04:00:51 210432 ----a-w- C:\WINDOWS\System32\wcmcsp.dll
2015-12-07 04:00:40 618496 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-12-07 03:59:52 286208 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2015-12-07 03:59:49 292352 ----a-w- C:\WINDOWS\System32\provengine.dll
2015-12-07 03:59:37 558080 ----a-w- C:\WINDOWS\System32\MBMediaManager.dll
2015-12-07 03:59:16 165376 ----a-w- C:\WINDOWS\System32\provdatastore.dll
2015-12-07 03:58:17 459776 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2015-12-07 03:57:48 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2015-12-07 03:57:40 409088 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
2015-12-07 03:57:28 270848 ----a-w- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
2015-12-07 03:56:27 497152 ----a-w- C:\WINDOWS\System32\mfmkvsrcsnk.dll
2015-12-07 03:56:18 607232 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-12-07 03:55:38 7979008 ----a-w- C:\WINDOWS\System32\mos.dll
2015-12-07 03:55:02 346112 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2015-12-07 03:54:56 850432 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2015-12-07 03:54:56 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2015-12-07 03:53:28 381952 ----a-w- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
2015-12-07 03:51:16 1318912 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll
2015-12-07 03:51:00 223232 ----a-w- C:\WINDOWS\System32\fveapibase.dll
2015-12-07 03:50:55 1131520 ----a-w- C:\WINDOWS\System32\Windows.Media.Audio.dll
2015-12-07 03:49:01 1105920 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
2015-12-07 03:48:02 6297088 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2015-12-07 03:47:02 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2015-12-07 03:45:53 683008 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:45 900608 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:44 2582016 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-12-07 03:44:48 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2015-12-07 03:43:35 931328 ----a-w- C:\WINDOWS\System32\MSMPEG2ENC.DLL
2015-12-07 03:43:07 2598400 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-12-07 03:41:02 2061824 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-12-07 03:40:47 3593216 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-12-07 03:40:23 1995776 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2015-12-07 03:40:08 1706496 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2015-12-07 03:39:24 764928 ----a-w- C:\WINDOWS\System32\fveapi.dll
2015-12-07 03:38:14 871936 ----a-w- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
2015-12-07 03:33:04 375296 ----a-w- C:\WINDOWS\System32\MDEServer.exe
2015-12-07 03:32:46 126464 ----a-w- C:\WINDOWS\System32\dialserver.dll
2015-12-01 07:12:09 2152800 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2015-12-01 00:33:29 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-12-01 00:33:29 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-11-24 14:49:20 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-11-24 12:07:40 1817160 ----a-w- C:\WINDOWS\System32\ntdll.dll
2015-11-24 11:06:29 1540768 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2015-11-24 10:26:50 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2015-11-24 10:01:57 2756096 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2015-11-24 09:54:15 7680 ----a-w- C:\WINDOWS\System32\readingviewresources.dll
2015-11-24 09:53:39 115200 ----a-w- C:\WINDOWS\System32\win32k.sys
2015-11-24 09:45:01 18944 ----a-w- C:\WINDOWS\System32\wshrm.dll
2015-11-24 09:37:04 147968 ----a-w- C:\WINDOWS\System32\drivers\rmcast.sys
2015-11-24 09:26:34 1337240 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2015-11-24 09:19:35 182784 ----a-w- C:\WINDOWS\System32\shutdownux.dll
2015-11-24 09:12:41 523776 ----a-w- C:\WINDOWS\System32\catsrvut.dll
2015-11-24 08:58:24 604672 ----a-w- C:\WINDOWS\System32\vbscript.dll
2015-11-24 08:55:41 1393664 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2015-11-24 08:54:21 2756096 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2015-11-24 08:52:05 1717248 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2015-11-24 08:49:47 1648640 ----a-w- C:\WINDOWS\System32\comsvcs.dll
2015-11-24 08:14:34 415744 ----a-w- C:\WINDOWS\SysWow64\catsrvut.dll
2015-11-24 08:03:47 503296 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2015-11-24 07:59:27 1467392 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2015-11-24 07:57:56 1328128 ----a-w- C:\WINDOWS\SysWow64\comsvcs.dll
2015-11-24 07:35:50 22393856 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2015-11-24 07:29:31 2352128 ----a-w- C:\WINDOWS\System32\authui.dll
2015-11-24 07:11:35 18678272 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2015-11-24 07:04:25 2155008 ----a-w- C:\WINDOWS\SysWow64\authui.dll
.
============= FINISH: 9:02:00.70 ===============

Attached Thumbnails
Click image for larger version Name: threat found on eset online scan.jpg Views: N/A Size: 110.0 KB ID: 266482   Click image for larger version Name: eset online threat.jpg Views: N/A Size: 107.4 KB ID: 266490  
Attached Files
File Type: txt attach.txt (21.7 KB)

VBNet Virus

December 19, 2015, 2:14 pm
$
0
0
Hi, got an issue with a virus on my asus k55v laptop running windows 10. It shows in task manager as 4 different programs 1st: Chrome OS, 2nd: COMsystem, 3rd: Clipboard and 4th: WebServices. It also shows on my C drive under program files (x86) in a folder called VBNet. The files it shows appear to be disguising as real programs. The list again here: AVDisp.exe AVScan.exe body.txt CClean.exe orme.dll result.txt settings.txt WindApp.exe WindowsRSS.exe
Everytime i delete these files and end the tasks in task manager they appear back again. When all of this first installed it began installing programs on my desktop, I deleted these and they didnt come back. It also has changed the permissions to my AVG antivirus and previously blocked me from using AVG before. I got round it the first time by installing AVG anew. Tried several different malware removers but they wont stop appearing and causing issues. I am getting a battery power issue that may be related. I plug the charger in and the indicator light flashes rather than staying solid orange as usual, my battery then displays 4 or 0% battery level, shows as plugged in but also says not charging.

Been working on this all day any help appreciated
Thanks
Matt

Slow WIndows 10

December 19, 2015, 4:18 pm
$
0
0
Hi, so trying to figure out why my gf's computer is so slow, possibly malware? I think Windows Defender is off, so would not interfere with her Kaspersky. Thanks very much...
/lkDDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Susan at 18:12:42 on 2015-12-19
Microsoft Windows 10 Pro 10.0.10586.0.1252.1.1033.18.8066.3891 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security *Enabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: Kaspersky Total Security *Enabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7barsvc.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\PROGRA~2\MYTRAN~1\bar\1.bin\AppIntegrator.exe
C:\PROGRA~2\MYTRAN~1\bar\1.bin\AppIntegrator64.exe
C:\Users\Susan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\CrExtPb7.exe
C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\CrExtPb7.exe
C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\CrExtPb7.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: <No Name>: {acf4caa5-7097-4ee3-a0d5-cbb4bd428072} - C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7SrcAs.dll
BHO: Toolbar BHO: {2924414a-afad-40f7-a227-35f6e8ea69bd} - C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7bar.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Search Assistant BHO: {be72056b-6cc7-4bcd-9652-43798df584ea} - C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7SrcAs.dll
BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
TB: MyTransitGuide: {6B70E2CF-4E9B-48B8-82A3-A3EB5E70F0CE} - C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7bar.dll
TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
TB: MyTransitGuide: {6b70e2cf-4e9b-48b8-82a3-a3eb5e70f0ce} - C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7bar.dll
uRun: [OneDrive] "C:\Users\Susan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [DellSystemDetect] C:\Users\Susan\AppData\Local\Apps\2.0\D4LWRJ0C.JN4\OADOG50V.TPJ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
mRun: [MyTransitGuide EPM Support] "C:\PROGRA~2\MYTRAN~1\bar\1.bin\b7medint.exe" t8EPMSup.dll,S
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12EP20-10001/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{b7485063-f39d-4e3b-9821-9d78a9a335bd} : DHCPNameServer = 192.168.1.1 68.237.161.12
TCP: Interfaces\{e39e087e-3b2b-41c8-baf3-7562d47d3608} : DHCPNameServer = 192.168.1.1 68.237.161.12
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Susan\AppData\Roaming\Mozilla\Firefox\Profiles\6n9r9i16.default\
FF - prefs.js: browser.startup.homepage - hxxps://us-mg4.mail.yahoo.com/neo/launch?.rand=aa5j6m9a9n9ie#4058621136|https://mail.google.com/mail/#inbox|...=0&fb_bmpos=_0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);C:\WINDOWS\System32\drivers\cm_km.sys [2015-7-5 389816]
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\WINDOWS\System32\drivers\CSCrySec.sys [2014-10-22 98504]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-10-27 651832]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\WINDOWS\System32\drivers\klbackupdisk.sys [2015-6-6 53432]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys [2014-10-22 67784]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\WINDOWS\System32\drivers\klbackupflt.sys [2015-6-27 70512]
R1 klhk;Kaspersky Lab service driver;C:\WINDOWS\System32\drivers\klhk.sys [2015-9-4 227512]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\drivers\klim6.sys [2015-6-11 39608]
R1 klpd;Kaspersky Lab format recognizer driver;C:\WINDOWS\System32\drivers\klpd.sys [2015-6-8 41352]
R1 klwfp;klwfp;C:\WINDOWS\System32\drivers\klwfp.sys [2015-6-26 87944]
R1 Klwtp;Klwtp;C:\WINDOWS\System32\drivers\klwtp.sys [2015-6-16 102584]
R1 kneps;kneps;C:\WINDOWS\System32\drivers\kneps.sys [2015-6-23 187056]
R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [2015-7-8 194000]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-11-4 330136]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 kldisk;kldisk;C:\WINDOWS\System32\drivers\kldisk.sys [2015-6-6 68280]
R2 MyTransitGuide_b7Service;MyTransitGuideService;C:\Program Files (x86)\MyTransitGuide_b7\bar\1.bin\b7barsvc.exe [2015-9-9 89432]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-7-29 38976]
R3 klflt;Kaspersky Lab Kernel DLL;C:\WINDOWS\System32\drivers\klflt.sys [2015-9-4 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\drivers\klkbdflt.sys [2015-6-6 41656]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\drivers\klmouflt.sys [2015-6-7 41656]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2015-4-29 26880]
S0 klelam;klelam;C:\WINDOWS\System32\drivers\klelam.sys [2015-6-24 30328]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-17 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-7-29 50240]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vssbrigde64;vssbrigde64;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [2015-7-8 144640]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2015-12-18 12:44:34 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-12-18 02:00:59 558080 ----a-w- C:\WINDOWS\System32\MBMediaManager.dll
2015-12-18 01:52:14 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D0974D20-BC12-4356-B461-9D5A7DED2C47}\mpengine.dll
2015-12-17 12:53:48 -------- d-----w- C:\Users\Susan\AppData\Local\ActiveSync
2015-12-17 11:49:22 -------- dc----w- C:\WINDOWS\Panther
2015-12-17 11:47:23 -------- d-----w- C:\Windows.old
2015-12-17 11:44:43 -------- d-----w- C:\WINDOWS\System32\Microsoft
2015-12-17 11:42:59 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-12-17 11:42:59 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-12-17 11:42:59 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-17 11:42:50 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-12-17 11:42:50 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-12-17 11:42:50 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-12-17 09:39:20 -------- d-sh--we C:\ProgramData\Documents
2015-12-17 09:39:20 -------- d-sh--w- C:\Recovery
2015-12-17 09:18:47 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-12-17 09:14:45 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-12-17 09:14:45 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-12-17 08:54:47 230912 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\DKADGQ4C.DLL
2015-12-17 08:54:40 72704 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2015-12-17 08:54:25 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2015-12-17 08:54:00 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-12-17 08:52:02 -------- d-----w- C:\Program Files\Dell
2015-12-17 08:51:18 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-12-17 00:47:53 11138400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-16 13:28:28 4318760 ----a-w- C:\WINDOWS\System32\drivers\athw10x.sys
2015-12-16 13:21:36 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{346FAEAA-5796-42C6-8728-9E5037CCF869}\gapaengine.dll
.
==================== Find3M ====================
.
2015-12-17 12:51:57 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-09 03:39:31 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-12-07 04:57:01 973664 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2015-12-07 04:55:42 1281376 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2015-12-07 04:49:31 412512 ----a-w- C:\WINDOWS\System32\wifitask.exe
2015-12-07 04:47:58 116720 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2015-12-07 04:47:57 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-12-07 04:47:57 898184 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2015-12-07 04:47:54 716928 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2015-12-07 04:45:46 264544 ----a-w- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2015-12-07 04:15:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2015-12-07 04:15:08 75776 ----a-w- C:\WINDOWS\System32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-07 04:10:37 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2015-12-07 04:09:36 30208 ----a-w- C:\WINDOWS\System32\StorageUsage.dll
2015-12-07 04:09:27 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2015-12-07 04:09:07 133120 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2015-12-07 04:07:43 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2015-12-07 04:07:34 77312 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
2015-12-07 04:07:13 16984064 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-12-07 04:06:52 231936 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
2015-12-07 04:06:38 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2015-12-07 04:06:36 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2015-12-07 04:06:32 572928 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2015-12-07 04:05:28 36864 ----a-w- C:\WINDOWS\System32\BackgroundTransferHost.exe
2015-12-07 04:05:15 192000 ----a-w- C:\WINDOWS\System32\provisioningcsp.dll
2015-12-07 04:04:28 56320 ----a-w- C:\WINDOWS\System32\provtool.exe
2015-12-07 04:04:20 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2015-12-07 04:03:46 13017600 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-12-07 04:02:54 477696 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-12-07 04:02:49 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2015-12-07 04:02:01 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2015-12-07 04:01:43 34304 ----a-w- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
2015-12-07 04:01:07 543232 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
2015-12-07 04:00:55 323072 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2015-12-07 04:00:52 203776 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2015-12-07 04:00:51 210432 ----a-w- C:\WINDOWS\System32\wcmcsp.dll
2015-12-07 04:00:40 618496 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-12-07 03:59:52 286208 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2015-12-07 03:59:49 292352 ----a-w- C:\WINDOWS\System32\provengine.dll
2015-12-07 03:59:16 165376 ----a-w- C:\WINDOWS\System32\provdatastore.dll
2015-12-07 03:58:17 459776 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2015-12-07 03:57:48 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2015-12-07 03:57:40 409088 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
2015-12-07 03:57:28 270848 ----a-w- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
2015-12-07 03:56:27 497152 ----a-w- C:\WINDOWS\System32\mfmkvsrcsnk.dll
2015-12-07 03:56:18 607232 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-12-07 03:55:38 7979008 ----a-w- C:\WINDOWS\System32\mos.dll
2015-12-07 03:55:02 346112 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2015-12-07 03:54:56 850432 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2015-12-07 03:54:56 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2015-12-07 03:53:28 381952 ----a-w- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
2015-12-07 03:51:16 1318912 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll
2015-12-07 03:51:00 223232 ----a-w- C:\WINDOWS\System32\fveapibase.dll
2015-12-07 03:50:55 1131520 ----a-w- C:\WINDOWS\System32\Windows.Media.Audio.dll
2015-12-07 03:49:01 1105920 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
2015-12-07 03:48:02 6297088 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2015-12-07 03:47:02 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2015-12-07 03:45:53 683008 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:45 900608 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:44 2582016 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-12-07 03:44:48 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2015-12-07 03:43:35 931328 ----a-w- C:\WINDOWS\System32\MSMPEG2ENC.DLL
2015-12-07 03:43:07 2598400 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-12-07 03:41:02 2061824 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-12-07 03:40:47 3593216 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-12-07 03:40:23 1995776 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2015-12-07 03:40:08 1706496 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2015-12-07 03:39:24 764928 ----a-w- C:\WINDOWS\System32\fveapi.dll
2015-12-07 03:38:14 871936 ----a-w- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
2015-12-07 03:33:04 375296 ----a-w- C:\WINDOWS\System32\MDEServer.exe
2015-12-07 03:32:46 126464 ----a-w- C:\WINDOWS\System32\dialserver.dll
2015-12-01 00:33:29 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-12-01 00:33:29 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-11-13 03:50:10 26880 ----a-w- C:\WINDOWS\System32\drivers\wdcsam64.sys
2015-11-05 00:15:59 96752 ----a-w- C:\WINDOWS\System32\igfxCUIServicePS.dll
2015-10-30 09:07:33 96256 ----a-w- C:\WINDOWS\System32\auditpolmsg.dll
2015-10-30 09:03:16 6359040 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-10-30 09:03:16 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-10-30 09:03:16 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-10-30 09:03:15 4847616 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-10-30 09:03:15 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-10-30 09:02:01 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2015-10-30 09:02:00 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
2015-10-30 09:01:59 7168 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2015-10-30 09:01:59 4096 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2015-10-30 09:01:59 3072 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\en-US\SensorsCx.dll.mui
2015-10-30 07:21:31 209408 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2015-10-30 07:21:29 230912 ----a-w- C:\WINDOWS\System32\msclmd.dll
2015-10-30 07:20:00 926208 ----a-w- C:\WINDOWS\SysWow64\FXSRESM.dll
2015-10-30 07:20:00 79360 ----a-w- C:\WINDOWS\SysWow64\FXSCOM.dll
2015-10-30 07:20:00 525824 ----a-w- C:\WINDOWS\SysWow64\FXSCOMEX.dll
2015-10-30 07:20:00 34816 ----a-w- C:\WINDOWS\SysWow64\sxproxy.dll
2015-10-30 07:20:00 27136 ----a-w- C:\WINDOWS\SysWow64\WinFax.dll
2015-10-30 07:20:00 232448 ----a-w- C:\WINDOWS\SysWow64\FXSAPI.dll
2015-10-30 07:20:00 222208 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2015-10-30 07:18:47 874 ----a-w- C:\WINDOWS\System32\manage-bde.wsf
2015-10-30 07:17:59 990720 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
2015-10-30 06:31:04 143360 ----a-w- C:\WINDOWS\System32\poqexec.exe
2015-10-30 06:31:03 119296 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2015-10-30 06:28:36 901632 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2011-12-20 23:32:52 81608 -csha-w- C:\WINDOWS\Panther\Rollback\Boot\Info.exe
.
============= FINISH: 18:13:39.08 ===============

smart_tag.js message pops up

December 20, 2015, 2:35 pm
$
0
0
smart_tag.js message pops up

--------------------------------------------------------------------------------

what is this and how do I get rid of it... it only happens on ebay

I have HP windows 7

it says do you want to open save or close

went to ad ons and its not there

West Cheshire Police Authority Virus

December 21, 2015, 12:31 pm
$
0
0
I have seen this on a friends Android Tablet..

We have done a clean install on the tablet numerous times and it keeps coming back. wiped All cards internal SD cards.

But it keeps coming back.

Any way of stopping this fully

Computer most likely infected.

December 3, 2015, 9:03 pm
$
0
0
Yeah I did a bad thing and now karma is paying me back for it. I have been cleaning up my computer but I feel like something else is still there.

I have run Malware Bytes about 4 times in the last 2 days and it has found 100+ at first and latest 11 malwares. I have run Spybot also and taken out a few things.

I'm still having issues with a misc. window popping open and giving me an message that I need to call Microsoft. Also, on Facebook I can not get Angry Birds to load. I checked to see if my flash player was installed and Adobe says it's good.

I ran Hijack this because I know in the past when I've asked for help, that is one thing that is asked of me.

Thanks for any help.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:43:56 PM, on 12/3/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\Shelly\AppData\Local\Microsoft\Windows\INetCache\IE\J0NFYJZW\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://att.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Player\DelayPluginI.exe
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [PCKeeperLive] "C:\Program Files\Essentware\PCKeeper\PCKeeper.exe" /autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab...l_4.5.15.0.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16760 bytes
Search

Mouse acting weird

December 5, 2015, 9:43 am
$
0
0
Im guessing my pc is infected...Anyone could verify it for me? The mouse moves very slow.. I cant run DDS, so i run farbar instead..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by Shakree Elmi (administrator) on SHAKREEPC (05-12-2015 17:39:21)
Running from C:\Users\Shakree Elmi\Desktop
Loaded Profiles: Shakree Elmi (Available Profiles: Shakree Elmi)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-26] (Intel Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1695744 2015-12-05] (Bitdefender)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-02] (Raptr, Inc)
HKU\S-1-5-21-82547152-812739698-690536826-1002\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-12-05] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{604A1550-C69B-4C5C-8CDD-DEF2A46EC6C9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-05] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-03] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-03] (Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-05] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-12-03] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-12-03] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-05] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-05] (Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-12-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-12-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-12-17] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitdefender Wallet) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-12-05]
CHR Extension: (AdBlock) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Shakree Elmi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-18] (Advanced Micro Devices) [File not signed]
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [734400 2015-08-13] (@ByELDI) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1545376 2015-12-05] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2015-11-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-12-05] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-12-05] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-12-05] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-12-05] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-12-05] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-12-05] (BitDefender LLC)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
S3 MSICDSetup; G:\Mobo Driver\CDriver64.sys [28984 2009-08-12] (Your Corporation)
S3 NTIOLib_1_0_C; G:\Mobo Driver\NTIOLib_X64.sys [11888 2011-06-29] (MSI) [File not signed]
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-12-05] (BitDefender S.R.L.)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 17:39 - 2015-12-05 17:39 - 00016269 _____ C:\Users\Shakree Elmi\Desktop\FRST.txt
2015-12-05 17:38 - 2015-12-05 17:39 - 00000000 ____D C:\FRST
2015-12-05 17:38 - 2015-12-05 17:38 - 02369024 _____ (Farbar) C:\Users\Shakree Elmi\Desktop\FRST64.exe
2015-12-05 17:29 - 2015-12-05 17:29 - 00000017 _____ C:\Users\Shakree Elmi\AppData\Local\resmon.resmoncfg
2015-12-05 17:18 - 2015-12-05 17:18 - 00000841 _____ C:\bdlog.txt
2015-12-05 16:47 - 2015-12-05 17:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-05 16:46 - 2015-12-05 16:46 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Temp
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-05 16:46 - 2015-12-05 16:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-05 16:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-05 16:46 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-05 16:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-05 16:41 - 2015-12-05 16:41 - 00003518 _____ C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
2015-12-05 16:41 - 2015-12-05 16:41 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-05 16:39 - 2015-12-05 16:39 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-12-05 16:39 - 2015-12-05 16:39 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-12-05 16:37 - 2015-12-05 16:37 - 00488697 _____ C:\ProgramData\1449333196.bdinstall.bin
2015-12-05 16:36 - 2015-12-05 16:36 - 00000385 _____ C:\Users\Shakree Elmi\AppData\Roaminguser_gensett.xml
2015-12-05 16:35 - 2015-12-05 16:41 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Bitdefender
2015-12-05 16:35 - 2015-12-05 16:38 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-12-05 16:35 - 2015-12-05 16:38 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2015-12-05 16:35 - 2015-12-05 16:35 - 00002209 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2015-12-05 16:35 - 2015-12-05 16:35 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2015-12-05 16:35 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\BDLogging
2015-12-05 16:35 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-12-05 16:35 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2015-12-05 16:35 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2015-12-05 16:35 - 2013-07-30 18:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2015-12-05 16:35 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-12-05 16:35 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-12-05 16:33 - 2015-12-05 16:38 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-12-05 16:33 - 2015-12-05 16:38 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-12-05 16:33 - 2015-12-05 16:38 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-12-05 16:33 - 2015-12-05 16:35 - 00000000 ____D C:\ProgramData\Bitdefender
2015-12-05 16:33 - 2015-12-05 16:35 - 00000000 ____D C:\Program Files\Bitdefender
2015-12-05 16:33 - 2015-12-05 16:33 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\QuickScan
2015-12-05 16:33 - 2015-12-05 16:33 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-12-05 02:41 - 2015-12-05 02:41 - 00000000 ____D C:\Users\Shakree Elmi\Documents\My Cheat Tables
2015-12-04 21:20 - 2015-12-05 03:46 - 00000000 ____D C:\Users\Shakree Elmi\Documents\The Witcher 3
2015-12-04 12:29 - 2015-12-04 21:20 - 00000937 _____ C:\Users\Public\Desktop\The Witcher 3 - Wild Hunt.lnk
2015-12-04 01:17 - 2015-12-04 01:17 - 00000000 ____D C:\ProgramData\DSDCS
2015-12-04 01:15 - 2015-12-04 01:17 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\InputMapper
2015-12-04 01:15 - 2015-12-04 01:15 - 00001806 _____ C:\Users\Public\Desktop\InputMapper.lnk
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\DSDCS
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper
2015-12-04 01:15 - 2015-12-04 01:15 - 00000000 ____D C:\ProgramData\Caphyon
2015-12-04 01:07 - 2015-12-04 01:07 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Criterion Games
2015-12-04 01:06 - 2015-12-04 01:06 - 00001084 _____ C:\Users\Public\Desktop\Burnout Paradise - The Ultimate Box.lnk
2015-12-04 01:06 - 2015-12-04 01:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\Documents\My Games
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Steam
2015-12-04 00:39 - 2015-12-04 00:39 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Fallout4
2015-12-04 00:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-12-04 00:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-12-04 00:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-12-04 00:18 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-12-04 00:18 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-12-04 00:18 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-12-04 00:18 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-12-04 00:18 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-12-04 00:18 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-12-04 00:18 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-12-04 00:18 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-12-04 00:18 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-12-04 00:18 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-12-04 00:18 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-12-04 00:18 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-12-04 00:18 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-12-04 00:18 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-12-04 00:18 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-12-04 00:18 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-12-04 00:18 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-12-04 00:18 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-12-04 00:18 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-12-04 00:18 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-12-04 00:18 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-12-04 00:18 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-12-04 00:18 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-12-04 00:18 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-12-04 00:18 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-12-04 00:18 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-12-04 00:18 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-12-04 00:18 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-12-04 00:18 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-12-04 00:18 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-12-04 00:18 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-12-04 00:18 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-12-04 00:18 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-12-04 00:18 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-12-04 00:18 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-12-04 00:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-12-04 00:18 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-12-04 00:18 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-12-04 00:18 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-12-04 00:18 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-12-04 00:18 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-12-04 00:18 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-12-04 00:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-12-04 00:18 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-12-04 00:18 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-12-04 00:18 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-12-04 00:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-12-04 00:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-12-04 00:18 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-12-04 00:18 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-12-04 00:18 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-12-04 00:18 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-12-04 00:18 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-12-04 00:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-12-04 00:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-12-04 00:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-12-04 00:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-12-04 00:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-12-04 00:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-12-04 00:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-12-04 00:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-12-04 00:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-12-04 00:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-12-04 00:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-12-04 00:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-12-04 00:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-12-04 00:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-12-04 00:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-12-04 00:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-12-04 00:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-12-04 00:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-12-04 00:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-12-04 00:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-12-04 00:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-12-04 00:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-12-04 00:17 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-12-04 00:17 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-12-04 00:17 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-12-04 00:17 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-12-04 00:09 - 2015-12-04 00:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-04 00:08 - 2015-12-04 00:08 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-82547152-812739698-690536826-500
2015-12-03 23:15 - 2015-12-04 00:18 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-12-03 23:15 - 2015-12-03 23:15 - 00000817 _____ C:\Users\Shakree Elmi\Desktop\Fallout 4.lnk
2015-12-03 23:15 - 2015-12-03 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2015-12-03 21:57 - 2015-12-03 21:57 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\TVMC
2015-12-03 21:49 - 2015-12-05 17:32 - 00000000 ____D C:\Users\Shakree Elmi\Documents\YEAR 3
2015-12-03 21:37 - 2015-12-03 21:37 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Macromedia
2015-12-03 21:32 - 2015-12-03 22:49 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Kodi
2015-12-03 21:32 - 2015-12-03 21:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-03 21:32 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-12-03 21:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-12-03 17:49 - 2015-10-13 17:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-03 17:49 - 2015-10-13 17:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-03 17:49 - 2015-09-24 17:51 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-12-03 17:49 - 2015-09-24 17:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-12-03 17:49 - 2015-09-24 17:30 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-12-03 17:49 - 2015-09-24 16:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-12-03 17:49 - 2015-09-24 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-12-03 17:48 - 2015-10-15 16:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-03 17:48 - 2015-10-15 15:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-12-03 17:48 - 2015-10-14 23:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-03 17:48 - 2015-10-14 23:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-12-03 17:48 - 2015-10-14 23:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-03 17:48 - 2015-10-14 23:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-12-03 17:48 - 2015-10-14 23:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-03 17:48 - 2015-10-13 15:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-12-03 17:48 - 2015-10-13 15:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-12-03 17:48 - 2015-10-11 06:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-12-03 17:48 - 2015-10-11 06:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-03 17:48 - 2015-10-10 18:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-03 17:48 - 2015-10-10 18:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-03 17:48 - 2015-10-10 18:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-12-03 17:48 - 2015-10-10 17:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-03 17:48 - 2015-10-10 17:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-03 17:48 - 2015-10-10 17:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-12-03 17:48 - 2015-10-10 16:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-12-03 17:48 - 2015-09-29 12:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-12-03 17:48 - 2015-09-12 13:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-12-03 17:48 - 2015-09-07 16:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-12-03 17:48 - 2015-09-07 16:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-12-03 17:48 - 2015-09-07 16:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-12-03 17:48 - 2015-09-07 15:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-12-03 17:48 - 2015-09-07 15:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-12-03 17:48 - 2015-09-04 19:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-12-03 17:48 - 2015-08-28 22:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-12-03 17:48 - 2015-08-27 02:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-03 17:48 - 2015-08-27 02:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-03 17:48 - 2015-08-20 20:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-03 17:48 - 2015-08-20 17:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-03 17:48 - 2015-08-07 21:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-12-03 17:48 - 2015-08-07 14:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-12-03 17:48 - 2015-08-06 17:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-12-03 17:48 - 2015-08-06 16:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-03 17:48 - 2015-08-06 16:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-12-03 17:48 - 2015-08-06 16:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-12-03 17:47 - 2015-10-30 23:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-03 17:47 - 2015-10-30 23:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-03 17:47 - 2015-10-30 23:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-03 17:47 - 2015-10-30 23:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-03 17:47 - 2015-10-30 23:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-03 17:47 - 2015-10-30 22:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-03 17:47 - 2015-10-30 22:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-03 17:47 - 2015-10-30 22:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-03 17:47 - 2015-10-30 22:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-03 17:47 - 2015-10-30 22:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-03 17:47 - 2015-10-30 22:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-03 17:47 - 2015-10-30 22:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-03 17:47 - 2015-10-30 22:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-03 17:47 - 2015-10-30 22:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-03 17:47 - 2015-10-30 22:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-03 17:47 - 2015-10-30 22:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-12-03 17:47 - 2015-10-30 22:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-03 17:47 - 2015-10-30 22:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-03 17:47 - 2015-10-30 22:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-03 17:47 - 2015-10-30 21:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-03 17:47 - 2015-10-30 21:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-03 17:47 - 2015-10-30 21:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-03 17:47 - 2015-10-30 21:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-03 17:47 - 2015-10-17 14:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-03 17:47 - 2015-10-08 16:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-12-03 17:47 - 2015-09-19 03:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-12-03 17:47 - 2015-09-18 13:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-12-03 17:47 - 2015-09-18 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-12-03 17:47 - 2015-09-10 17:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-03 17:47 - 2015-09-10 17:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-03 17:47 - 2015-09-10 16:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-03 17:47 - 2015-09-10 16:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-03 17:47 - 2015-09-10 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-03 17:47 - 2015-09-10 16:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-03 17:47 - 2015-09-10 16:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-03 17:47 - 2015-09-10 16:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-03 17:47 - 2015-09-10 16:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-03 17:47 - 2015-09-10 16:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-03 17:47 - 2015-09-10 16:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-03 17:47 - 2015-09-10 16:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-03 17:47 - 2015-09-10 16:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-03 17:47 - 2015-09-10 15:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-03 17:47 - 2015-09-10 15:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-03 17:47 - 2015-09-10 15:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-03 17:47 - 2015-08-10 18:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-12-03 17:47 - 2015-08-10 18:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-12-03 17:47 - 2015-08-10 17:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-12-03 17:47 - 2015-08-10 16:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-12-03 17:47 - 2015-08-10 16:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-12-03 17:47 - 2015-07-16 18:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-12-03 17:37 - 2015-12-03 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2015-12-03 17:37 - 2015-12-03 17:37 - 00000000 ____D C:\Program Files\EaseUS
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-03 17:32 - 2015-12-03 17:32 - 00000000 ____D C:\Program Files\WinRAR
2015-12-03 17:31 - 2015-12-03 17:31 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\MSfree Inc
2015-12-03 17:29 - 2015-12-04 14:37 - 00003112 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-82547152-812739698-690536826-1002
2015-12-03 17:29 - 2015-12-04 14:37 - 00000000 ___RD C:\Users\Shakree Elmi\OneDrive
2015-12-03 17:29 - 2015-12-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-03 17:29 - 2015-07-17 13:51 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:51 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-12-03 17:29 - 2015-07-17 13:47 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-12-03 17:22 - 2015-12-03 17:22 - 00001182 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-12-03 17:21 - 2015-12-03 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2015-12-03 17:19 - 2015-12-04 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-03 17:19 - 2015-12-03 17:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-03 17:16 - 2015-12-03 17:16 - 00004238 _____ C:\Windows\System32\Tasks\AMD Updater
2015-12-03 17:16 - 2015-12-03 17:16 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\library_dir
2015-12-03 17:16 - 2015-12-03 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-12-03 17:15 - 2015-12-05 17:20 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Raptr
2015-12-03 17:15 - 2015-12-03 17:16 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\AMD
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2015-12-03 17:15 - 2015-12-03 17:15 - 00000000 ____D C:\Program Files (x86)\AMD
2015-12-03 17:14 - 2015-12-05 17:18 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-12-03 17:14 - 2015-12-03 17:14 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-03 17:14 - 2015-12-03 17:14 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-12-03 17:12 - 2015-12-03 17:15 - 00000000 ____D C:\Program Files\AMD
2015-12-03 17:12 - 2015-12-03 17:12 - 00000000 ____D C:\AMD
2015-12-03 16:41 - 2015-12-03 16:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2015-12-03 16:41 - 2014-05-27 19:21 - 00025800 _____ C:\Windows\system32\Drivers\INETMON.sys
2015-12-03 16:40 - 2015-12-03 16:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-12-03 16:39 - 2015-12-05 17:37 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 16:39 - 2015-12-05 17:19 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 16:39 - 2015-12-03 21:32 - 00003898 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 16:39 - 2015-12-03 21:32 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 16:39 - 2015-12-03 21:26 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-03 16:39 - 2015-12-03 16:41 - 00000000 ____D C:\ProgramData\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Users\Shakree Elmi\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files\VIA XHCI UASP Utility
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\VIA
2015-12-03 16:39 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\Intel
2015-12-03 16:39 - 2014-10-31 18:43 - 00305664 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2015-12-03 16:39 - 2014-10-31 18:43 - 00227840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\ViaHub3.sys
2015-12-03 16:39 - 2013-01-18 11:11 - 00086064 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\vusbstor.sys
2015-12-03 16:38 - 2015-12-03 22:10 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Google
2015-12-03 16:38 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Windows\system32\DAX2
2015-12-03 16:38 - 2015-12-03 16:38 - 00000000 ____D C:\Program Files\Realtek
2015-12-03 16:38 - 2015-06-15 13:41 - 02808859 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-12-03 16:38 - 2015-06-15 12:58 - 04493528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-12-03 16:38 - 2015-06-15 09:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-12-03 16:38 - 2015-06-11 11:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-12-03 16:38 - 2015-06-09 03:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-12-03 16:38 - 2015-06-05 05:45 - 02848472 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-12-03 16:38 - 2015-06-05 05:45 - 02531544 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-12-03 16:38 - 2015-05-26 03:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-12-03 16:38 - 2015-05-20 08:14 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-12-03 16:38 - 2015-05-18 06:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-12-03 16:38 - 2015-05-15 11:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-12-03 16:38 - 2015-05-15 08:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-12-03 16:38 - 2015-05-11 10:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-12-03 16:38 - 2015-05-11 05:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-12-03 16:38 - 2015-04-23 21:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-12-03 16:38 - 2015-04-23 21:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-12-03 16:38 - 2015-04-13 08:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-12-03 16:38 - 2015-02-05 09:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-12-03 16:38 - 2015-02-03 16:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-12-03 16:38 - 2015-01-23 10:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-12-03 16:38 - 2015-01-19 10:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-12-03 16:38 - 2014-12-11 00:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-12-03 16:38 - 2014-12-11 00:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-12-03 16:38 - 2014-11-11 05:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-12-03 16:38 - 2014-10-24 02:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-12-03 16:38 - 2014-10-24 02:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-12-03 16:38 - 2014-08-14 11:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-12-03 16:38 - 2014-06-17 11:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-12-03 16:38 - 2014-04-10 04:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-12-03 16:38 - 2014-02-27 12:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-12-03 16:38 - 2014-01-31 09:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-12-03 16:38 - 2013-10-11 03:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-12-03 16:38 - 2013-08-14 07:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-12-03 16:38 - 2013-07-23 07:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-12-03 16:38 - 2013-06-25 04:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-12-03 16:38 - 2013-06-25 04:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-12-03 16:38 - 2013-06-25 04:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-12-03 16:38 - 2013-04-03 06:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-12-03 16:38 - 2012-08-31 11:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-12-03 16:38 - 2012-08-31 11:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-12-03 16:38 - 2012-01-10 02:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-12-03 16:38 - 2011-12-20 07:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-12-03 16:38 - 2011-11-22 08:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-12-03 16:38 - 2011-09-02 06:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-12-03 16:38 - 2011-03-17 04:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-12-03 16:38 - 2011-03-07 09:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-12-03 16:38 - 2010-11-07 23:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-12-03 16:38 - 2010-07-22 08:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-12-03 16:38 - 2009-11-24 01:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-12-03 16:37 - 2015-12-03 16:38 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-12-03 16:37 - 2015-06-10 05:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-12-03 16:37 - 2015-06-10 05:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-12-03 16:37 - 2015-06-02 11:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-12-03 16:37 - 2015-05-27 10:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-12-03 16:37 - 2015-05-27 09:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-12-03 16:37 - 2015-05-25 07:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-12-03 16:37 - 2015-05-11 05:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-12-03 16:37 - 2015-04-27 08:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-12-03 16:37 - 2015-02-05 09:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-12-03 16:37 - 2014-11-04 05:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-12-03 16:37 - 2014-09-24 03:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-12-03 16:37 - 2014-06-09 02:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-12-03 16:37 - 2014-05-22 08:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-12-03 16:37 - 2014-04-10 04:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-12-03 16:37 - 2013-10-11 04:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-12-03 16:37 - 2013-10-06 16:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-12-03 16:37 - 2013-08-14 07:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-12-03 16:37 - 2013-07-23 07:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-12-03 16:37 - 2013-06-21 03:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-12-03 16:37 - 2012-03-08 03:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-12-03 16:37 - 2011-08-23 09:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-12-03 16:37 - 2011-05-31 01:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-12-03 16:37 - 2010-09-27 01:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-12-03 16:30 - 2015-12-05 17:24 - 00003590 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-82547152-812739698-690536826-1002
2015-12-03 16:29 - 2015-12-04 00:23 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-03 16:29 - 2015-12-03 16:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-03 16:29 - 2015-12-03 16:39 - 00000000 ____D C:\Program Files\Intel
2015-12-03 16:29 - 2015-12-03 16:37 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-03 16:29 - 2015-12-03 16:29 - 00000000 ____D C:\Program Files (x86)\MSI
2015-12-03 16:29 - 2015-01-15 06:42 - 00881368 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-12-03 16:29 - 2015-01-15 06:42 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-12-03 16:26 - 2015-12-03 16:26 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\GWX
2015-12-03 16:25 - 2015-12-03 17:29 - 00000000 ____D C:\Users\Shakree Elmi
2015-12-03 16:25 - 2015-12-03 16:26 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\Packages
2015-12-03 16:25 - 2015-12-03 16:25 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2015-12-03 16:25 - 2015-12-03 16:25 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-12-03 16:25 - 2015-12-03 16:25 - 00003366 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2015-12-03 16:25 - 2015-12-03 16:25 - 00001438 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-03 16:25 - 2015-12-03 16:25 - 00000020 ___SH C:\Users\Shakree Elmi\ntuser.ini
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\My Documents
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Videos
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Pictures
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 _SHDL C:\Users\Shakree Elmi\Documents\My Music
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Roaming\Adobe
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Users\Shakree Elmi\AppData\Local\VirtualStore
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-12-03 16:25 - 2015-12-03 16:25 - 00000000 ____D C:\Program Files\KMSpico
2015-12-03 16:25 - 2014-11-21 07:48 - 00000369 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-12-03 16:25 - 2014-11-21 07:48 - 00000369 _____ C:\Users\Shakree Elmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-12-03 16:25 - 2010-12-06 02:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2015-12-03 16:17 - 2015-12-04 00:33 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-03 16:17 - 2015-12-03 16:24 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-03 16:17 - 2015-12-03 16:17 - 00000000 ____D C:\Windows\CSC
2015-12-03 16:17 - 2015-11-14 14:50 - 00133248 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2015-12-03 16:17 - 2015-11-14 14:50 - 00114160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2015-12-03 16:17 - 2015-10-20 21:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-03 16:17 - 2015-10-20 14:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-03 16:17 - 2015-10-20 14:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-03 16:17 - 2015-10-20 14:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-03 16:17 - 2015-10-20 14:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-03 16:17 - 2015-10-20 14:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-03 16:17 - 2015-10-20 14:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-03 16:17 - 2015-10-20 14:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-03 16:17 - 2015-08-11 02:47 - 02757072 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-12-03 16:17 - 2015-08-11 02:47 - 02414096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-11-18 08:20 - 2015-11-18 08:20 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 01496736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00118608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00110344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-11-18 08:20 - 2015-11-18 08:20 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-11-18 08:19 - 2015-11-18 08:19 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-11-18 08:17 - 2015-11-18 08:17 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-11-18 08:13 - 2015-11-18 08:13 - 23960064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-11-18 08:08 - 2015-11-18 08:08 - 49984000 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-11-18 08:08 - 2015-11-18 08:08 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-11-18 08:02 - 2015-11-18 08:02 - 41510912 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-11-18 07:58 - 2015-11-18 07:58 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-18 07:57 - 2015-11-18 07:57 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-18 07:55 - 2015-11-18 07:55 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2015-11-18 07:50 - 2015-11-18 07:50 - 27596288 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-11-18 07:49 - 2015-11-18 07:49 - 22348288 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-11-18 07:41 - 2015-11-18 07:41 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2015-11-18 07:41 - 2015-11-18 07:41 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2015-11-18 07:41 - 2015-11-18 07:41 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2015-11-18 05:50 - 2015-11-18 05:50 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2015-11-18 05:48 - 2015-11-18 05:48 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-11-18 05:46 - 2015-11-18 05:46 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-11-18 05:14 - 2015-11-18 05:14 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-11-18 04:48 - 2015-11-18 04:48 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-11-18 04:48 - 2015-11-18 04:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-11-18 04:08 - 2015-11-18 04:08 - 00683960 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-11-18 04:08 - 2015-11-18 04:08 - 00683960 _____ C:\Windows\system32\atiapfxx.blb
2015-11-18 04:06 - 2015-11-18 04:06 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-11-18 04:06 - 2015-11-18 04:06 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-11-18 04:05 - 2015-11-18 04:05 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-11-18 03:43 - 2015-11-18 03:43 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-11-18 03:43 - 2015-11-18 03:43 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-11-18 03:40 - 2015-11-18 03:40 - 00865280 _____ (AMD) C:\Windows\system32\coinst_15.30.dll
2015-11-18 03:32 - 2015-11-18 03:32 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-11-18 03:32 - 2015-11-18 03:32 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-11-18 03:27 - 2015-11-18 03:27 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-11-18 03:26 - 2015-11-18 03:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-11-18 03:26 - 2015-11-18 03:26 - 00223744 _____ C:\Windows\system32\dgtrayicon.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00552448 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-11-18 03:25 - 2015-11-18 03:25 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-11-18 03:25 - 2015-11-18 03:25 - 00162304 _____ C:\Windows\system32\atieah64.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2015-11-18 03:25 - 2015-11-18 03:25 - 00031744 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-11-18 03:24 - 2015-11-18 03:24 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-11-18 03:24 - 2015-11-18 03:24 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-11-18 03:24 - 2015-11-18 03:24 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-11-18 03:22 - 2015-11-18 03:22 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-11-18 03:10 - 2015-11-18 03:10 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-11-18 02:58 - 2015-11-18 02:58 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-11-18 02:58 - 2015-11-18 02:58 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-11-18 02:54 - 2015-11-18 02:54 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-11-18 02:53 - 2015-11-18 02:53 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-11-18 02:53 - 2015-11-18 02:53 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-11-18 02:45 - 2015-11-18 02:45 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2015-11-18 02:45 - 2015-11-18 02:45 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-11-18 02:43 - 2015-11-18 02:43 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-11-13 06:50 - 2015-11-13 06:50 - 00026880 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 17:38 - 2013-08-22 13:36 - 00000000 ____D C:\Windows
2015-12-05 17:24 - 2014-11-21 07:38 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 17:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2015-12-05 17:19 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 17:19 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-12-05 17:18 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-05 03:50 - 2013-08-22 14:44 - 00472712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-05 03:49 - 2015-09-11 00:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-12-05 03:49 - 2014-11-21 15:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-05 03:49 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2015-12-05 03:48 - 2015-09-10 21:14 - 00000000 ____D C:\Windows\system32\MRT
2015-12-04 04:07 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-04 04:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-04 04:06 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-04 00:35 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppCompat
2015-12-04 00:08 - 2013-08-22 15:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-12-03 17:29 - 2013-08-22 15:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-03 17:19 - 2013-08-22 15:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-03 16:25 - 2015-09-10 21:21 - 00000000 ____D C:\Windows\Panther
2015-12-03 16:25 - 2015-09-10 20:29 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2015-12-05 17:29 - 2015-12-05 17:29 - 0000017 _____ () C:\Users\Shakree Elmi\AppData\Local\resmon.resmoncfg
2015-12-05 16:37 - 2015-12-05 16:37 - 0488697 _____ () C:\ProgramData\1449333196.bdinstall.bin
2015-12-03 16:38 - 2015-12-03 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Shakree Elmi\AppData\Local\Temp\devcon64.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\DVDChangeDisc.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\radeon-crimson-15.11-minimalsetup.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\raptrpatch.exe
C:\Users\Shakree Elmi\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-10 20:21

==================== End of FRST.txt ============================

Attached Files
File Type: txt Addition.txt (34.9 KB)

Problem after final cleaning

December 23, 2015, 2:49 am
$
0
0
Well now I don;t know what's wrong

After all the hard work and Chemist;s help my computer is jammed up again ( running at 25%+ and the fan running all the time

I cleaned off all the software used, emptied my recycle bin and then followed some additional instructions to protect my computer ( changed the hosts files)went on to back up my system with the nice clean system image and it would not back up the system image

I went to restore and there is no restore point available ( I thought I saw that a new restore point would be created. I chose a different restore point form the MS restore menu that was done right after finishing my cleaning and when I clicked on it I did not get the ability to click next in the window ( it was grayed out)

When I look at the task processes again there is 25% total CPU usage and nothing is running

What do I do now? ( Sorry for the frustration it was gong so well for the 30 minutes I was able to use it)

Taskbar

December 24, 2015, 6:18 am
$
0
0
Firefox. When a web page is opened like Teck Support it Shows Firefox icon and title ="Teck Support For..."
How do I stop this happening Wins 8.1

Do we have a virus?

December 24, 2015, 10:22 am
$
0
0
The problem we are experiencing is that the mouse we use is freezing when we use the computer and only stars working again when we reboot. We are not sure if its a virus or hardware/software issue. When it freezes I tried removing and re plugging it in but nothing happened. I am not sure if there is a rescue or boot cd available.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124
Run by Martha Poornasir at 10:12:08 on 2015-12-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1918.728 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\avBugReport.exe
C:\Windows\system32\mmc.exe
C:\Windows\System32\sdclt.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.google.com
uURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>
uURLSearchHooks: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn12\yt.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn12\yt.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: &Search - http://edits.mywebsearch.com/toolbar...p=ZQxdm001YYUS
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{63FEA10A-2D97-4C7D-812F-F23799D74841} : DHCPNameServer = 10.0.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [MFNetworkScanUtility] C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\712\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Martha Poornasir\AppData\Roaming\Mozilla\Firefox\Profiles\k1smyazp.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-12-19 65224]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-12-19 274808]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-12-19 1059656]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-12-19 449992]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-12-19 28656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-12-19 90968]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-12-19 150160]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-7-20 146600]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-8 59392]
.
=============== Created Last 30 ================
.
2015-12-23 23:58:45 -------- d-----w- C:\Users\Martha Poornasir\AppData\Local\CrashDumps
2015-12-23 23:39:47 37624 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2015-12-23 23:39:43 -------- d-----w- C:\ProgramData\RogueKiller
2015-12-23 20:51:01 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{544B7CA4-7234-4F07-A641-A86DDF4E25A8}\mpengine.dll
2015-12-21 19:54:05 -------- d-----w- C:\c4d57f012c12e3d1cd87b247c7
2015-12-17 19:00:20 -------- d-----w- C:\Users\Martha Poornasir\AppData\Local\ElevatedDiagnostics
2015-12-16 20:43:39 -------- d-----w- C:\ProgramData\scre..tion_d291612c4dce6913_0005.0004_cfb829227e151a28
2015-12-14 17:23:10 -------- d-----w- C:\250a0817f2e1d9c55e3cf9fe548e
2015-12-09 03:20:52 802304 ----a-w- C:\Windows\System32\usp10.dll
2015-12-09 03:18:23 241664 ----a-w- C:\Windows\System32\els.dll
2015-12-09 03:18:22 179712 ----a-w- C:\Windows\SysWow64\els.dll
2015-12-03 22:18:20 -------- d-----w- C:\Program Files\Common Files\AV
2015-12-03 22:18:20 -------- d-----w- C:\Program Files (x86)\Common Files\AV
.
==================== Find3M ====================
.
2015-12-09 15:37:22 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-12-09 15:37:22 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-02 21:18:58 301728 ------w- C:\Windows\System32\MpSigStub.exe
2015-11-20 18:54:59 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-11-20 18:54:59 3170304 ----a-w- C:\Windows\System32\wucltux.dll
2015-11-20 18:54:59 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-11-20 18:54:28 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-11-20 18:54:18 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-11-20 18:54:15 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-11-20 18:34:36 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-11-20 18:34:36 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-11-20 18:33:56 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-11-11 18:53:48 1735680 ----a-w- C:\Windows\System32\comsvcs.dll
2015-11-11 18:53:47 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2015-11-11 18:39:34 1242624 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2015-11-11 18:39:33 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2015-11-10 18:55:29 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-11-10 18:55:29 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-11-10 18:55:26 1008640 ----a-w- C:\Windows\System32\user32.dll
2015-11-10 18:39:18 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-11-10 18:37:39 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2015-11-10 17:47:27 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-11-10 10:18:28 1059656 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2015-11-10 00:24:59 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-10 00:13:04 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-10 00:13:03 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-11-10 00:12:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-11-10 00:12:19 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-10 00:11:38 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-11-10 00:03:01 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-10 00:02:42 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-11-09 23:50:28 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-09 23:46:18 4514816 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-11-09 23:36:09 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-09 23:35:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-11-09 23:17:36 2011136 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-08 22:33:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-08 22:32:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-11-08 22:16:29 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-11-08 22:15:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-11-08 22:15:31 417792 ----a-w- C:\Windows\System32\html.iec
2015-11-08 22:15:22 571392 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-08 22:14:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-11-08 22:04:46 5923840 ----a-w- C:\Windows\System32\jscript9.dll
2015-11-08 22:01:25 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-11-08 22:01:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-08 22:01:01 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-11-08 21:52:10 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-08 21:40:10 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-08 21:14:19 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-11-08 21:13:40 2123264 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-08 20:53:08 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 19:05:04 17408 ----a-w- C:\Windows\System32\wshrm.dll
2015-11-05 19:02:52 14848 ----a-w- C:\Windows\SysWow64\wshrm.dll
2015-11-05 09:53:59 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2015-11-03 18:56:18 627712 ----a-w- C:\Windows\SysWow64\usp10.dll
2015-10-20 01:12:12 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-19 23:27:10 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 16:41:05 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-10-13 16:40:33 118272 ----a-w- C:\Windows\System32\drivers\tdx.sys
2015-10-13 09:29:08 875720 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 09:22:02 869568 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2015-10-13 04:57:21 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-10-01 18:06:49 692672 ----a-w- C:\Windows\System32\winload.efi
2015-10-01 18:04:11 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-10-01 18:00:59 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-10-01 18:00:51 24576 ----a-w- C:\Windows\System32\jnwmon.dll
2015-10-01 18:00:50 275456 ----a-w- C:\Windows\System32\InkEd.dll
2015-10-01 18:00:43 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-10-01 18:00:43 32768 ----a-w- C:\Windows\System32\appidsvc.dll
.
============= FINISH: 10:17:42.15 ===============

Attached Files
File Type: txt attach.txt (5.5 KB)

Odd vbc.exe command prompt at startup

December 24, 2015, 11:02 am
$
0
0
Greetings and Happy Holidays.

Since a while, I see that there is this command prompt on my startup. I can barely catch it, but once i could take a screenshot of it and see what it is.


I see that others had this vbc.exe problem before, but i haven't seen anyone with it existing in the Temp file.

I assume it's a virus because it's not where it should be, though VirusTotal says it can be totally trusted.

Here is the DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385
Run by Sorin at 20:42:22 on 2015-12-24
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1432 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
E:\steam\Steam.exe
E:\steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
E:\steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [HostProcess] C:\Users\Sorin\AppData\Roaming\HostProcess\OFFICE~2.EXE
uRun: [HKCU] C:\Users\Sorin\AppData\Local\Temp\vbc.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
StartupFolder: C:\Users\Sorin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\shadow.lnk - C:\Users\Sorin\AppData\Local\Temp\dxrpdiag.vbs
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: NameServer = 193.231.252.1 213.154.124.1 192.168.1.1
TCP: Interfaces\{7C3E0247-CFCC-4BFE-A977-7E9E323CDE25} : DHCPNameServer = 193.231.252.1 213.154.124.1 192.168.1.1
TCP: Interfaces\{7C3E0247-CFCC-4BFE-A977-7E9E323CDE25}\352585D275251353037584 : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sorin\AppData\Roaming\Mozilla\Firefox\Profiles\tsjwg740.default\
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2015-11-8 283200]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-11-1 1148560]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-11-1 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-11-1 21833360]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-11-1 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-11-1 38032]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-11-1 236544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 Origin Client Service;Origin Client Service;D:\2sorin\ORIGIN\OriginClientService.exe [2015-12-1 2104840]
.
=============== Created Last 30 ================
.
2015-12-18 15:13:13 -------- d-----w- C:\Users\Sorin\AppData\Roaming\AVS4YOU
2015-12-18 15:13:13 -------- d-----w- C:\ProgramData\AVS4YOU
2015-12-18 15:11:25 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2015-12-18 15:10:48 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2015-12-18 15:10:48 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll
2015-12-18 15:10:48 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2015-12-18 15:00:56 -------- d-----w- C:\Users\Sorin\AppData\Roaming\avidemux
2015-12-18 15:00:41 -------- d-----w- C:\Program Files\Avidemux 2.6 - 64 bits
2015-12-18 12:24:09 11140960 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-18 12:23:58 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{24DCB596-3EDF-448D-96B1-C8E5853A1EB4}\mpengine.dll
2015-12-18 11:57:29 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2015-12-18 11:57:20 99840 ----a-w- C:\Windows\System32\wudriver.dll
2015-12-18 11:57:11 36864 ----a-w- C:\Windows\System32\wuapp.exe
2015-12-18 11:57:11 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2015-12-18 11:32:04 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
2015-12-18 11:32:04 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2015-12-18 11:32:04 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2015-12-18 11:32:04 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2015-12-18 11:31:15 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2015-12-18 11:31:15 206848 ----a-w- C:\Windows\System32\mfps.dll
2015-12-18 11:31:15 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2015-12-18 11:31:15 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2015-12-18 11:31:15 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2015-12-18 11:31:14 4068864 ----a-w- C:\Windows\System32\mf.dll
2015-12-18 11:31:13 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2015-12-18 11:29:50 -------- d-----w- C:\Users\Sorin\AppData\Local\Windows Live
2015-12-18 11:22:03 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2015-12-15 19:56:47 -------- d-----w- C:\MSI
2015-12-11 15:51:15 -------- d-----w- C:\Windows\System32\appmgmt
2015-12-10 20:48:19 -------- d-----r- C:\Program Files (x86)\Skype
2015-12-08 16:53:21 -------- d-----w- C:\UsbFix
2015-12-07 13:58:40 -------- d-----w- C:\Users\Sorin\AppData\Roaming\MP3SkypeRecorder
2015-12-07 13:58:40 -------- d-----w- C:\Users\Sorin\AppData\Local\Domit_UK_LTD
2015-12-07 13:58:39 -------- d-----w- C:\ProgramData\IsolatedStorage
2015-12-05 12:30:07 -------- d-----w- C:\Users\Sorin\AppData\Roaming\OpenOffice
2015-12-05 12:29:01 -------- d-----w- C:\Program Files (x86)\OpenOffice 4
2015-12-05 10:05:55 -------- d-----w- C:\Users\Sorin\AppData\Roaming\HostProcess
2015-12-05 07:23:02 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2015-12-01 20:27:39 -------- d-----w- C:\Users\Sorin\AppData\Roaming\Origin
2015-12-01 20:27:24 -------- d-----w- C:\Users\Sorin\AppData\Local\Origin
2015-12-01 20:24:27 -------- d-----w- C:\ProgramData\Origin
2015-12-01 20:24:25 -------- d-----w- C:\ProgramData\Electronic Arts
2015-12-01 20:23:44 -------- d-----w- C:\ProgramData\Package Cache
2015-11-29 10:57:12 -------- d-----w- C:\Users\Sorin\AppData\Roaming\Foxit Scanner Images
.
==================== Find3M ====================
.
2015-12-09 14:40:14 796864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-12-09 14:40:14 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-02 11:18:58 301728 ------w- C:\Windows\System32\MpSigStub.exe
2015-11-08 19:04:35 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2015-11-08 10:50:58 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2015-11-08 10:50:58 14848 ----a-w- C:\Windows\System32\slwga.dll
2015-11-08 10:50:58 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2015-10-13 17:26:19 6783280 ----a-w- C:\Windows\System32\nvcpl.dll
2015-10-13 17:26:19 3522168 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-10-13 17:26:17 933168 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-10-13 17:26:17 62584 ----a-w- C:\Windows\System32\nvshext.dll
2015-10-13 17:26:17 384176 ----a-w- C:\Windows\System32\nvmctray.dll
2015-10-13 17:26:17 2557616 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-10-13 16:19:53 5972783 ----a-w- C:\Windows\System32\nvcoproc.bin
.
============= FINISH: 20:43:40.16 ===============


I don't know since when is this happening, but lately i feel low performance of my pc. I assume that simply deleting the file might not be the real solution.

Any clue about what should i do?

Infected but don't know what to do

December 25, 2015, 12:12 pm
$
0
0
I forgot to mention that the hp pavilion is only black screen after latest windows update and I'm working on figuring that out. I'm also using another hp laptop running win 8 and same problem happening there too

Computers taken over

December 25, 2015, 12:54 pm
$
0
0
I have an issue where something keeps changing my passwords it's happening on both of the computers in my house 1st is hp pavillion notebook amd processor that came with w7 pro and this computer also hp notebook running w8 I don't know how to fix it and I've tied hitman pro, malwarebytes, adware removal tool, junkware removal tool, kapersky cleaner, norton eraser all came back saying my computer was good but it keeps donig it
Search

Dell laptop with virus / adware /whoknowswhatelse

December 11, 2015, 7:21 am
$
0
0
This is a Dell laptop running Windows 7 Premium.

The issue is there are lots of tabs opening up to ads, also flash ads appear on pages that block parts of the page (such as 2 ads blocking me from signing in on this website) often with no X to close them. Also the system is slow as (beep). Anything and everything takes forever.

THANKS!!!

The contents of dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124
Run by Dell at 10:01:47 on 2015-12-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4031.2626 [GMT 11:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe
C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.PurBrowse64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter64.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.BrowserAdapter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Swift Browse\bin\SwiftBrowse.expext.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\Vendor\FastAccessChatAssist.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\bin\VzDetectAgent.exe
C:\Windows\system32\taskhost.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-s3__alt__ddc_dsssyc_bd_com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Swift Browse: {808dc83c-d35b-4fba-a5b5-9a52103204df} - C:\Program Files (x86)\Swift Browse\SwiftBrowseBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.7.0.147\AVG SafeGuard toolbar_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Dell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Yahoo! Search] C:\Users\Dell\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
uRun: [Viber] C:\Users\Dell\AppData\Local\Viber\Viber.exe StartMinimized
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [FAStartup] <no file>
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
StartupFolder: C:\Users\Dell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\131364850363130373835363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E445F601-2648-4CF5-A8E5-E44BCF57671C}\76562716C646 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.7.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli FAPassSync
x64-BHO: weDownload Manager: {11111111-1111-1111-1111-110311431144} - C:\Program Files (x86)\weDownload Manager\weDownload Manager-bho64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\s6jvvj43.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bfr-s3__alt__ddc_dsssyc_bd_com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bfr-s3__alt__ddc_dss_bd_com&p=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Dell\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dell\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-2-22 55856]
R1 {2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64;C:\Windows\System32\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}w64.sys [2014-5-6 61120]
R1 {d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64;C:\Windows\System32\drivers\{d3e19bc0-45ce-4126-9b65-b62de4e037e6}w64.sys [2015-4-9 48832]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-2-22 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-22 203264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-11-2 2428552]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-22 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 363128]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-26 2823000]
R2 ReimageRealTimeProtector;Reimage Real Time Protector;C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-8-19 7743472]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-2-22 689472]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-4-26 2280312]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-3 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-22 2320920]
R2 Update Swift Browse;Update Swift Browse;C:\Program Files (x86)\Swift Browse\updateSwiftBrowse.exe [2013-10-5 660688]
R2 Util Swift Browse;Util Swift Browse;C:\Program Files (x86)\Swift Browse\bin\utilSwiftBrowse.exe [2013-10-21 660688]
R2 vToolbarUpdater18.7.0;vToolbarUpdater18.7.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [2015-7-16 1842576]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2011-2-22 20984]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-2-22 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-22 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-2-22 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-2-22 56344]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 124568]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-12-8 114688]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-22 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-22 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-18 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-3 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-30 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2015-12-10 22:50:55 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\offreg.888.dll
2015-12-10 22:28:11 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AD23F86-D734-485D-B54B-C2C8D6167A0A}\mpengine.dll
2015-12-09 00:20:34 11138400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-09 00:06:02 -------- d-----w- C:\Users\Dell\AppData\Roaming\ViberPC
2015-12-09 00:05:30 -------- d-----w- C:\Users\Dell\AppData\Local\Viber
2015-12-09 00:05:15 -------- d-----w- C:\Users\Dell\AppData\Local\Package Cache
2015-12-09 00:02:13 -------- d-----w- C:\Users\Dell\AppData\Local\GWX
2015-12-08 10:05:58 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-12-08 10:04:58 17408 ----a-w- C:\Windows\System32\wshrm.dll
2015-12-08 10:04:58 14848 ----a-w- C:\Windows\SysWow64\wshrm.dll
2015-12-08 10:04:58 146944 ----a-w- C:\Windows\System32\drivers\rmcast.sys
2015-12-08 10:04:52 616360 ----a-w- C:\Windows\System32\winresume.efi
2015-12-08 10:04:52 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2015-12-08 10:04:51 692672 ----a-w- C:\Windows\System32\winload.efi
2015-12-08 10:04:47 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2015-12-08 10:04:47 59392 ----a-w- C:\Windows\System32\appidapi.dll
2015-12-08 10:04:47 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2015-12-08 10:04:47 32768 ----a-w- C:\Windows\System32\appidsvc.dll
2015-12-08 10:04:47 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2015-12-08 10:04:46 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-12-08 10:02:53 5570496 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-12-08 10:01:43 497664 ----a-w- C:\Windows\System32\drivers\afd.sys
2015-12-08 09:59:26 1941504 ----a-w- C:\Windows\System32\authui.dll
2015-12-08 09:59:25 70656 ----a-w- C:\Windows\System32\appinfo.dll
2015-12-08 09:59:25 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2015-12-08 09:59:25 115136 ----a-w- C:\Windows\System32\consent.exe
2015-12-08 09:57:13 950720 ----a-w- C:\Windows\System32\drivers\ndis.sys
2015-12-08 09:56:59 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-12-08 09:56:59 299520 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-12-08 09:56:58 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-12-08 09:56:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-12-08 09:56:58 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-12-08 09:56:57 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-12-08 09:56:57 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-12-08 09:56:57 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-12-08 09:56:54 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-12-08 09:21:50 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B272D64E-F190-466D-A684-B2B4DA3C3956}\gapaengine.dll
2015-11-11 05:57:58 646880 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\ACEEXCL.DLL
.
==================== Find3M ====================
.
2015-12-09 03:39:31 301728 ------w- C:\Windows\System32\MpSigStub.exe
2015-11-20 18:54:59 98816 ----a-w- C:\Windows\System32\wudriver.dll
2015-11-20 18:54:59 3170304 ----a-w- C:\Windows\System32\wucltux.dll
2015-11-20 18:54:59 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2015-11-20 18:54:28 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-11-20 18:54:18 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-11-20 18:54:15 37888 ----a-w- C:\Windows\System32\wuapp.exe
2015-11-20 18:34:36 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-11-20 18:33:56 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-11-11 18:53:48 1735680 ----a-w- C:\Windows\System32\comsvcs.dll
2015-11-11 18:53:47 525312 ----a-w- C:\Windows\System32\catsrvut.dll
2015-11-11 18:39:34 1242624 ----a-w- C:\Windows\SysWow64\comsvcs.dll
2015-11-11 18:39:33 487936 ----a-w- C:\Windows\SysWow64\catsrvut.dll
2015-11-10 18:55:29 1648128 ----a-w- C:\Windows\System32\DWrite.dll
2015-11-10 18:55:29 1180160 ----a-w- C:\Windows\System32\FntCache.dll
2015-11-10 18:55:26 1008640 ----a-w- C:\Windows\System32\user32.dll
2015-11-10 18:39:18 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-11-10 18:37:39 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2015-11-10 17:47:27 3211264 ----a-w- C:\Windows\System32\win32k.sys
2015-11-10 00:24:59 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-11-10 00:13:04 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-11-10 00:13:03 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-11-10 00:12:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-11-10 00:12:19 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-11-10 00:11:38 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-11-10 00:03:01 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-11-10 00:02:42 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-11-09 23:50:28 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-09 23:46:18 4514816 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-11-09 23:36:09 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-11-09 23:35:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-11-09 23:17:36 2011136 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-11-08 22:33:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-11-08 22:32:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-11-08 22:16:29 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-11-08 22:15:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-11-08 22:15:31 417792 ----a-w- C:\Windows\System32\html.iec
2015-11-08 22:15:22 571392 ----a-w- C:\Windows\System32\vbscript.dll
2015-11-08 22:14:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-11-08 22:04:46 5923840 ----a-w- C:\Windows\System32\jscript9.dll
2015-11-08 22:01:25 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-11-08 22:01:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-11-08 22:01:01 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-11-08 21:52:10 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-08 21:40:10 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-08 21:14:19 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-11-08 21:13:40 2123264 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-11-08 20:53:08 2487808 ----a-w- C:\Windows\System32\wininet.dll
2015-11-05 19:02:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2015-11-05 19:00:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2015-11-03 19:04:51 802304 ----a-w- C:\Windows\System32\usp10.dll
2015-11-03 19:04:37 241664 ----a-w- C:\Windows\System32\els.dll
2015-11-03 18:56:18 627712 ----a-w- C:\Windows\SysWow64\usp10.dll
2015-11-03 18:55:58 179712 ----a-w- C:\Windows\SysWow64\els.dll
2015-10-29 17:50:44 6656 ----a-w- C:\Windows\System32\shimeng.dll
2015-10-29 17:50:30 342016 ----a-w- C:\Windows\System32\apphelp.dll
2015-10-29 17:50:29 72192 ----a-w- C:\Windows\System32\aelupsvc.dll
2015-10-29 17:50:29 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50:29 309248 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50:29 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50:29 103424 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50:21 5120 ----a-w- C:\Windows\SysWow64\shimeng.dll
2015-10-29 17:50:14 23552 ----a-w- C:\Windows\System32\sdbinst.exe
2015-10-29 17:49:58 295936 ----a-w- C:\Windows\SysWow64\apphelp.dll
2015-10-29 17:49:57 562176 ----a-w- C:\Windows\apppatch\AcLayers.dll
2015-10-29 17:49:57 470528 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2015-10-29 17:49:57 2178560 ----a-w- C:\Windows\apppatch\AcGenral.dll
2015-10-29 17:49:57 211968 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2015-10-29 17:49:35 20992 ----a-w- C:\Windows\SysWow64\sdbinst.exe
2015-10-29 17:39:57 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2015-10-20 01:12:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-10-20 01:12:10 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-10-20 01:09:05 1730496 ----a-w- C:\Windows\System32\ntdll.dll
2015-10-20 01:06:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
2015-10-20 01:06:18 243712 ----a-w- C:\Windows\System32\wow64.dll
2015-10-20 01:06:18 215040 ----a-w- C:\Windows\System32\winsrv.dll
2015-10-20 01:06:18 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2015-10-20 01:04:53 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-10-20 01:04:40 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-10-20 01:04:35 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-10-20 01:00:20 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-10-20 00:59:20 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-10-20 00:52:02 3991488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52:02 3935680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48:46 1311768 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-10-20 00:44:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-10-20 00:44:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-10-20 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-10-20 00:44:18 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-10-20 00:44:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-10-20 00:39:32 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-10-20 00:39:11 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-10-19 23:41:20 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-10-19 23:40:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-19 23:40:39 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-19 23:29:36 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-10-19 23:29:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-10-19 23:27:10 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-10-19 23:27:10 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-19 23:27:10 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
.
============= FINISH: 10:03:07.13 ===============

Attached Files
File Type: txt attach.txt (14.6 KB)

West Cheshire Police Authority Virus - Android

December 21, 2015, 12:31 pm
$
0
0
I have seen this on a friends Android Tablet..

We have done a clean install on the tablet numerous times and it keeps coming back. wiped All cards internal SD cards.

But it keeps coming back.

Any way of stopping this fully

Rootkits and Koobface on Windows 10

December 10, 2015, 1:10 pm
$
0
0
I finally said goodbye to my Windows XP computer and bought a Windows 10 model, I had it for a week and was loading some of my old programs on it when a pop-up appeared and refused to go away. It had a phone number to call and foolishly I did. Well the party on the other end Shivank Khullar at
1-800-250-6602 at CloudZone came on did an examination of my computer and said I had Rootkits and Koobface on my machine and offered me a deal to clean up my machine for $159.99, a 90 day service. I read about Koobface and used my Norton Security Suite to get rid of it and then applied Malware/Anti malware byte to it. Both programs indicated that my computer is clean. How can I be sure before I go and change all my pass words? Any help would be appreciated.

Windows 10 defender keeps switching off after update

December 28, 2015, 4:50 pm
$
0
0
Windows did an update on 27 Dec, since then defender switches off. Can switch back on several ways, but switches off again within 5-10 seconds.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Daryl at 11:06:56 on 2015-12-29
Microsoft Windows 10 Home 10.0.10586.0.1252.61.1033.18.4048.2210 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1512.58020.0_x64__8wekyb3d8bbwe\Time.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus13.msn.com
uDefault_Page_URL = hxxp://asus13.msn.com
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [HP Officejet 4630 series (NET)] "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN54P591ND05Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [ASUS Easy Update] C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [LoadJoinMe] C:\Program Files\JoinMe\Windows\LoadJoinMe.exe
mRun: [zLoggingDaemon] C:\Program Files\JoinMe\Windows\zLoggingDaemon.exe
mRun: [JoinMeUpdater] C:\Program Files\JoinMe\Windows\Updtae\JoinMeUpdater.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Daryl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{95632a9d-4a7a-4d05-9290-0f6589d22f7b} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{b9ec4dad-4020-4c22-bdaf-3dc5ed235543} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Daryl\AppData\Roaming\Mozilla\Firefox\Profiles\gfujf9ef.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 mbamchameleon;mbamchameleon;C:\WINDOWS\System32\drivers\mbamchameleon.sys [2015-4-23 109272]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-9-3 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-9-3 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-9-3 149120]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-25 1840128]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-6-30 25800]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-20 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-4-23 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-23 1135416]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-14 769432]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-1 382312]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-2-20 365376]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-4-23 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-4-23 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-4-23 64216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2015-10-30 2504192]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-26 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-27 2702848]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\WINDOWS\System32\drivers\massfilter_hs.sys [2014-8-17 20232]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2015-12-27 06:08:24 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1976AD9A-7179-4AD6-91D6-B747C4CFA991}\mpengine.dll
2015-12-26 11:59:05 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-12-25 19:45:13 -------- d-sh--w- C:\Recovery
2015-12-25 19:45:10 -------- dc----w- C:\WINDOWS\Panther
2015-12-25 19:42:16 -------- d-----w- C:\Windows.old
2015-12-25 19:38:23 -------- d-----w- C:\WINDOWS\System32\Microsoft
2015-12-25 19:35:48 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-12-25 19:35:48 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-12-25 19:35:48 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-25 19:35:45 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-12-25 19:35:45 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-12-25 19:35:45 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-12-25 02:41:30 -------- d-----w- C:\Users\Daryl\AppData\Local\ActiveSync
2015-12-25 01:15:10 -------- d-sh--we C:\ProgramData\Documents
2015-12-25 01:04:49 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-12-25 01:00:47 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-12-25 01:00:47 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-12-25 00:49:34 933168 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2015-12-25 00:49:34 6783280 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2015-12-25 00:49:34 62584 ----a-w- C:\WINDOWS\System32\nvshext.dll
2015-12-25 00:49:34 5972783 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2015-12-25 00:49:34 384176 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2015-12-25 00:49:34 3522168 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2015-12-25 00:49:34 2557616 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2015-12-25 00:49:24 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2015-12-25 00:49:16 -------- d-----w- C:\Program Files\NVIDIA Corporation
2015-12-25 00:49:08 -------- d-----w- C:\WINDOWS\System32\DAX2
2015-12-25 00:48:59 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-12-25 00:48:55 -------- d-----w- C:\Program Files\Realtek
2015-12-25 00:48:54 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2015-12-25 00:46:55 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-12-25 00:07:02 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-11 01:18:39 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E4A2B665-96A6-4511-9444-2F4879F94C8F}\gapaengine.dll
.
==================== Find3M ====================
.
2015-12-28 23:57:51 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-12-10 22:04:26 18805920 ----a-w- C:\WINDOWS\System32\nvwgf2umx.dll
2015-12-09 03:39:31 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-12-07 04:57:01 973664 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2015-12-07 04:55:42 1281376 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2015-12-07 04:49:31 412512 ----a-w- C:\WINDOWS\System32\wifitask.exe
2015-12-07 04:47:58 116720 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2015-12-07 04:47:57 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-12-07 04:47:57 898184 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2015-12-07 04:47:54 716928 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2015-12-07 04:45:46 264544 ----a-w- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2015-12-07 04:15:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2015-12-07 04:15:08 75776 ----a-w- C:\WINDOWS\System32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-07 04:10:37 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2015-12-07 04:09:36 30208 ----a-w- C:\WINDOWS\System32\StorageUsage.dll
2015-12-07 04:09:27 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2015-12-07 04:09:07 133120 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2015-12-07 04:07:43 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2015-12-07 04:07:34 77312 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
2015-12-07 04:07:13 16984064 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-12-07 04:06:52 231936 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
2015-12-07 04:06:38 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2015-12-07 04:06:36 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2015-12-07 04:06:32 572928 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2015-12-07 04:05:28 36864 ----a-w- C:\WINDOWS\System32\BackgroundTransferHost.exe
2015-12-07 04:05:15 192000 ----a-w- C:\WINDOWS\System32\provisioningcsp.dll
2015-12-07 04:04:28 56320 ----a-w- C:\WINDOWS\System32\provtool.exe
2015-12-07 04:04:20 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2015-12-07 04:03:46 13017600 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-12-07 04:02:54 477696 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-12-07 04:02:49 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2015-12-07 04:02:01 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2015-12-07 04:01:43 34304 ----a-w- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
2015-12-07 04:01:07 543232 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
2015-12-07 04:00:55 323072 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2015-12-07 04:00:52 203776 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2015-12-07 04:00:51 210432 ----a-w- C:\WINDOWS\System32\wcmcsp.dll
2015-12-07 04:00:40 618496 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-12-07 03:59:52 286208 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2015-12-07 03:59:49 292352 ----a-w- C:\WINDOWS\System32\provengine.dll
2015-12-07 03:59:37 558080 ----a-w- C:\WINDOWS\System32\MBMediaManager.dll
2015-12-07 03:59:16 165376 ----a-w- C:\WINDOWS\System32\provdatastore.dll
2015-12-07 03:58:17 459776 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2015-12-07 03:57:48 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2015-12-07 03:57:40 409088 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
2015-12-07 03:57:28 270848 ----a-w- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
2015-12-07 03:56:27 497152 ----a-w- C:\WINDOWS\System32\mfmkvsrcsnk.dll
2015-12-07 03:56:18 607232 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-12-07 03:55:38 7979008 ----a-w- C:\WINDOWS\System32\mos.dll
2015-12-07 03:55:02 346112 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2015-12-07 03:54:56 850432 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2015-12-07 03:54:56 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2015-12-07 03:53:28 381952 ----a-w- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
2015-12-07 03:51:16 1318912 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll
2015-12-07 03:51:00 223232 ----a-w- C:\WINDOWS\System32\fveapibase.dll
2015-12-07 03:50:55 1131520 ----a-w- C:\WINDOWS\System32\Windows.Media.Audio.dll
2015-12-07 03:49:01 1105920 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
2015-12-07 03:48:02 6297088 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2015-12-07 03:47:02 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2015-12-07 03:45:53 683008 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:45 900608 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:44 2582016 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-12-07 03:44:48 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2015-12-07 03:43:35 931328 ----a-w- C:\WINDOWS\System32\MSMPEG2ENC.DLL
2015-12-07 03:43:07 2598400 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-12-07 03:41:02 2061824 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-12-07 03:40:47 3593216 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-12-07 03:40:23 1995776 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2015-12-07 03:40:08 1706496 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2015-12-07 03:39:24 764928 ----a-w- C:\WINDOWS\System32\fveapi.dll
2015-12-07 03:38:14 871936 ----a-w- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
2015-12-07 03:33:04 375296 ----a-w- C:\WINDOWS\System32\MDEServer.exe
2015-12-07 03:32:46 126464 ----a-w- C:\WINDOWS\System32\dialserver.dll
2015-12-01 00:33:29 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-12-01 00:33:29 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-11-13 01:21:15 1917240 ----a-w- C:\WINDOWS\System32\nvdispco6434181.dll
2015-11-13 01:21:15 1565368 ----a-w- C:\WINDOWS\System32\nvdispgenco6434181.dll
2015-10-30 09:06:56 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2015-10-30 09:03:16 6359040 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-10-30 09:03:16 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-10-30 09:03:16 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-10-30 09:03:15 4847616 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-10-30 09:03:15 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-10-30 09:02:01 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2015-10-30 09:02:00 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
2015-10-30 09:01:59 7168 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2015-10-30 09:01:59 4096 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2015-10-30 09:01:59 3072 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\en-US\SensorsCx.dll.mui
2015-10-30 07:21:31 209408 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2015-10-30 07:21:29 230912 ----a-w- C:\WINDOWS\System32\msclmd.dll
2015-10-30 07:20:00 926208 ----a-w- C:\WINDOWS\SysWow64\FXSRESM.dll
2015-10-30 07:20:00 79360 ----a-w- C:\WINDOWS\SysWow64\FXSCOM.dll
2015-10-30 07:20:00 525824 ----a-w- C:\WINDOWS\SysWow64\FXSCOMEX.dll
2015-10-30 07:20:00 34816 ----a-w- C:\WINDOWS\SysWow64\sxproxy.dll
2015-10-30 07:20:00 27136 ----a-w- C:\WINDOWS\SysWow64\WinFax.dll
2015-10-30 07:20:00 232448 ----a-w- C:\WINDOWS\SysWow64\FXSAPI.dll
2015-10-30 07:20:00 222208 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2015-10-30 07:18:46 25600 ----a-w- C:\WINDOWS\System32\NcaApi.dll
2015-10-30 07:17:59 990720 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
2015-10-30 06:31:04 143360 ----a-w- C:\WINDOWS\System32\poqexec.exe
.
============= FINISH: 11:08:04.67 ===============

Attached Files
File Type: txt attach.txt (16.5 KB)

Possible lingering Malware issues

December 28, 2015, 5:02 pm
$
0
0
Hello all

I posted my question in this thread over here. The proposed fix worked but only temporarily so I was told to try for help over here. I laid out the problem over there so I won't repeat myself over here.

Thanks for the help in advance.
Viewing all 2798 articles
Browse latest View live
Search