Having issues with Dropbox and google drive syncing after Virus removal

Hello, your site helped me in Nov 2014 with a ransomware virus. The link is below to that thread. They were very helpful. However, ever since then, my dropbox and google drive do not sync anymore. I tried booting in safe mode, but got same result, so it makes me think it is deeper in the registry possibly. I had two computers affected by the virus, but only this one with attached files was modified. I updated both computers post-fix with MSE, Malwarebytes, and Ad block Pro. The dropbox and google drive sync fine on the other computer, but not this one. It does not sync. Can you offer any assistance? Thank you


Malware/browser ads on computer - Tech Support Forum

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.18715
Run by RUDI BAUKNECHT at 7:20:25 on 2015-02-26
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6127.3539 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Windows\system32\svchost.exe -k ftpsvc
C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\RUDI BAUKNECHT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\RUDI BAUKNECHT\AppData\Local\Akamai\netsession_win.exe
C:\Users\RUDI BAUKNECHT\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe
C:\Users\RUDI BAUKNECHT\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\ITUNES\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Akamai NetSession Interface] "C:\Users\RUDI BAUKNECHT\AppData\Local\Akamai\netsession_win.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Amazon Cloud Player] "C:\Users\RUDI BAUKNECHT\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
uRun: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\RUDIBA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\RUDI BAUKNECHT\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~2.LNK - C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SOLIDW~1.LNK - C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm
IE: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - hxxp://components.viewpoint.com/MTSInstallers/MetaStream3.cab
DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - hxxp://dl-ak.solidworks.com/nonsecure/edrawings/e2012sp03/12.3.0.113/cab//eModelsStandard.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://76.99.208.104:90/codebase/DVM_IPCam2.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{B715E72B-0D1D-4582-91D5-05F5E3E1622F} : NameServer = 8.8.8.8,8.8.8.8
TCP: Interfaces\{B715E72B-0D1D-4582-91D5-05F5E3E1622F} : DHCPNameServer = 192.168.1.1
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\RUDI BAUKNECHT\AppData\Roaming\Mozilla\Firefox\Profiles\0smh1zvz.default-1415280521140\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Users\RUDI BAUKNECHT\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\RUDI BAUKNECHT\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
FF - plugin: D:\iTunes\Mozilla Plugins\npitunes.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-10 55280]
R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-9-28 239616]
R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2010-7-30 164200]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2014-10-13 223232]
R2 ftpsvc;Microsoft FTP Service;C:\Windows\System32\svchost.exe -k ftpsvc [2009-7-13 27136]
R2 Hp.Skyroom.Windows.Service;HP SkyRoom;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2010-3-3 124472]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-11 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-11 969016]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-7-17 124560]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-3-10 635416]
R2 rgsender;Remote Graphics Sender Service;C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2011-3-10 379904]
R2 Samsung Link Service;Samsung Link Service;C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2013-10-23 609632]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-3-29 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-11 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-11 63704]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
R3 PciPPorts;PCI ECP Parallel Port;C:\Windows\System32\drivers\PciPPorts.sys [2011-3-31 96768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2014-6-12 76328]
S3 CXPLRCAP;EVC2010;C:\Windows\System32\drivers\elvidcap.sys [2013-3-27 150856]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-9-9 1431888]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-6-13 1120752]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-4-2 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-30 1255736]
.
=============== Created Last 30 ================
.
2015-02-25 13:28:09 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E3CE03B-A882-479C-95DD-D402B724AA64}\mpengine.dll
2015-02-24 13:28:09 11910896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-21 09:29:45 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6853B294-0BDA-4791-A33F-7A98F00117A2}\gapaengine.dll
2015-02-19 00:06:32 -------- d-----w- C:\Windows\SysWow64\BestPractices
2015-02-19 00:06:32 -------- d-----w- C:\Windows\System32\BestPractices
2015-02-19 00:06:32 -------- d-----w- C:\inetpub
2015-02-18 22:03:13 -------- d-----w- C:\Users\RUDI BAUKNECHT\AppData\Roaming\FileZilla Server
2015-01-28 07:19:30 192000 ----a-w- C:\Windows\System32\iisRtl.dll
2015-01-28 07:19:29 55296 ----a-w- C:\Windows\System32\admwprox.dll
2015-01-28 07:19:29 50688 ----a-w- C:\Windows\SysWow64\admwprox.dll
2015-01-28 07:19:29 154624 ----a-w- C:\Windows\SysWow64\iisRtl.dll
2015-01-28 07:19:28 60928 ----a-w- C:\Windows\System32\ahadmin.dll
2015-01-28 07:19:28 16896 ----a-w- C:\Windows\System32\iisreset.exe
2015-01-28 07:19:28 15360 ----a-w- C:\Windows\SysWow64\iisreset.exe
2015-01-28 07:19:28 14848 ----a-w- C:\Windows\System32\wamregps.dll
2015-01-28 07:19:27 8192 ----a-w- C:\Windows\SysWow64\iisrstap.dll
2015-01-28 07:19:27 26624 ----a-w- C:\Windows\SysWow64\ahadmin.dll
2015-01-28 07:19:27 11264 ----a-w- C:\Windows\System32\iisrstap.dll
2015-01-28 07:19:27 10752 ----a-w- C:\Windows\SysWow64\wamregps.dll
.
==================== Find3M ====================
.
2015-02-26 12:12:23 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-10 19:52:56 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-10 19:52:56 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-01-14 06:09:27 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-14 06:05:30 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-01-14 06:05:30 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-01-14 06:04:56 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-01-14 05:44:59 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-01-14 05:44:58 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-01-14 05:41:09 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-01-13 03:10:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-01-13 02:49:19 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-01-12 03:11:00 1188864 ----a-w- C:\Windows\System32\wininet.dll
2015-01-12 03:10:47 610304 ----a-w- C:\Windows\System32\vbscript.dll
2015-01-12 03:09:57 47616 ----a-w- C:\Windows\System32\mshta.exe
2015-01-12 03:09:51 174592 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-12 03:09:36 1538048 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-01-12 02:45:17 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-01-12 02:45:04 428544 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-01-12 02:44:19 50176 ----a-w- C:\Windows\SysWow64\mshta.exe
2015-01-12 02:44:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-12 02:44:04 1466368 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-01-12 02:33:52 482816 ----a-w- C:\Windows\System32\html.iec
2015-01-12 02:14:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
2015-01-12 02:10:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2015-01-12 01:53:57 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-01-09 02:03:01 3201536 ----a-w- C:\Windows\System32\win32k.sys
2014-12-31 11:14:31 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-12-11 17:47:12 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2014-12-08 03:09:05 406528 ----a-w- C:\Windows\System32\scesrv.dll
2014-12-08 02:46:05 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
.
============= FINISH: 7:20:47.07 ===============

Attached Files

	ark.txt (4.4 KB)
	attach.txt (13.7 KB)