Possible Malware or Virus On PC - Posted at instruction

Posting the following info as instructed by member on another thread.

- Passwords to financial sites have been changed. All other passwords to non-financial sites such as twitter or deviantart, and the financial site paypal, are not yet changed as cannot get to them (my only other known safe computer is my ipad and our wireless is finicky.)
- Only one antivirus running on my computer. Bullguard Did not often give false positives until recently.
- I do not use or have installed any bittorrent sites that I am aware of.
- I do not believe there us any illegal software installed on my computer.


Here are the contents of the dds.txt files. Attach.txt is attached below.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18231 BrowserJavaVersion: 11.73.2
Run by SarahT at 17:29:15 on 2016-03-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8139.5088 [GMT 0:00]
.
AV: BullGuard Antivirus *Enabled/Updated* {EDBB5818-2352-E06B-028A-4E6873B92CC5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: BullGuard Antispyware *Enabled/Updated* {56DAB9FC-0568-EFE5-383A-751A083E6678}
FW: BullGuard Firewall *Enabled* {D580D93D-693D-E133-29D5-E75D8D6A6BBE}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\SvcHost.exe -k BullGuard_Main
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Backup
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
C:\Windows\System32\SvcHost.exe -k BullGuard_Cache
C:\Windows\System32\SvcHost.exe -k BullGuard
C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\EscSvc64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\splwow64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\splwow64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
mStart Page = about:blank
mDefault_Page_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Program Files (x86)\Internet Explorer\F12Tools.dll
uRun: [Google Update] "C:\Users\SarahT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
TCP: NameServer = 217.12.218.114 8.8.8.8
TCP: Interfaces\{0A161E61-B8E3-424B-A405-C45E34ADB0A4} : DHCPNameServer = 217.12.218.114 8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\SarahT\AppData\Roaming\Mozilla\Firefox\Profiles\h5lx8ses.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\SarahT\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\SarahT\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\SarahT\AppData\Roaming\Mozilla\plugins\npo1d.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-1-15 632168]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-1-15 28008]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-2-18 20464]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2014-5-10 52856]
R1 AFW;Agnitum Firewall Driver;C:\Windows\System32\drivers\afw.sys [2014-2-26 52912]
R1 BdAgent;BullGuard Security Agent;C:\Windows\System32\drivers\BdAgent.sys [2014-6-18 117184]
R1 BdSpy;BdSpy;C:\Windows\System32\drivers\BdSpy.sys [2014-2-26 76728]
R1 NovaShieldFilterDriver;NovaShieldFilterDriver;C:\Windows\System32\drivers\NSKernel.sys [2015-1-29 325488]
R1 NovaShieldTDIDriver;NovaShieldTDIDriver;C:\Windows\System32\drivers\NSNetmon.sys [2015-1-29 26776]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 BsBackup;BullGuard backup service;C:\Windows\System32\SvcHost.exe -k BullGuard_Backup [2009-7-13 27136]
R2 BsBhvScan;BullGuard Behavioural Detection;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2016-3-2 684560]
R2 BsCache;BullGuard CODS service;C:\Windows\System32\SvcHost.exe -k BullGuard_Cache [2009-7-13 27136]
R2 BsFileScan;BullGuard on-access service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-13 27136]
R2 BsFire;BullGuard firewall service;C:\Windows\System32\SvcHost.exe -k BullGuard [2009-7-13 27136]
R2 BsMailProxy;BullGuard e-mail monitoring service;C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy [2009-7-13 27136]
R2 BsMain;BullGuard main service;C:\Windows\System32\SvcHost.exe -k BullGuard_Main [2009-7-13 27136]
R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2016-3-2 310288]
R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2016-3-2 398864]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2014-5-9 144560]
R2 MyEpson Portal Service;MyEpson Portal Service;C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe [2014-9-22 703984]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2014-7-15 730304]
R3 afwcore;afwcore;C:\Windows\System32\drivers\afwcore.sys [2014-2-26 465072]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 BdNet;BdNet;C:\Windows\System32\drivers\BdNet.sys [2014-3-19 33968]
R3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2014-7-15 14016]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-2-18 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-2-18 795632]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-27 888536]
R3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2014-7-15 103616]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2014-7-15 15040]
R3 XSplit_Dummy;XSplit Stream Audio Renderer;C:\Windows\System32\drivers\xspltspk.sys [2014-7-2 26200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-25 327296]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424]
S3 dc21x4vm;dc21x4vm;C:\Windows\System32\drivers\dc21x4vm.sys [2009-6-10 57344]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-9 114688]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2015-11-17 20232]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-20 19456]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-1-20 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-18 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-18 29696]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-21 1255736]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-5-8 169432]
S4 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-4-29 1738168]
S4 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-4-29 2088408]
S4 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-4-29 171928]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2016-03-17 14:55:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE73AE73-58EC-4B8B-A2E3-A3EB2ACE1EB7}\offreg.4488.dll
2016-03-15 15:52:26 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE73AE73-58EC-4B8B-A2E3-A3EB2ACE1EB7}\offreg.1744.dll
2016-03-15 13:33:19 11249080 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE73AE73-58EC-4B8B-A2E3-A3EB2ACE1EB7}\mpengine.dll
2016-03-13 22:21:42 -------- d-----w- C:\Users\SarahT\AppData\Roaming\StardewValley
2016-03-13 22:20:20 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2016-03-09 14:57:57 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-03-07 17:18:46 -------- d-----w- C:\Program Files (x86)\Minecraft
2016-03-02 11:40:27 169904 ----a-w- C:\Windows\System32\BgGamingMonitor.dll
2016-03-02 11:40:27 148256 ----a-w- C:\Windows\SysWow64\BgGamingMonitor.dll
2016-03-02 11:40:18 76816 ----a-w- C:\Windows\System32\BGLsp.dll
2016-03-02 11:40:18 61968 ----a-w- C:\Windows\SysWow64\BGLsp.dll
2016-02-27 00:07:23 970912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr120.dll
2016-02-27 00:07:23 924616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc55.dll
2016-02-27 00:07:23 887152 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2016-02-27 00:07:23 58824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
2016-02-27 00:07:23 55752 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2016-02-27 00:07:23 455328 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp120.dll
2016-02-27 00:07:23 3466856 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_47.dll
2016-02-27 00:07:23 209352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
2016-02-27 00:07:23 189896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2016-02-27 00:07:23 1287112 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin55.dll
2016-02-27 00:07:23 107976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\wow_helper.exe
2016-02-27 00:07:23 10788808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt55.dll
.
==================== Find3M ====================
.
2016-03-10 22:20:47 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-10 22:20:47 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-19 19:02:43 38336 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-02-19 18:54:11 1168896 ----a-w- C:\Windows\System32\aeinv.dll
2016-02-19 14:07:35 1373184 ----a-w- C:\Windows\System32\appraiser.dll
2016-02-12 18:52:23 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-02-12 18:52:23 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-02-12 18:52:23 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-02-12 18:44:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-02-12 18:39:55 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-02-12 18:18:22 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-02-12 18:18:05 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2016-02-12 18:05:17 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2016-02-12 18:05:13 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll
2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll
2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll
2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2016-02-11 17:48:11 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-02-11 17:43:48 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-02-11 17:41:42 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-02-11 17:40:09 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-02-11 17:34:45 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-02-11 17:34:01 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-02-11 17:33:54 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-02-11 17:32:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-02-11 17:32:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-02-11 17:32:45 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-02-11 17:32:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-02-11 17:32:25 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-02-11 17:32:18 112640 ----a-w- C:\Windows\System32\smss.exe
2016-02-11 17:31:01 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-02-11 17:30:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-02-11 17:30:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 17:30:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 17:30:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-02-11 14:07:46 689152 ----a-w- C:\Windows\System32\generaltel.dll
2016-02-09 09:57:08 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2016-02-09 09:56:09 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2016-02-09 09:55:34 30720 ----a-w- C:\Windows\System32\seclogon.dll
2016-02-09 09:54:38 9728 ----a-w- C:\Windows\System32\spwmp.dll
2016-02-09 09:51:32 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2016-02-09 09:13:14 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2016-02-09 09:13:10 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2016-02-08 20:51:13 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-02-08 20:39:06 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-02-08 20:39:06 496640 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-02-08 20:38:29 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-02-08 20:38:20 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-02-08 20:37:31 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-02-08 20:28:52 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-02-08 20:28:32 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-02-08 20:16:21 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-02-08 20:10:37 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-02-08 20:01:48 2050560 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-02-08 20:01:43 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-02-08 19:43:04 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-02-08 19:39:47 97888 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
============= FINISH: 17:32:21.58 ===============

Attached Files

attach.txt (10.8 KB)