Hi,
I don't know what to call this so here goes. I have been receiving a lot of emails which purport to be about employment from an international company. They land in my Junk folder mainly and I simply delete them. The headings vary and some landed in the inbox and I know I opened one or two. I now receive Undeliverable Emails from my ISP and my email Outlook Express is sending the same kind of emails I have been receiving - and I have no idea who to but guess it's from my contact list. I am using Webroot antivirus and the scans come back clean.
Please help - how do I clear this out?
Here's the DDs file:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18377
Run by Sue at 14:26:47 on 2016-08-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3982.1800 [GMT 2:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
SP: Webroot SecureAnywhere *Enabled/Updated* {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\taskhost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Cell C\AssistantServices.exe
C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Sue\AppData\Roaming\Dashlane\Dashlane.exe
C:\Users\Sue\AppData\Roaming\Dashlane\DashlanePlugin.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Cell C\UIExec.exe
C:\Program Files (x86)\Cell C\CancelAutoPlay.exe
C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Dashlane BHO: {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Sue\AppData\Roaming\Dashlane\ie\Dashlanei.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [Dashlane] "C:\Users\Sue\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
uRun: [DashlanePlugin] "C:\Users\Sue\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws
uRun: [Free Download Manager] "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
mRun: [UIExec] "C:\Program Files (x86)\Cell C\UIExec.exe"
mRun: [CancelAutoPlay] "C:\Program Files (x86)\Cell C\CancelAutoPlay.exe" run
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\Users\Sue\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~4.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~3.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {7D2B3E1D-D096-4594-9D8F-A6667F12E0AC} - "C:\Program Files (x86)\Lyoness Browser\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GwxControlPanelMonitor] "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: PFW - <no file>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sue\AppData\Roaming\Mozilla\Firefox\Profiles\bx9jbngc.default-1456469919201\
FF - prefs.js: browser.search.selectedEngine - Ask Web Search
FF - prefs.js: browser.startup.homepage - hxxp://home.tb.ask.com/index.jhtml?ptb=39F890B4-5E59-475D-9226-4A5337D3A4C4&n=781bddf1&p2=^YK^xdm199^YYA^za&si=CNjAgc2QisgCFUoJwwodXB0IYg
FF - prefs.js: keyword.URL - hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4D886D96-ECBD-4EA1-A36E-2FDB6C26449A&n=782a2e01&ind=2016030209&p2=^BZB^xdm114^YYA^za&si=25878649397&searchfor=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-4-30 677360]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-4-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-1-24 20464]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2015-10-20 117728]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-1-24 21584]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
R2 LyonessBrowserUpdater;LyonessBrowserUpdater;C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe [2015-3-23 180736]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-6-9 754784]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Cell C\AssistantServices.exe [2015-8-13 277248]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2015-10-20 896472]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-1-24 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-1-24 786416]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-24 769168]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2012-3-15 102912]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2012-3-15 220672]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-1-24 21584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-4-25 129152]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-7-31 809488]
S3 ggflt;SOMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2015-6-9 16088]
S3 ggsomc;SOMC USB Flash Driver;C:\Windows\System32\drivers\ggsomc.sys [2015-6-9 30424]
S3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\Windows\System32\drivers\HSPADataCardusbmdm.sys [2014-1-29 123392]
S3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\Windows\System32\drivers\HSPADataCardusbnmea.sys [2014-1-29 123392]
S3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\Windows\System32\drivers\HSPADataCardusbser.sys [2014-1-29 123392]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-7-13 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-2-5 449496]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-1-24 169432]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2015-8-13 11776]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-6-9 155520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-7-22 164992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-31 1255736]
S3 wrUrlFlt;Webroot UrlFilter;C:\Windows\System32\drivers\wrUrlFlt.sys [2015-10-20 54512]
.
=============== Created Last 30 ================
.
2016-07-27 07:22:58 65024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\PPhp1020.DLL
2016-07-27 07:22:54 501760 ----a-w- C:\Windows\System32\ZSHP1020.EXE
2016-07-27 07:22:54 192512 ----a-w- C:\Windows\System32\ZLhp1020.DLL
2016-07-22 03:51:40 164992 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2016-07-20 07:43:28 -------- d-----w- C:\Windows\EOONotify
2016-07-20 07:38:41 -------- d-----w- C:\Users\Sue\AppData\Local\Amazon
2016-07-20 07:38:14 -------- d-----w- C:\Program Files (x86)\Amazon
2016-07-13 12:15:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2016-07-13 09:29:20 929792 ----a-w- C:\Program Files\Windows Journal\InkSeg.dll
2016-07-13 09:29:20 668160 ----a-w- C:\Program Files\Windows Journal\MSPVWCTL.DLL
2016-07-13 09:29:20 62976 ----a-w- C:\Program Files\Windows Journal\NBMapTIP.dll
2016-07-13 09:29:20 2164736 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2016-07-13 09:29:20 1737216 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2016-07-13 09:29:20 1397760 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2016-07-13 09:16:16 3217408 ----a-w- C:\Windows\System32\win32k.sys
2016-07-13 09:12:10 970240 ----a-w- C:\Windows\System32\localspl.dll
2016-07-13 09:12:10 756736 ----a-w- C:\Windows\System32\win32spl.dll
2016-07-13 09:12:10 61952 ----a-w- C:\Windows\SysWow64\ntprint.exe
2016-07-13 09:12:10 61952 ----a-w- C:\Windows\System32\ntprint.exe
2016-07-13 09:12:10 497152 ----a-w- C:\Windows\SysWow64\win32spl.dll
2016-07-13 09:12:10 48640 ----a-w- C:\Windows\System32\wpnpinst.exe
2016-07-13 09:12:10 38912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2016-07-13 09:12:10 344576 ----a-w- C:\Windows\System32\ntprint.dll
2016-07-13 09:12:10 297472 ----a-w- C:\Windows\SysWow64\ntprint.dll
2016-07-13 09:12:10 22528 ----a-w- C:\Windows\System32\inetppui.dll
2016-07-13 09:12:10 166400 ----a-w- C:\Windows\System32\inetpp.dll
2016-07-13 09:00:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-07-13 09:00:38 571904 ----a-w- C:\Windows\System32\generaltel.dll
2016-07-13 09:00:38 544256 ----a-w- C:\Windows\System32\devinv.dll
2016-07-13 09:00:38 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-07-13 09:00:38 294912 ----a-w- C:\Windows\System32\invagent.dll
2016-07-13 09:00:38 268800 ----a-w- C:\Windows\System32\centel.dll
2016-07-13 09:00:38 219136 ----a-w- C:\Windows\System32\aepic.dll
2016-07-13 09:00:38 1490432 ----a-w- C:\Windows\System32\appraiser.dll
2016-07-13 09:00:38 1208320 ----a-w- C:\Windows\System32\aeinv.dll
2016-07-06 12:04:00 647408 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp180.dll
2016-07-06 12:02:27 -------- d-----w- C:\HP Universal Print Driver
.
==================== Find3M ====================
.
2016-08-04 10:11:22 5642 --sha-w- C:\ProgramData\KGyGaAvL.sys
2016-07-22 06:59:28 181176 ----a-w- C:\Windows\SysWow64\WRusr.dll
2016-07-22 06:59:28 115768 ----a-w- C:\Windows\System32\WRusr.dll
2016-07-21 07:16:19 54512 ----atw- C:\Windows\System32\drivers\wrUrlFlt.sys
2016-07-15 08:11:40 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-07-15 08:11:40 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-07 07:52:07 117728 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2016-06-14 15:21:17 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2016-06-10 21:38:26 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-06-10 21:38:13 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-06-10 21:20:37 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-06-10 21:19:33 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-06-10 21:19:24 417792 ----a-w- C:\Windows\System32\html.iec
2016-06-10 21:18:57 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-06-10 21:18:48 572416 ----a-w- C:\Windows\System32\vbscript.dll
2016-06-10 21:03:14 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-06-10 21:03:13 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-06-10 21:02:53 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-06-10 20:53:59 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-06-10 20:49:29 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-06-10 20:40:41 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-06-10 20:11:27 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-06-10 20:10:46 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-06-10 19:44:23 2869248 ----a-w- C:\Windows\System32\wininet.dll
2016-06-10 19:09:24 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-06-10 18:54:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-06-10 18:53:35 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-06-10 18:53:30 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-06-10 18:53:13 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-06-10 18:52:06 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-06-10 18:41:44 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-06-10 18:41:22 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-06-10 18:27:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-06-10 18:14:52 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-06-10 18:09:13 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-06-10 18:09:07 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-06-10 17:45:19 2392576 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-05-18 16:10:23 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-05-18 16:09:22 405504 ----a-w- C:\Windows\System32\gdi32.dll
2016-05-13 22:15:24 382184 ----a-w- C:\Windows\System32\atmfd.dll
2016-05-13 22:09:19 41472 ----a-w- C:\Windows\System32\lpk.dll
2016-05-13 22:09:16 100864 ----a-w- C:\Windows\System32\fontsub.dll
2016-05-13 22:09:13 14336 ----a-w- C:\Windows\System32\dciman32.dll
2016-05-13 22:09:10 46080 ----a-w- C:\Windows\System32\atmlib.dll
2016-05-13 21:54:26 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2016-05-13 21:50:05 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2016-05-13 21:49:48 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-05-13 21:49:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2016-05-13 21:27:06 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-05-12 17:20:14 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-05-12 17:20:14 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-05-12 17:15:04 105472 ----a-w- C:\Windows\System32\winipsec.dll
2016-05-12 17:15:03 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-05-12 17:15:03 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-05-12 17:15:03 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-05-12 17:15:02 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-05-12 17:15:02 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-05-12 15:18:40 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-05-12 15:05:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-05-12 14:58:45 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-05-12 14:58:32 464896 ----a-w- C:\Windows\System32\drivers\srv.sys
2016-05-12 14:58:25 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys
2016-05-12 14:58:18 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2016-05-12 14:58:12 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-05-12 14:58:10 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-05-12 14:57:27 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-05-12 14:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-05-12 14:51:38 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-05-12 13:05:59 459640 ----a-w- C:\Windows\System32\drivers\cng.sys
2016-05-12 13:05:59 297984 ----a-w- C:\Windows\System32\bcryptprimitives.dll
2016-05-12 13:04:55 249352 ----a-w- C:\Windows\SysWow64\bcryptprimitives.dll
2016-05-11 17:02:50 296448 ----a-w- C:\Windows\System32\ws2_32.dll
2016-05-11 17:02:49 444928 ----a-w- C:\Windows\System32\winhttp.dll
2016-05-11 17:02:48 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2016-05-11 17:02:42 327168 ----a-w- C:\Windows\System32\mswsock.dll
2016-05-11 15:19:26 206336 ----a-w- C:\Windows\SysWow64\ws2_32.dll
2016-05-11 15:19:25 351744 ----a-w- C:\Windows\SysWow64\winhttp.dll
2016-05-11 15:19:24 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2016-05-11 15:19:16 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2016-05-11 15:11:34 25088 ----a-w- C:\Windows\System32\netbtugc.exe
2016-05-11 15:01:19 26624 ----a-w- C:\Windows\SysWow64\netbtugc.exe
2016-05-11 14:58:23 262144 ----a-w- C:\Windows\System32\drivers\netbt.sys
2015-12-22 06:52:37 12964920 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 14:26:53.79 ===============
Thank you in advance!
Sue:flowers::flowers:
I don't know what to call this so here goes. I have been receiving a lot of emails which purport to be about employment from an international company. They land in my Junk folder mainly and I simply delete them. The headings vary and some landed in the inbox and I know I opened one or two. I now receive Undeliverable Emails from my ISP and my email Outlook Express is sending the same kind of emails I have been receiving - and I have no idea who to but guess it's from my contact list. I am using Webroot antivirus and the scans come back clean.
Please help - how do I clear this out?
Here's the DDs file:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18377
Run by Sue at 14:26:47 on 2016-08-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3982.1800 [GMT 2:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
SP: Webroot SecureAnywhere *Enabled/Updated* {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\taskhost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Cell C\AssistantServices.exe
C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Sue\AppData\Roaming\Dashlane\Dashlane.exe
C:\Users\Sue\AppData\Roaming\Dashlane\DashlanePlugin.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Cell C\UIExec.exe
C:\Program Files (x86)\Cell C\CancelAutoPlay.exe
C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Dashlane BHO: {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Sue\AppData\Roaming\Dashlane\ie\Dashlanei.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [Dashlane] "C:\Users\Sue\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
uRun: [DashlanePlugin] "C:\Users\Sue\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws
uRun: [Free Download Manager] "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorun
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
mRun: [UIExec] "C:\Program Files (x86)\Cell C\UIExec.exe"
mRun: [CancelAutoPlay] "C:\Program Files (x86)\Cell C\CancelAutoPlay.exe" run
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\Users\Sue\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sue\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~4.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~3.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {7D2B3E1D-D096-4594-9D8F-A6667F12E0AC} - "C:\Program Files (x86)\Lyoness Browser\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GwxControlPanelMonitor] "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: PFW - <no file>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sue\AppData\Roaming\Mozilla\Firefox\Profiles\bx9jbngc.default-1456469919201\
FF - prefs.js: browser.search.selectedEngine - Ask Web Search
FF - prefs.js: browser.startup.homepage - hxxp://home.tb.ask.com/index.jhtml?ptb=39F890B4-5E59-475D-9226-4A5337D3A4C4&n=781bddf1&p2=^YK^xdm199^YYA^za&si=CNjAgc2QisgCFUoJwwodXB0IYg
FF - prefs.js: keyword.URL - hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4D886D96-ECBD-4EA1-A36E-2FDB6C26449A&n=782a2e01&ind=2016030209&p2=^BZB^xdm114^YYA^za&si=25878649397&searchfor=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-4-30 677360]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-4-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-1-24 20464]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2015-10-20 117728]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-1-24 21584]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
R2 LyonessBrowserUpdater;LyonessBrowserUpdater;C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe [2015-3-23 180736]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-6-9 754784]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Cell C\AssistantServices.exe [2015-8-13 277248]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2015-10-20 896472]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-1-24 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-1-24 786416]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-24 769168]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2012-3-15 102912]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2012-3-15 220672]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-1-24 21584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-4-25 129152]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-7-31 809488]
S3 ggflt;SOMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2015-6-9 16088]
S3 ggsomc;SOMC USB Flash Driver;C:\Windows\System32\drivers\ggsomc.sys [2015-6-9 30424]
S3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\Windows\System32\drivers\HSPADataCardusbmdm.sys [2014-1-29 123392]
S3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\Windows\System32\drivers\HSPADataCardusbnmea.sys [2014-1-29 123392]
S3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\Windows\System32\drivers\HSPADataCardusbser.sys [2014-1-29 123392]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-7-13 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-2-5 449496]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-1-24 169432]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2015-8-13 11776]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-6-9 155520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-7-22 164992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-31 1255736]
S3 wrUrlFlt;Webroot UrlFilter;C:\Windows\System32\drivers\wrUrlFlt.sys [2015-10-20 54512]
.
=============== Created Last 30 ================
.
2016-07-27 07:22:58 65024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\PPhp1020.DLL
2016-07-27 07:22:54 501760 ----a-w- C:\Windows\System32\ZSHP1020.EXE
2016-07-27 07:22:54 192512 ----a-w- C:\Windows\System32\ZLhp1020.DLL
2016-07-22 03:51:40 164992 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2016-07-20 07:43:28 -------- d-----w- C:\Windows\EOONotify
2016-07-20 07:38:41 -------- d-----w- C:\Users\Sue\AppData\Local\Amazon
2016-07-20 07:38:14 -------- d-----w- C:\Program Files (x86)\Amazon
2016-07-13 12:15:59 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2016-07-13 09:29:20 929792 ----a-w- C:\Program Files\Windows Journal\InkSeg.dll
2016-07-13 09:29:20 668160 ----a-w- C:\Program Files\Windows Journal\MSPVWCTL.DLL
2016-07-13 09:29:20 62976 ----a-w- C:\Program Files\Windows Journal\NBMapTIP.dll
2016-07-13 09:29:20 2164736 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2016-07-13 09:29:20 1737216 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2016-07-13 09:29:20 1397760 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2016-07-13 09:16:16 3217408 ----a-w- C:\Windows\System32\win32k.sys
2016-07-13 09:12:10 970240 ----a-w- C:\Windows\System32\localspl.dll
2016-07-13 09:12:10 756736 ----a-w- C:\Windows\System32\win32spl.dll
2016-07-13 09:12:10 61952 ----a-w- C:\Windows\SysWow64\ntprint.exe
2016-07-13 09:12:10 61952 ----a-w- C:\Windows\System32\ntprint.exe
2016-07-13 09:12:10 497152 ----a-w- C:\Windows\SysWow64\win32spl.dll
2016-07-13 09:12:10 48640 ----a-w- C:\Windows\System32\wpnpinst.exe
2016-07-13 09:12:10 38912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\winprint.dll
2016-07-13 09:12:10 344576 ----a-w- C:\Windows\System32\ntprint.dll
2016-07-13 09:12:10 297472 ----a-w- C:\Windows\SysWow64\ntprint.dll
2016-07-13 09:12:10 22528 ----a-w- C:\Windows\System32\inetppui.dll
2016-07-13 09:12:10 166400 ----a-w- C:\Windows\System32\inetpp.dll
2016-07-13 09:00:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-07-13 09:00:38 571904 ----a-w- C:\Windows\System32\generaltel.dll
2016-07-13 09:00:38 544256 ----a-w- C:\Windows\System32\devinv.dll
2016-07-13 09:00:38 41704 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-07-13 09:00:38 294912 ----a-w- C:\Windows\System32\invagent.dll
2016-07-13 09:00:38 268800 ----a-w- C:\Windows\System32\centel.dll
2016-07-13 09:00:38 219136 ----a-w- C:\Windows\System32\aepic.dll
2016-07-13 09:00:38 1490432 ----a-w- C:\Windows\System32\appraiser.dll
2016-07-13 09:00:38 1208320 ----a-w- C:\Windows\System32\aeinv.dll
2016-07-06 12:04:00 647408 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp180.dll
2016-07-06 12:02:27 -------- d-----w- C:\HP Universal Print Driver
.
==================== Find3M ====================
.
2016-08-04 10:11:22 5642 --sha-w- C:\ProgramData\KGyGaAvL.sys
2016-07-22 06:59:28 181176 ----a-w- C:\Windows\SysWow64\WRusr.dll
2016-07-22 06:59:28 115768 ----a-w- C:\Windows\System32\WRusr.dll
2016-07-21 07:16:19 54512 ----atw- C:\Windows\System32\drivers\wrUrlFlt.sys
2016-07-15 08:11:40 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-07-15 08:11:40 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-07 07:52:07 117728 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2016-06-14 15:21:17 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2016-06-10 21:38:26 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-06-10 21:38:13 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-06-10 21:20:37 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-06-10 21:19:33 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-06-10 21:19:24 417792 ----a-w- C:\Windows\System32\html.iec
2016-06-10 21:18:57 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-06-10 21:18:48 572416 ----a-w- C:\Windows\System32\vbscript.dll
2016-06-10 21:03:14 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-06-10 21:03:13 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-06-10 21:02:53 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-06-10 20:53:59 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-06-10 20:49:29 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-06-10 20:40:41 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-06-10 20:11:27 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-06-10 20:10:46 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-06-10 19:44:23 2869248 ----a-w- C:\Windows\System32\wininet.dll
2016-06-10 19:09:24 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-06-10 18:54:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-06-10 18:53:35 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-06-10 18:53:30 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-06-10 18:53:13 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-06-10 18:52:06 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-06-10 18:41:44 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-06-10 18:41:22 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-06-10 18:27:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-06-10 18:14:52 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-06-10 18:09:13 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-06-10 18:09:07 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-06-10 17:45:19 2392576 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-05-18 16:10:23 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-05-18 16:09:22 405504 ----a-w- C:\Windows\System32\gdi32.dll
2016-05-13 22:15:24 382184 ----a-w- C:\Windows\System32\atmfd.dll
2016-05-13 22:09:19 41472 ----a-w- C:\Windows\System32\lpk.dll
2016-05-13 22:09:16 100864 ----a-w- C:\Windows\System32\fontsub.dll
2016-05-13 22:09:13 14336 ----a-w- C:\Windows\System32\dciman32.dll
2016-05-13 22:09:10 46080 ----a-w- C:\Windows\System32\atmlib.dll
2016-05-13 21:54:26 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2016-05-13 21:50:05 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2016-05-13 21:49:48 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-05-13 21:49:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2016-05-13 21:27:06 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-05-12 17:20:14 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-05-12 17:20:14 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-05-12 17:15:04 105472 ----a-w- C:\Windows\System32\winipsec.dll
2016-05-12 17:15:03 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-05-12 17:15:03 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-05-12 17:15:03 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-05-12 17:15:02 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-05-12 17:15:02 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-05-12 15:18:40 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-05-12 15:05:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-05-12 14:58:45 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-05-12 14:58:32 464896 ----a-w- C:\Windows\System32\drivers\srv.sys
2016-05-12 14:58:25 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys
2016-05-12 14:58:18 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2016-05-12 14:58:12 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-05-12 14:58:10 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-05-12 14:57:27 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-05-12 14:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-05-12 14:51:38 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-05-12 13:05:59 459640 ----a-w- C:\Windows\System32\drivers\cng.sys
2016-05-12 13:05:59 297984 ----a-w- C:\Windows\System32\bcryptprimitives.dll
2016-05-12 13:04:55 249352 ----a-w- C:\Windows\SysWow64\bcryptprimitives.dll
2016-05-11 17:02:50 296448 ----a-w- C:\Windows\System32\ws2_32.dll
2016-05-11 17:02:49 444928 ----a-w- C:\Windows\System32\winhttp.dll
2016-05-11 17:02:48 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll
2016-05-11 17:02:42 327168 ----a-w- C:\Windows\System32\mswsock.dll
2016-05-11 15:19:26 206336 ----a-w- C:\Windows\SysWow64\ws2_32.dll
2016-05-11 15:19:25 351744 ----a-w- C:\Windows\SysWow64\winhttp.dll
2016-05-11 15:19:24 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll
2016-05-11 15:19:16 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2016-05-11 15:11:34 25088 ----a-w- C:\Windows\System32\netbtugc.exe
2016-05-11 15:01:19 26624 ----a-w- C:\Windows\SysWow64\netbtugc.exe
2016-05-11 14:58:23 262144 ----a-w- C:\Windows\System32\drivers\netbt.sys
2015-12-22 06:52:37 12964920 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 14:26:53.79 ===============
Thank you in advance!
Sue:flowers::flowers: