Malwarebytes keeps randomly popping up a notice that says:
Website blocked
You may exclude sites or applications from website protection by clicking Manage Exclusions.
IP Address 93.171.173.13
Port 52154
Type: Outbound
File: C:\Windows\System32\svchost.exe
Yes. I have install disc.
DDS Follows:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18739
Run by April at 10:05:14 on 2017-08-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8122.5837 [GMT -5:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\Masterkeys pro L RGB HID.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = 8.8.8.8:80
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
uRun: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
uRun: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4851209F05X4:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [MasterKeys Pro L] "C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\MasterKeys Pro L RGB HID.exe"
mRun: [OnScreen Control] C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1464027202442
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F2F74FFE-E676-4DB8-9FFA-4E0EDFD6D63E} : DHCPNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\April\AppData\Roaming\Mozilla\Firefox\Profiles\0s5eb2ct.default\
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-11-20 22768]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-3-1 320008]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2016-5-20 1015848]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2016-5-20 585608]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-7-26 77376]
R1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;C:\Windows\System32\drivers\VBoxNetLwf.sys [2017-7-17 205952]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2016-5-20 146696]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2016-5-20 198768]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-7-26 263312]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-25 4412104]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2017-2-21 121344]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2017-4-28 2273432]
R2 FoxitReaderService;Foxit Reader Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2017-3-15 1659592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2016-5-23 131544]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-7-8 195336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-5-23 169432]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-4-5 225400]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MBAMChameleon.sys [2017-7-26 188352]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-7-26 4470736]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-9-7 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-2-14 464440]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-1-29 450168]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-7-26 7430992]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2013-5-30 495376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-11-20 395504]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-11-20 806128]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2017-4-5 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\Windows\System32\drivers\LGJoyXlCore.sys [2017-4-5 67736]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2017-4-5 26008]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-7-26 101784]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2016-11-24 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-11-24 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-7-26 84256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2017-5-22 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\Windows\System32\drivers\nvvhci.sys [2017-5-22 57976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-26 125064]
S2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-3-22 3148184]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2016-5-20 46984]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-3-21 1595400]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2016-5-24 342456]
S3 GalaxyClientService;GalaxyClientService;C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2017-3-24 512576]
S3 GalaxyCommunication;GalaxyCommunication;C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2017-3-24 7942208]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-8-1 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 mt7612US;Xbox Wireless Adapter for Windows;C:\Windows\System32\drivers\mt7612US.sys [2015-12-8 376200]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-9-7 495224]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-5-22 30328]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-3-22 2168208]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-7-18 260288]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-9-13 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-9-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2016-9-13 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2016-5-22 1255736]
S3 xb1usb;Xbox Peripherals (legacy) Driver;C:\Windows\System32\drivers\xb1usb.sys [2016-2-21 42760]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-12-8 243080]
.
=============== File Associations ===============
.
ShellExec: pycharm.exe: open=C:\Program Files\JetBrains\PyCharm Community Edition 2017.1.5\bin\pycharm64.exe "%1"
.
=============== Created Last 30 ================
.
2017-08-01 15:03:53 -------- d-----w- C:\ProgramData\SWCUTemp
2017-08-01 13:26:17 -------- d-----w- C:\ProgramData\HitmanPro
2017-07-27 04:50:05 188352 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys
2017-07-27 04:49:51 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys
2017-07-27 04:49:51 101784 ----a-w- C:\Windows\System32\drivers\farflt.sys
2017-07-27 04:49:39 77376 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-07-27 04:49:36 -------- d-----w- C:\Program Files\Malwarebytes
2017-07-27 02:25:56 -------- d-----w- C:\Users\April\VirtualBox VMs
2017-07-27 02:24:26 -------- d-----w- C:\Program Files\Oracle
2017-07-26 22:42:24 -------- d-----w- C:\Users\April\.VirtualBox
2017-07-26 21:09:40 -------- d-----w- C:\Users\April\.PyCharmCE2017.2
2017-07-18 07:47:24 572096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-07-18 07:46:52 29888 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-07-18 07:33:04 260288 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2017-07-18 02:06:46 205952 ----a-w- C:\Windows\System32\drivers\VBoxNetLwf.sys
2017-07-18 02:06:46 131144 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp6.sys
.
==================== Find3M ====================
.
2017-08-01 15:02:24 45472 ----a-w- C:\Windows\System32\drivers\mbam.sys
2017-08-01 15:02:24 253856 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2017-07-26 21:14:27 146696 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2017-07-26 21:13:59 57728 ----a-w- C:\Windows\System32\drivers\aswbuniva.sys
2017-07-26 21:13:59 343288 ----a-w- C:\Windows\System32\drivers\aswbloga.sys
2017-07-26 21:13:59 320008 ----a-w- C:\Windows\System32\drivers\aswbidsdrivera.sys
2017-07-26 21:13:59 198976 ----a-w- C:\Windows\System32\drivers\aswbidsha.sys
2017-07-18 02:06:46 965984 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2017-07-18 02:06:46 149816 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2017-07-09 14:06:01 361336 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2017-07-09 14:05:48 84392 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2017-07-09 14:05:48 46984 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2017-07-09 14:05:48 198768 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2017-07-09 14:05:48 110352 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2017-07-09 14:05:42 1015848 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2017-06-30 02:57:24 2319872 ----a-w- C:\Windows\System32\tquery.dll
2017-06-30 02:57:21 2058240 ----a-w- C:\Windows\System32\Query.dll
2017-06-30 02:57:17 99840 ----a-w- C:\Windows\System32\mssprxy.dll
2017-06-30 02:57:17 778240 ----a-w- C:\Windows\System32\mssvp.dll
2017-06-30 02:57:17 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2017-06-30 02:57:17 491520 ----a-w- C:\Windows\System32\mssph.dll
2017-06-30 02:57:17 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2017-06-30 02:57:17 2222080 ----a-w- C:\Windows\System32\mssrch.dll
2017-06-30 02:57:17 14336 ----a-w- C:\Windows\System32\msshooks.dll
2017-06-30 02:57:17 115200 ----a-w- C:\Windows\System32\mssitlb.dll
2017-06-30 02:40:25 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-06-30 02:40:18 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-06-30 02:39:38 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-06-30 02:39:01 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-06-30 02:38:58 1363968 ----a-w- C:\Windows\SysWow64\Query.dll
2017-06-30 02:38:54 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2017-06-30 02:38:54 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2017-06-30 02:38:54 34816 ----a-w- C:\Windows\SysWow64\mssprxy.dll
2017-06-30 02:38:54 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2017-06-30 02:38:54 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2017-06-30 02:38:54 1400320 ----a-w- C:\Windows\SysWow64\mssrch.dll
2017-06-30 02:38:54 104448 ----a-w- C:\Windows\SysWow64\mssitlb.dll
2017-06-30 02:27:15 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-06-30 02:27:04 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-06-30 02:26:41 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-06-30 02:26:20 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-06-29 06:19:09 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-06-29 06:18:58 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-06-29 06:04:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-06-29 06:03:28 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-06-29 06:03:20 417792 ----a-w- C:\Windows\System32\html.iec
2017-06-29 06:02:52 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-06-29 06:02:46 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-06-29 05:50:26 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-06-29 05:50:26 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-06-29 05:50:10 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-06-29 05:44:36 5975552 ----a-w- C:\Windows\System32\jscript9.dll
2017-06-29 05:43:07 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-06-29 05:35:46 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-06-29 05:31:50 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-06-29 05:31:23 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-06-29 05:23:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-06-29 05:23:38 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-06-29 05:23:03 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-06-29 05:22:54 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-06-29 05:22:01 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-06-29 05:13:38 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-06-29 05:13:19 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-06-29 05:08:32 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-06-29 05:07:16 2132992 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-06-29 05:01:01 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-06-29 05:00:32 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-06-29 04:53:46 3240960 ----a-w- C:\Windows\System32\wininet.dll
2017-06-29 04:52:52 4549632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-06-29 04:46:33 2057216 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-06-29 04:46:20 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-06-29 04:28:59 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-06-22 14:58:48 3223040 ----a-w- C:\Windows\System32\win32k.sys
2017-06-15 20:23:49 753664 ----a-w- C:\Windows\System32\drivers\http.sys
2017-06-12 22:54:32 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-06-12 22:54:32 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-06-12 22:54:31 370920 ----a-w- C:\Windows\System32\clfs.sys
2017-06-12 22:29:03 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2017-06-12 22:29:03 82944 ----a-w- C:\Windows\SysWow64\bcrypt.dll
2017-06-12 22:29:03 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2017-06-12 22:29:03 444928 ----a-w- C:\Windows\SysWow64\wvc.dll
2017-06-12 22:29:02 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2017-06-12 22:29:02 1227264 ----a-w- C:\Windows\SysWow64\wdc.dll
2017-06-12 22:29:01 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2017-06-12 22:29:01 390144 ----a-w- C:\Windows\SysWow64\sysmon.ocx
2017-06-12 22:28:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2017-06-12 22:28:58 254464 ----a-w- C:\Windows\SysWow64\schannel.dll
2017-06-12 22:28:58 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
2017-06-12 22:28:57 47104 ----a-w- C:\Windows\SysWow64\pdhui.dll
2017-06-12 22:28:54 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2017-06-12 22:28:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2017-06-12 22:28:53 261120 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2017-06-12 22:28:52 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2017-06-12 22:28:51 554496 ----a-w- C:\Windows\SysWow64\kerberos.dll
2017-06-12 22:28:48 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2017-06-12 22:28:47 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2017-06-12 22:28:46 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
2017-06-12 22:19:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-06-12 22:14:07 379392 ----a-w- C:\Windows\System32\msinfo32.exe
2017-06-12 22:14:06 172544 ----a-w- C:\Windows\System32\perfmon.exe
.
============= FINISH: 10:05:23.11 ===============
Website blocked
You may exclude sites or applications from website protection by clicking Manage Exclusions.
IP Address 93.171.173.13
Port 52154
Type: Outbound
File: C:\Windows\System32\svchost.exe
Yes. I have install disc.
DDS Follows:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18739
Run by April at 10:05:14 on 2017-08-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8122.5837 [GMT -5:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\Masterkeys pro L RGB HID.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = 8.8.8.8:80
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
uRun: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
uRun: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4851209F05X4:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [MasterKeys Pro L] "C:\Program Files (x86)\Cooler Master\MasterKeys Pro L With intelligent RGB\MasterKeys Pro L RGB HID.exe"
mRun: [OnScreen Control] C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1464027202442
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F2F74FFE-E676-4DB8-9FFA-4E0EDFD6D63E} : DHCPNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\April\AppData\Roaming\Mozilla\Firefox\Profiles\0s5eb2ct.default\
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-11-20 22768]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-3-1 320008]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2016-5-20 1015848]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2016-5-20 585608]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-7-26 77376]
R1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;C:\Windows\System32\drivers\VBoxNetLwf.sys [2017-7-17 205952]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2016-5-20 146696]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2016-5-20 198768]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-7-26 263312]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-10-25 4412104]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2017-2-21 121344]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2017-4-28 2273432]
R2 FoxitReaderService;Foxit Reader Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2017-3-15 1659592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2016-5-23 131544]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-7-8 195336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-5-23 169432]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-4-5 225400]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MBAMChameleon.sys [2017-7-26 188352]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-7-26 4470736]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-9-7 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-2-14 464440]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-1-29 450168]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-7-26 7430992]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\Windows\System32\drivers\e1d62x64.sys [2013-5-30 495376]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-11-20 395504]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-11-20 806128]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2017-4-5 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\Windows\System32\drivers\LGJoyXlCore.sys [2017-4-5 67736]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2017-4-5 26008]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-7-26 101784]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2016-11-24 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-11-24 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-7-26 84256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2017-5-22 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\Windows\System32\drivers\nvvhci.sys [2017-5-22 57976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-26 125064]
S2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-3-22 3148184]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-10-18 38424]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2016-5-20 46984]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-3-21 1595400]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2016-5-24 342456]
S3 GalaxyClientService;GalaxyClientService;C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2017-3-24 512576]
S3 GalaxyCommunication;GalaxyCommunication;C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2017-3-24 7942208]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-8-1 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 mt7612US;Xbox Wireless Adapter for Windows;C:\Windows\System32\drivers\mt7612US.sys [2015-12-8 376200]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-9-7 495224]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-5-22 30328]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-3-22 2168208]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-7-18 260288]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-9-13 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-9-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2016-9-13 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2016-5-22 1255736]
S3 xb1usb;Xbox Peripherals (legacy) Driver;C:\Windows\System32\drivers\xb1usb.sys [2016-2-21 42760]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-12-8 243080]
.
=============== File Associations ===============
.
ShellExec: pycharm.exe: open=C:\Program Files\JetBrains\PyCharm Community Edition 2017.1.5\bin\pycharm64.exe "%1"
.
=============== Created Last 30 ================
.
2017-08-01 15:03:53 -------- d-----w- C:\ProgramData\SWCUTemp
2017-08-01 13:26:17 -------- d-----w- C:\ProgramData\HitmanPro
2017-07-27 04:50:05 188352 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys
2017-07-27 04:49:51 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys
2017-07-27 04:49:51 101784 ----a-w- C:\Windows\System32\drivers\farflt.sys
2017-07-27 04:49:39 77376 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2017-07-27 04:49:36 -------- d-----w- C:\Program Files\Malwarebytes
2017-07-27 02:25:56 -------- d-----w- C:\Users\April\VirtualBox VMs
2017-07-27 02:24:26 -------- d-----w- C:\Program Files\Oracle
2017-07-26 22:42:24 -------- d-----w- C:\Users\April\.VirtualBox
2017-07-26 21:09:40 -------- d-----w- C:\Users\April\.PyCharmCE2017.2
2017-07-18 07:47:24 572096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-07-18 07:46:52 29888 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-07-18 07:33:04 260288 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2017-07-18 02:06:46 205952 ----a-w- C:\Windows\System32\drivers\VBoxNetLwf.sys
2017-07-18 02:06:46 131144 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp6.sys
.
==================== Find3M ====================
.
2017-08-01 15:02:24 45472 ----a-w- C:\Windows\System32\drivers\mbam.sys
2017-08-01 15:02:24 253856 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2017-07-26 21:14:27 146696 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2017-07-26 21:13:59 57728 ----a-w- C:\Windows\System32\drivers\aswbuniva.sys
2017-07-26 21:13:59 343288 ----a-w- C:\Windows\System32\drivers\aswbloga.sys
2017-07-26 21:13:59 320008 ----a-w- C:\Windows\System32\drivers\aswbidsdrivera.sys
2017-07-26 21:13:59 198976 ----a-w- C:\Windows\System32\drivers\aswbidsha.sys
2017-07-18 02:06:46 965984 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2017-07-18 02:06:46 149816 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2017-07-09 14:06:01 361336 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2017-07-09 14:05:48 84392 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2017-07-09 14:05:48 46984 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2017-07-09 14:05:48 198768 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2017-07-09 14:05:48 110352 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2017-07-09 14:05:42 1015848 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2017-06-30 02:57:24 2319872 ----a-w- C:\Windows\System32\tquery.dll
2017-06-30 02:57:21 2058240 ----a-w- C:\Windows\System32\Query.dll
2017-06-30 02:57:17 99840 ----a-w- C:\Windows\System32\mssprxy.dll
2017-06-30 02:57:17 778240 ----a-w- C:\Windows\System32\mssvp.dll
2017-06-30 02:57:17 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2017-06-30 02:57:17 491520 ----a-w- C:\Windows\System32\mssph.dll
2017-06-30 02:57:17 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2017-06-30 02:57:17 2222080 ----a-w- C:\Windows\System32\mssrch.dll
2017-06-30 02:57:17 14336 ----a-w- C:\Windows\System32\msshooks.dll
2017-06-30 02:57:17 115200 ----a-w- C:\Windows\System32\mssitlb.dll
2017-06-30 02:40:25 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2017-06-30 02:40:18 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2017-06-30 02:39:38 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2017-06-30 02:39:01 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-06-30 02:38:58 1363968 ----a-w- C:\Windows\SysWow64\Query.dll
2017-06-30 02:38:54 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2017-06-30 02:38:54 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2017-06-30 02:38:54 34816 ----a-w- C:\Windows\SysWow64\mssprxy.dll
2017-06-30 02:38:54 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2017-06-30 02:38:54 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2017-06-30 02:38:54 1400320 ----a-w- C:\Windows\SysWow64\mssrch.dll
2017-06-30 02:38:54 104448 ----a-w- C:\Windows\SysWow64\mssitlb.dll
2017-06-30 02:27:15 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-06-30 02:27:04 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2017-06-30 02:26:41 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2017-06-30 02:26:20 9728 ----a-w- C:\Windows\SysWow64\msshooks.dll
2017-06-29 06:19:09 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-06-29 06:18:58 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-06-29 06:04:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-06-29 06:03:28 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-06-29 06:03:20 417792 ----a-w- C:\Windows\System32\html.iec
2017-06-29 06:02:52 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-06-29 06:02:46 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-06-29 05:50:26 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-06-29 05:50:26 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-06-29 05:50:10 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-06-29 05:44:36 5975552 ----a-w- C:\Windows\System32\jscript9.dll
2017-06-29 05:43:07 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-06-29 05:35:46 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-06-29 05:31:50 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-06-29 05:31:23 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-06-29 05:23:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-06-29 05:23:38 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-06-29 05:23:03 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-06-29 05:22:54 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-06-29 05:22:01 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-06-29 05:13:38 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-06-29 05:13:19 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-06-29 05:08:32 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-06-29 05:07:16 2132992 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-06-29 05:01:01 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-06-29 05:00:32 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-06-29 04:53:46 3240960 ----a-w- C:\Windows\System32\wininet.dll
2017-06-29 04:52:52 4549632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-06-29 04:46:33 2057216 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-06-29 04:46:20 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-06-29 04:28:59 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-06-22 14:58:48 3223040 ----a-w- C:\Windows\System32\win32k.sys
2017-06-15 20:23:49 753664 ----a-w- C:\Windows\System32\drivers\http.sys
2017-06-12 22:54:32 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-06-12 22:54:32 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-06-12 22:54:31 370920 ----a-w- C:\Windows\System32\clfs.sys
2017-06-12 22:29:03 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2017-06-12 22:29:03 82944 ----a-w- C:\Windows\SysWow64\bcrypt.dll
2017-06-12 22:29:03 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2017-06-12 22:29:03 444928 ----a-w- C:\Windows\SysWow64\wvc.dll
2017-06-12 22:29:02 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2017-06-12 22:29:02 1227264 ----a-w- C:\Windows\SysWow64\wdc.dll
2017-06-12 22:29:01 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2017-06-12 22:29:01 390144 ----a-w- C:\Windows\SysWow64\sysmon.ocx
2017-06-12 22:28:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2017-06-12 22:28:58 254464 ----a-w- C:\Windows\SysWow64\schannel.dll
2017-06-12 22:28:58 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
2017-06-12 22:28:57 47104 ----a-w- C:\Windows\SysWow64\pdhui.dll
2017-06-12 22:28:54 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2017-06-12 22:28:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2017-06-12 22:28:53 261120 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2017-06-12 22:28:52 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2017-06-12 22:28:51 554496 ----a-w- C:\Windows\SysWow64\kerberos.dll
2017-06-12 22:28:48 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2017-06-12 22:28:47 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2017-06-12 22:28:46 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
2017-06-12 22:19:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-06-12 22:14:07 379392 ----a-w- C:\Windows\System32\msinfo32.exe
2017-06-12 22:14:06 172544 ----a-w- C:\Windows\System32\perfmon.exe
.
============= FINISH: 10:05:23.11 ===============
