Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Firefox and m55.dnsqa.me notification

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Sat Mar 05, 2016 5:14 am    Post subject: Firefox and m55.dnsqa.me notification Reply with quote

Hi there,
I have a fairly new computer and have in the last week or two run into Firefox pop-ups appearing, even though reportedly blocked.
I have run Malwarebytes and it found 44 suspicious files, which have been quarantined, but I'm now getting a pop up from it almost every time I open a new tab in Firefox, telling me its blocked a suspicious website - m55.dnsqa.me
Is there something further I can do to avoid this?

I've run the requested scans, as below...

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by DeniseC at 23:52:23 on 2016-03-05
Microsoft Windows 10 Home 10.0.10586.0.1252.61.1033.18.8107.4565 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\SysWOW64\esif_uf.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxHK.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?trackid=sp-006
uLocal Page = %11%\blank.htm
uSearch Bar = hxxps://www.google.com/?trackid=sp-006
uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
mStart Page = hxxps://www.google.com/?trackid=sp-006
mSearch Bar = hxxps://www.google.com/?trackid=sp-006
mSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Royal Raid: {730bc77f-4b48-4f48-9236-5cf092043d53} -
BHO: {73e63875-3642-489c-b934-1c996afd502f} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRunOnce: [Uninstall C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 8.8.8.8,8.8.8.4
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{112b8621-f656-4301-b8d5-713a0d72ce76} : DHCPNameServer = 82.163.143.171
TCP: Interfaces\{6f189d75-dc47-4b4d-8c63-d1184b5c7a04} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{970f3287-5c7b-4362-a2fb-c95d6fb6c04c} : DHCPNameServer = 82.163.143.171
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BtServer] "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-29 74544]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswvmm.sys [2016-1-29 287016]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-7-25 1455552]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-29 1065720]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswsp.sys [2016-1-29 463744]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-27 264224]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-29 37656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-29 107792]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-29 165344]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-2-7 237096]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [2015-9-16 125656]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-9-16 1385640]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-11 25800]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-2-18 608520]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-9-16 354936]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-7 223008]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-3-2 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-3-2 1135416]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2016-1-29 389896]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-9-16 307456]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-12-27 246472]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-1-15 245760]
R3 clwvd6;@oem20.inf,%clwvd.DeviceDesc% Service;CyberLink WebCam Virtual Driver 6.0 Service;C:\WINDOWS\System32\drivers\clwvd6.sys [2015-9-16 41704]
R3 dptf_cpu;dptf_cpu;C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-3-2 53752]
R3 dptf_pch;dptf_pch;C:\WINDOWS\System32\drivers\dptf_pch.sys [2016-3-2 50696]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 esif_lf;esif_lf;C:\WINDOWS\System32\drivers\esif_lf.sys [2016-3-2 261624]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-3-2 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-3-2 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-3-2 64216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-9-16 895256]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2015-8-6 602352]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-9-16 411712]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 4738672]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-12-27 44216]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2015-6-24 30384]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27 143144]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-29 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-7-17 472872]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2015-12-28 31800]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2015-7-13 33448]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-2 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-3-2 29696]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-03-02 10:54:41 609280 ----a-w- C:\WINDOWS\System32\MetroIntelGenericUIFramework.dll
2016-03-02 10:49:29 819880 ----a-w- C:\WINDOWS\System32\drivers\UMDF\esif_umdf2.dll
2016-03-02 10:49:29 53752 ----a-w- C:\WINDOWS\System32\drivers\dptf_cpu.sys
2016-03-02 10:49:29 50696 ----a-w- C:\WINDOWS\System32\drivers\dptf_pch.sys
2016-03-02 10:49:29 261624 ----a-w- C:\WINDOWS\System32\drivers\esif_lf.sys
2016-03-02 09:55:32 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-03-02 09:54:55 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-03-02 09:54:55 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-03-02 09:54:55 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-03-02 09:54:55 -------- d-----w- C:\ProgramData\Malwarebytes
2016-03-02 09:54:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-02 08:15:59 779384 ----a-w- C:\WINDOWS\System32\taskschd.dll
2016-02-21 11:24:00 -------- d-----w- C:\ProgramData\f9a5abd8-78a3-0
2016-02-21 11:19:42 -------- d-----w- C:\ProgramData\f9a5abd8-18f7-0
2016-02-21 11:19:40 -------- d-----w- C:\ProgramData\128613b
2016-02-21 11:19:38 -------- d-----w- C:\ProgramData\{193a96c1-412c-1}
2016-02-21 11:19:38 -------- d-----w- C:\ProgramData\{084e7819-312c-0}
2016-02-11 12:14:08 7835648 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-02-11 12:14:05 5662208 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-02-11 12:14:02 970752 ----a-w- C:\WINDOWS\System32\kerberos.dll
2016-02-11 12:14:02 792064 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2016-02-11 12:14:02 1387520 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2016-02-11 12:14:01 4502352 ----a-w- C:\WINDOWS\explorer.exe
2016-02-11 12:14:00 2606824 ----a-w- C:\WINDOWS\System32\combase.dll
2016-02-07 11:57:16 52184 ----a-w- C:\WINDOWS\avastSS.scr
.
==================== Find3M ====================
.
2016-03-05 09:15:18 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-02 11:04:55 18400 ----a-w- C:\WINDOWS\System32\drivers\rtkhdasetting.zip
2016-03-02 10:56:41 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-02 10:49:21 963232 ----a-w- C:\WINDOWS\System32\msvcr120.dll
2016-03-02 10:49:21 660128 ----a-w- C:\WINDOWS\System32\msvcp120.dll
2016-03-02 10:49:21 1385640 ----a-w- C:\WINDOWS\SysWow64\esif_uf.exe
2016-02-26 11:57:56 287016 ----a-w- C:\WINDOWS\System32\drivers\aswvmm.sys
2016-02-23 11:29:14 874968 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-02-23 11:29:14 1030416 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-02-23 11:27:25 7475040 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-02-23 11:27:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-02-23 11:27:19 1141504 ----a-w- C:\WINDOWS\System32\winload.exe
2016-02-23 11:27:14 2654872 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-23 11:25:45 1818696 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-02-23 11:25:43 563552 ----a-w- C:\WINDOWS\System32\drivers\acpi.sys
2016-02-23 11:25:40 2152288 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2016-02-23 11:23:53 713568 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-02-23 11:22:23 1173344 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-02-23 11:15:26 513888 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-02-23 11:09:52 1614176 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2016-02-23 11:08:17 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-02-23 10:34:32 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-02-23 10:34:27 1859960 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-02-23 10:33:46 389992 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-02-23 10:33:35 696160 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-02-23 10:32:59 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2016-02-23 10:32:37 8705672 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2016-02-23 10:32:10 2544264 ----a-w- C:\WINDOWS\System32\mfcore.dll
2016-02-23 10:32:06 498448 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-02-23 10:32:06 1152328 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2016-02-23 10:32:03 1062480 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2016-02-23 10:31:59 1017032 ----a-w- C:\WINDOWS\System32\mfsrcsnk.dll
2016-02-23 10:31:57 847656 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2016-02-23 10:31:55 476728 ----a-w- C:\WINDOWS\System32\msvproc.dll
2016-02-23 10:31:37 819648 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2016-02-23 10:31:19 536256 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2016-02-23 10:31:14 408120 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2016-02-23 10:22:50 572272 ----a-w- C:\WINDOWS\SysWow64\taskschd.dll
2016-02-23 10:21:10 6606568 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-02-23 10:17:36 146272 ----a-w- C:\WINDOWS\System32\drivers\appid.sys
2016-02-23 09:49:02 216416 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-02-23 09:45:57 2773096 ----a-w- C:\WINDOWS\System32\d3d11.dll
2016-02-23 09:45:24 259336 ----a-w- C:\WINDOWS\System32\sqmapi.dll
2016-02-23 09:45:19 1998176 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-02-23 09:45:17 576352 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-02-23 09:45:11 394080 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-02-23 09:44:11 640984 ----a-w- C:\WINDOWS\System32\wer.dll
2016-02-23 09:44:07 147808 ----a-w- C:\WINDOWS\System32\wermgr.exe
2016-02-23 09:40:28 430944 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2016-02-23 09:39:55 502112 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-02-23 09:38:56 709176 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2016-02-23 09:38:54 2180136 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2016-02-23 09:38:45 6952088 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2016-02-23 09:38:45 420928 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2016-02-23 09:38:24 450912 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-02-23 09:38:18 980352 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2016-02-23 09:38:14 882720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2016-02-23 09:38:10 895080 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2016-02-23 09:37:41 713824 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2016-02-23 09:32:32 791744 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-02-23 09:27:31 376536 ----a-w- C:\WINDOWS\System32\Windows.Media.MediaControl.dll
2016-02-23 09:26:51 5241984 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-02-23 09:25:27 534368 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-02-23 09:20:41 1139712 ----a-w- C:\WINDOWS\System32\XblGameSave.dll
2016-02-23 09:20:35 238592 ----a-w- C:\WINDOWS\System32\drivers\xboxgip.sys
2016-02-23 09:19:41 29696 ----a-w- C:\WINDOWS\System32\drivers\xinputhid.sys
2016-02-23 09:17:08 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-02-23 09:12:21 77824 ----a-w- C:\WINDOWS\System32\provpackageapidll.dll
2016-02-23 09:10:24 27648 ----a-w- C:\WINDOWS\System32\WiFiConfigSP.dll
2016-02-23 09:07:53 37376 ----a-w- C:\WINDOWS\System32\LaunchWinApp.exe
2016-02-23 09:07:17 26112 ----a-w- C:\WINDOWS\System32\wlansvcpal.dll
2016-02-23 09:06:49 129536 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2016-02-23 09:01:19 104960 ----a-w- C:\WINDOWS\System32\drivers\rasl2tp.sys
2016-02-23 09:00:28 48640 ----a-w- C:\WINDOWS\System32\wfdprov.dll
2016-02-23 09:00:11 69632 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-23 08:58:42 187744 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-02-23 08:58:35 69632 ----a-w- C:\WINDOWS\System32\wininetlui.dll
2016-02-23 08:58:15 25088 ----a-w- C:\WINDOWS\System32\irmon.dll
2016-02-23 08:58:03 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2016-02-23 08:57:59 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2016-02-23 08:56:01 2186864 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2016-02-23 08:55:55 114688 ----a-w- C:\WINDOWS\System32\drivers\bridge.sys
2016-02-23 08:55:40 221600 ----a-w- C:\WINDOWS\SysWow64\sqmapi.dll
2016-02-23 08:54:19 112640 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2016-02-23 08:54:10 539256 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2016-02-23 08:54:02 141664 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2016-02-23 08:53:16 99328 ----a-w- C:\WINDOWS\System32\ngckeyenum.dll
2016-02-23 08:53:06 115712 ----a-w- C:\WINDOWS\System32\srpapi.dll
2016-02-23 08:52:47 87040 ----a-w- C:\WINDOWS\System32\MDMAppInstaller.exe
2016-02-23 08:51:15 176640 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2016-02-23 08:50:11 159232 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-02-23 08:48:27 86528 ----a-w- C:\WINDOWS\System32\AppCapture.dll
2016-02-23 08:48:04 41984 ----a-w- C:\WINDOWS\System32\TimeBrokerClient.dll
2016-02-23 08:40:17 74240 ----a-w- C:\WINDOWS\System32\SMSRouter.dll
2016-02-23 08:39:34 178176 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2016-02-23 08:38:44 320000 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2016-02-23 08:38:02 287712 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
2016-02-23 08:37:50 204288 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2016-02-23 08:37:41 274944 ----a-w- C:\WINDOWS\System32\DisplayManager.dll
2016-02-23 08:37:09 617984 ----a-w- C:\WINDOWS\System32\StorSvc.dll
.
============= FINISH: 23:53:27.25 ===============

SECOND FILE:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 28/12/2015 4:42:15 PM
System Uptime: 2/03/2016 9:37:18 PM (74 hours ago)
.
Motherboard: HP | | 80C2
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz | U3E1 | 1500/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 839.025 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.378 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP10: 15/02/2016 4:30:11 PM - Installed Adobe Photoshop Elements 5.0
RP11: 2/03/2016 7:18:06 PM - Windows Update
RP12: 2/03/2016 7:20:25 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat Reader DC
Adobe Flash Player 20 NPAPI
Adobe Help Center 2.1
Adobe Photoshop Elements 5.0
Adobe Refresh Manager
Adobe Shockwave Player 12.2
AMD Catalyst Control Center
AMD Catalyst Install Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink PhotoDirector
CyberLink Power Media Player 14
CyberLink PowerDirector 12
CyberLink YouCam
DisableMSDefender
Dropbox
Dropbox 25 GB
Dropbox Update Helper
Energy Star
Evernote v. 5.8.6
HP Customer Experience Enhancements
HP Documentation
HP ePrint Windows Driver
HP Recovery Manager
HP Registration Service
HP Support Assistant
HP Support Solutions Framework
HP System Event Utility
HP Welcome
HP Wireless Button Driver
iCloud
InetStat
Intel(R) Chipset Device Software
Intel(R) Dynamic Platform and Thermal Framework
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel® Trusted Connect Service Client
iTunes
Malwarebytes Anti-Malware version 2.2.0.1024
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Mozilla Firefox 44.0.2 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 38.6.0 (x86 en-US)
OEM Application Profile
OpenOffice 4.1.2
PX Profile Update
REALTEK Bluetooth Driver
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
Revo Uninstaller Pro 3.1.5
swMSM
Synaptics Pointing Device Driver
VLC media player
.
==== Event Viewer Messages From Past Week ========
.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The User Data Storage_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The User Data Access_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The Sync Host_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The Contact Data_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-1Cool from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/03/2016 12:37:05 AM, Error: Service Control Manager [7031] - The Sync Host_966d3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:49:47 PM, Error: Microsoft-Windows-DriverFrameworks-UserMode [10101] - The driver package installation has failed. The final status was 0xE0000203.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The User Data Storage_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The User Data Access_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The Sync Host_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The Contact Data_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
1/03/2016 3:02:25 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Mon Mar 07, 2016 4:09 am    Post subject: Reply with quote

Hi and welcome to Spyware Warrior Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!
Note: If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.
Quote:
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start



Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.


Next.

I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.



Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 32 bit Systems

For 64 bit Systems
  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Logs/Information to Post in your Next Reply
  • AdwCleaner log.
  • FRST.txt and Addition.txt contents.

_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Tue Mar 08, 2016 1:34 am    Post subject: Reply with quote

Hi Cypher,
Thanks for your reply - let me know if I've done anything incorrectly here.
Cheers,
Denise

# AdwCleaner v5.101 - Logfile created 08/03/2016 at 20:19:50
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : DeniseC - DESKTOP-6G70OGJ
# Running from : C:\Users\DeniseC\Downloads\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\OneSystemCare
[-] Folder Deleted : C:\ProgramData\23a92780-10d5-0
[-] Folder Deleted : C:\ProgramData\23a92780-1f93-1

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : YCMServiceAgent

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\InetStat
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\au.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchquickknow-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\au.ask.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\searchquickknow-a.akamaihd.net
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\au.ask.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\searchquickknow-a.akamaihd.net

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3115 bytes] - [08/03/2016 20:19:50]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3116 bytes] - [08/03/2016 20:18:21]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3301 bytes] ##########
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Tue Mar 08, 2016 1:35 am    Post subject: Reply with quote

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by DeniseC (administrator) on DESKTOP-6G70OGJ (08-03-2016 20:29:47)
Running from C:\Users\DeniseC\Desktop
Loaded Profiles: DeniseC (Available Profiles: DeniseC)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.113_none_7689896a26389b16\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8781568 2016-03-02] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-12-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-18] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-26] (AVAST Software)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [67752 2006-12-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\RunOnce: [Uninstall C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-17] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{112b8621-f656-4301-b8d5-713a0d72ce76}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{6f189d75-dc47-4b4d-8c63-d1184b5c7a04}: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{970f3287-5c7b-4362-a2fb-c95d6fb6c04c}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-76950604-892644173-2988696240-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-76950604-892644173-2988696240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-76950604-892644173-2988696240-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-76950604-892644173-2988696240-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-76950604-892644173-2988696240-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-07] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-07] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-05-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)

FireFox:
========
FF ProfilePath: C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-03-07] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-03-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-19] (Adobe Systems Inc.)
FF Extension: Net Usage Item - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\extensions\{DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B}.xpi [2015-12-27]
FF Extension: YouTube™ Downloader Plus - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\Extensions\jid1-HfCj61J5q2gaGQ@jetpack.xpi [2015-12-28]
FF Extension: AdBlock for YouTube™ - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-02-26]
FF Extension: Capture & Print - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2015-12-28]
FF Extension: Adblock Plus - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-09]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-07] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2015-09-18] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-27] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-27] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2016-03-02] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-18] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354936 2016-03-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-03-02] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-12-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-26] (AVAST Software)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2016-03-02] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2016-03-02] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2016-03-02] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-30] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [602352 2015-08-11] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4738672 2015-12-28] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-12-27] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-24] (HP Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-08 20:29 - 2016-03-08 20:30 - 00020705 _____ C:\Users\DeniseC\Desktop\FRST.txt
2016-03-08 20:28 - 2016-03-08 20:29 - 00000000 ____D C:\FRST
2016-03-08 20:27 - 2016-03-08 20:28 - 02374144 _____ (Farbar) C:\Users\DeniseC\Desktop\FRST64.exe
2016-03-08 20:27 - 2016-03-08 20:27 - 00003400 _____ C:\Users\DeniseC\Desktop\AdwCleaner[C1].txt
2016-03-08 20:21 - 2016-03-08 20:21 - 00000000 ____D C:\WINDOWS\LastGood
2016-03-08 20:17 - 2016-03-08 20:19 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-08 20:16 - 2016-03-08 20:17 - 01524224 _____ C:\Users\DeniseC\Downloads\adwcleaner_5.101.exe
2016-03-08 20:13 - 2016-03-08 20:13 - 00002311 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-03-08 20:13 - 2016-03-08 20:13 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DESKTOP-6G70OGJ-Windows-10-Home-(64-bit).dat
2016-03-08 20:13 - 2016-03-08 20:13 - 00000000 ____D C:\RegBackup
2016-03-08 20:13 - 2016-03-08 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-03-08 20:13 - 2016-03-08 20:13 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-03-08 20:11 - 2016-03-08 20:13 - 00016401 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2016-03-08 20:11 - 2016-03-08 20:11 - 04777232 _____ (Tweaking.com) C:\Users\DeniseC\Downloads\tweaking.com_registry_backup_setup.exe
2016-03-05 23:56 - 2016-03-05 23:56 - 00007061 _____ C:\Users\DeniseC\Desktop\Attach1.txt
2016-03-05 23:55 - 2016-03-05 23:55 - 00034655 _____ C:\Users\DeniseC\Desktop\DDS1.txt
2016-03-05 23:53 - 2016-03-05 23:53 - 00034655 _____ C:\Users\DeniseC\Desktop\dds.txt
2016-03-05 23:53 - 2016-03-05 23:53 - 00007061 _____ C:\Users\DeniseC\Desktop\attach.txt
2016-03-05 23:51 - 2016-03-05 23:52 - 00688992 ____R (Swearware) C:\Users\DeniseC\Desktop\dds.scr
2016-03-02 22:14 - 2016-03-02 22:18 - 161379088 _____ (Microsoft Corporation) C:\Users\DeniseC\Downloads\msert.exe
2016-03-02 22:03 - 2016-03-02 22:02 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-03-02 22:03 - 2016-03-02 22:02 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-03-02 22:03 - 2016-03-02 22:02 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-03-02 22:03 - 2016-03-02 22:02 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-03-02 22:03 - 2016-03-02 22:02 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 27098280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 15186848 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 13454848 _____ (Intel Corporation) C:\WINDOWS\system32\ig8icd64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 13194328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 10195968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig8icd32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 05797102 _____ C:\WINDOWS\system32\igdclbif.bin
2016-03-02 21:54 - 2016-03-02 21:54 - 05668352 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 04621312 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 04412544 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 04260592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 04152832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 03952640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 02105832 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 01631520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 01559552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 01150464 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 01008248 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00944248 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00940664 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00826090 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2016-03-02 21:54 - 2016-03-02 21:54 - 00609280 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00604280 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00517752 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00448120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00421888 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00409976 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00408928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00384120 _____ C:\WINDOWS\system32\igfxTray.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00372736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00371200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00357904 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00355832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00332760 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00301056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00289936 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00274504 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-03-02 21:54 - 2016-03-02 21:54 - 00248832 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00238080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00218232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00213624 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00213112 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00207872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00201368 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00189440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4360.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00175616 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00156280 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-03-02 21:54 - 2016-03-02 21:54 - 00155648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00094208 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00083456 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00077824 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00066048 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00041296 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00040931 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00040343 _____ C:\WINDOWS\system32\iglhxo64.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00040316 _____ C:\WINDOWS\system32\iglhxc64.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00039798 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00039658 _____ C:\WINDOWS\system32\iglhxg64.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-03-02 21:54 - 2016-03-02 21:54 - 00004778 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-03-02 21:54 - 2016-03-02 21:54 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2016-03-02 21:50 - 2016-03-02 21:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2016-03-02 21:49 - 2016-03-02 21:49 - 00261624 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\esif_lf.sys
2016-03-02 21:49 - 2016-03-02 21:49 - 00053752 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_cpu.sys
2016-03-02 21:49 - 2016-03-02 21:49 - 00050696 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\dptf_pch.sys
2016-03-02 20:55 - 2016-03-08 20:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-02 20:54 - 2016-03-02 20:54 - 00001174 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-02 20:54 - 2016-03-02 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-02 20:54 - 2016-03-02 20:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-02 20:54 - 2016-03-02 20:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-02 20:54 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-02 20:54 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-02 20:54 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-02 20:53 - 2016-03-02 20:53 - 22908888 _____ (Malwarebytes ) C:\Users\DeniseC\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-02 19:16 - 2016-02-23 22:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 19:16 - 2016-02-23 22:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 19:16 - 2016-02-23 22:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-02 19:16 - 2016-02-23 22:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 19:16 - 2016-02-23 22:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 19:16 - 2016-02-23 22:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 19:16 - 2016-02-23 22:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 19:16 - 2016-02-23 22:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 19:16 - 2016-02-23 22:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-02 19:16 - 2016-02-23 22:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-02 19:16 - 2016-02-23 22:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-02 19:16 - 2016-02-23 22:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-02 19:16 - 2016-02-23 21:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 19:16 - 2016-02-23 21:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 19:16 - 2016-02-23 21:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 19:16 - 2016-02-23 21:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 19:16 - 2016-02-23 21:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 21:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-02 19:16 - 2016-02-23 21:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 19:16 - 2016-02-23 21:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 19:16 - 2016-02-23 21:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 19:16 - 2016-02-23 21:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 19:16 - 2016-02-23 21:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 19:16 - 2016-02-23 21:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 19:16 - 2016-02-23 21:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 19:16 - 2016-02-23 21:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-02 19:16 - 2016-02-23 20:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 19:16 - 2016-02-23 20:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-02 19:16 - 2016-02-23 20:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-02 19:16 - 2016-02-23 20:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-02 19:16 - 2016-02-23 20:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-02 19:16 - 2016-02-23 20:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-02 19:16 - 2016-02-23 20:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 19:16 - 2016-02-23 20:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 19:16 - 2016-02-23 20:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 19:16 - 2016-02-23 20:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 19:16 - 2016-02-23 20:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 19:16 - 2016-02-23 20:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 19:16 - 2016-02-23 20:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-02 19:16 - 2016-02-23 20:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 19:16 - 2016-02-23 20:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 19:16 - 2016-02-23 20:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 19:16 - 2016-02-23 19:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 19:16 - 2016-02-23 19:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 19:16 - 2016-02-23 19:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 19:16 - 2016-02-23 19:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-02 19:16 - 2016-02-23 19:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 19:16 - 2016-02-23 19:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 19:16 - 2016-02-23 19:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 19:16 - 2016-02-23 19:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 19:16 - 2016-02-23 19:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 19:16 - 2016-02-23 19:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-02 19:16 - 2016-02-23 19:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 19:16 - 2016-02-23 19:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 19:16 - 2016-02-23 19:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 19:16 - 2016-02-23 19:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 19:16 - 2016-02-23 19:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 19:16 - 2016-02-23 19:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 19:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 19:16 - 2016-02-23 19:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 19:16 - 2016-02-23 19:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 19:16 - 2016-02-23 19:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-02 19:16 - 2016-02-23 19:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 19:16 - 2016-02-23 19:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-02 19:16 - 2016-02-23 19:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 19:16 - 2016-02-23 19:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 19:16 - 2016-02-23 19:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-02 19:16 - 2016-02-23 19:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 19:16 - 2016-02-23 19:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 19:16 - 2016-02-23 19:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 19:16 - 2016-02-23 19:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-02 19:16 - 2016-02-23 19:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 19:16 - 2016-02-23 19:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 19:16 - 2016-02-23 19:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 19:16 - 2016-02-23 19:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 19:16 - 2016-02-23 19:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 19:16 - 2016-02-23 19:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 19:16 - 2016-02-23 18:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 19:16 - 2016-02-23 18:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 19:16 - 2016-02-23 18:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 19:16 - 2016-02-23 18:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-02 19:16 - 2016-02-23 18:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-02 19:16 - 2016-02-23 18:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 19:16 - 2016-02-23 18:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 19:16 - 2016-02-23 18:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 19:16 - 2016-02-23 18:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 19:16 - 2016-02-23 18:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 19:16 - 2016-02-23 18:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-02 19:16 - 2016-02-23 18:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-02 19:16 - 2016-02-23 18:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-02 19:16 - 2016-02-23 18:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 19:16 - 2016-02-23 18:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 19:16 - 2016-02-23 18:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-02 19:16 - 2016-02-23 18:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-02 19:16 - 2016-02-23 18:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-02 19:16 - 2016-02-23 18:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-02 19:16 - 2016-02-23 18:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 19:16 - 2016-02-23 18:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 19:16 - 2016-02-23 18:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 19:16 - 2016-02-23 18:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 19:16 - 2016-02-23 18:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 19:16 - 2016-02-23 18:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 19:16 - 2016-02-23 18:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 19:16 - 2016-02-23 18:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 19:16 - 2016-02-23 18:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 19:16 - 2016-02-23 17:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 19:16 - 2016-02-23 17:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 19:16 - 2016-02-23 17:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 19:16 - 2016-02-23 17:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 19:16 - 2016-02-23 17:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-02 19:16 - 2016-02-23 17:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 19:16 - 2016-02-23 17:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 19:16 - 2016-02-23 17:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 19:16 - 2016-02-23 17:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-02 19:16 - 2016-02-23 17:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 19:16 - 2016-02-23 17:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 19:16 - 2016-02-23 17:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 19:16 - 2016-02-23 17:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-02 19:16 - 2016-02-23 17:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 19:16 - 2016-02-23 17:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 19:16 - 2016-02-23 17:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-02 19:16 - 2016-02-23 17:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-02 19:16 - 2016-02-23 17:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 19:16 - 2016-02-23 17:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 19:16 - 2016-02-23 17:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 19:16 - 2016-02-23 17:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-02 19:16 - 2016-02-23 17:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 19:16 - 2016-02-23 17:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 19:16 - 2016-02-23 17:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 19:16 - 2016-02-23 17:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 19:16 - 2016-02-23 17:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-02 19:16 - 2016-02-09 15:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 19:16 - 2016-02-09 14:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 19:16 - 2016-02-09 14:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 19:16 - 2016-02-09 14:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 19:16 - 2016-02-09 14:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 19:16 - 2016-02-09 14:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 19:15 - 2016-02-23 22:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 19:15 - 2016-02-23 22:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 19:15 - 2016-02-23 22:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 19:15 - 2016-02-23 21:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 19:15 - 2016-02-23 21:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 19:15 - 2016-02-23 20:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-02 19:15 - 2016-02-23 20:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-02 19:15 - 2016-02-23 20:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-02 19:15 - 2016-02-23 20:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 19:15 - 2016-02-23 20:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 19:15 - 2016-02-23 20:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 19:15 - 2016-02-23 20:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 19:15 - 2016-02-23 20:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 19:15 - 2016-02-23 20:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 19:15 - 2016-02-23 20:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 19:15 - 2016-02-23 20:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 19:15 - 2016-02-23 20:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 19:15 - 2016-02-23 20:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 19:15 - 2016-02-23 20:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 19:15 - 2016-02-23 20:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 19:15 - 2016-02-23 19:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-02 19:15 - 2016-02-23 19:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 19:15 - 2016-02-23 19:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 19:15 - 2016-02-23 19:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 19:15 - 2016-02-23 19:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-02 19:15 - 2016-02-23 19:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-02 19:15 - 2016-02-23 19:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-03-02 19:15 - 2016-02-23 19:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 19:15 - 2016-02-23 19:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 19:15 - 2016-02-23 19:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 19:15 - 2016-02-23 19:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-03-02 19:15 - 2016-02-23 19:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 19:15 - 2016-02-23 19:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 19:15 - 2016-02-23 19:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 19:15 - 2016-02-23 19:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 19:15 - 2016-02-23 19:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 19:15 - 2016-02-23 19:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 19:15 - 2016-02-23 19:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 19:15 - 2016-02-23 19:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 19:15 - 2016-02-23 19:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 19:15 - 2016-02-23 19:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 19:15 - 2016-02-23 19:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 19:15 - 2016-02-23 19:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-02 19:15 - 2016-02-23 19:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-02 19:15 - 2016-02-23 19:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-02 19:15 - 2016-02-23 19:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 19:15 - 2016-02-23 19:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 19:15 - 2016-02-23 19:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-02 19:15 - 2016-02-23 19:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 19:15 - 2016-02-23 19:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 19:15 - 2016-02-23 19:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 19:15 - 2016-02-23 19:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 19:15 - 2016-02-23 19:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-02 19:15 - 2016-02-23 19:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-02 19:15 - 2016-02-23 19:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 19:15 - 2016-02-23 19:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 19:15 - 2016-02-23 19:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 19:15 - 2016-02-23 19:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 19:15 - 2016-02-23 19:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 19:15 - 2016-02-23 19:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 19:15 - 2016-02-23 18:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 19:15 - 2016-02-23 18:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 19:15 - 2016-02-23 18:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 19:15 - 2016-02-23 18:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 19:15 - 2016-02-23 18:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-02 19:15 - 2016-02-23 18:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 19:15 - 2016-02-23 18:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 19:15 - 2016-02-23 18:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 19:15 - 2016-02-23 18:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 19:15 - 2016-02-23 18:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-02 19:15 - 2016-02-23 18:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 19:15 - 2016-02-23 18:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 19:15 - 2016-02-23 18:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 19:15 - 2016-02-23 18:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 19:15 - 2016-02-23 18:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 19:15 - 2016-02-23 18:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 19:15 - 2016-02-23 18:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 19:15 - 2016-02-23 18:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 19:15 - 2016-02-23 18:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 19:15 - 2016-02-23 17:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 19:15 - 2016-02-09 15:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 19:15 - 2016-02-09 14:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 16:25 - 2016-03-01 16:25 - 00017265 _____ C:\Users\DeniseC\Documents\Tax 2013-14.ods
2016-03-01 16:25 - 2016-03-01 16:25 - 00000122 ____H C:\Users\DeniseC\Documents\.~lock.Tax 2013-14.ods#
2016-03-01 13:51 - 2016-03-01 13:51 - 00000000 ____D C:\Users\DeniseC\Documents\Dancing
2016-03-01 13:50 - 2016-03-01 19:33 - 00000000 ____D C:\Users\DeniseC\Documents\Tax
2016-03-01 13:50 - 2016-03-01 13:53 - 00000000 ____D C:\Users\DeniseC\Documents\Crimson G
2016-03-01 13:50 - 2016-03-01 13:51 - 00000000 ____D C:\Users\DeniseC\Documents\Lachlan
2016-02-21 22:24 - 2016-02-21 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-21 22:19 - 2016-03-02 21:35 - 00000000 ____D C:\ProgramData\128613b
2016-02-21 22:19 - 2016-02-21 22:19 - 00003882 _____ C:\WINDOWS\System32\Tasks\{335C3151-0B63-80E1-D8AB-A5F959F61E0A}
2016-02-15 16:33 - 2016-02-15 16:33 - 00002161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-15 16:32 - 2016-02-15 16:32 - 00001199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-15 16:32 - 2016-02-15 16:32 - 00001187 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 5.0.lnk
2016-02-15 16:30 - 2016-02-15 16:30 - 00000209 _____ C:\WINDOWS\ODBCINST.INI
2016-02-15 13:00 - 2016-03-02 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 23:14 - 2016-01-29 17:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-11 23:14 - 2016-01-27 16:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-11 23:14 - 2016-01-27 16:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-11 23:14 - 2016-01-27 15:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-11 23:14 - 2016-01-27 15:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-11 23:14 - 2016-01-27 15:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-11 23:14 - 2016-01-27 15:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-11 23:13 - 2016-01-29 17:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-11 23:13 - 2016-01-27 17:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-11 23:13 - 2016-01-27 17:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-11 23:13 - 2016-01-27 16:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-11 23:13 - 2016-01-27 16:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-11 23:13 - 2016-01-27 16:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-11 23:13 - 2016-01-27 16:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-11 23:13 - 2016-01-27 16:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-11 23:13 - 2016-01-27 16:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-11 23:13 - 2016-01-27 16:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-11 23:13 - 2016-01-27 16:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-11 23:13 - 2016-01-27 16:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-11 23:13 - 2016-01-27 16:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-11 23:13 - 2016-01-27 16:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-11 23:13 - 2016-01-27 16:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-11 23:13 - 2016-01-27 16:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysW
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Tue Mar 08, 2016 1:40 am    Post subject: Reply with quote

2016-02-11 23:13 - 2016-01-27 16:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-11 23:13 - 2016-01-27 16:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-11 23:13 - 2016-01-27 16:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-11 23:13 - 2016-01-27 16:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-11 23:13 - 2016-01-27 16:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-11 23:13 - 2016-01-27 16:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-11 23:13 - 2016-01-27 15:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-11 23:13 - 2016-01-27 15:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-11 23:13 - 2016-01-27 15:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-11 23:13 - 2016-01-27 15:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-11 23:13 - 2016-01-27 15:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-11 23:13 - 2016-01-27 15:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-08 14:30 - 2016-03-05 20:56 - 00003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDeniseC
2016-02-08 14:30 - 2016-03-05 20:56 - 00000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDeniseC.job
2016-02-08 00:31 - 2016-02-08 00:31 - 00014871 _____ C:\Users\DeniseC\Desktop\iTunes Library.itl
2016-02-07 22:57 - 2016-02-07 22:57 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-02-07 22:57 - 2016-02-07 22:57 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-08 20:28 - 2015-12-28 16:24 - 00972104 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-08 20:28 - 2015-10-30 18:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-08 20:23 - 2016-01-29 19:32 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-03-08 20:22 - 2015-12-28 16:21 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-08 20:22 - 2015-12-27 21:46 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-03-08 20:22 - 2015-12-27 21:09 - 00000000 __SHD C:\Users\DeniseC\IntelGraphicsProfiles
2016-03-08 20:21 - 2015-12-28 16:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-08 20:20 - 2016-01-12 14:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-08 20:20 - 2015-12-27 22:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-08 20:20 - 2015-10-30 17:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-08 20:00 - 2015-12-31 14:45 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-08 19:59 - 2015-10-30 18:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-08 19:59 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-08 19:54 - 2015-12-27 22:03 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{55038BD3-8553-44D4-8741-50ADD0D3B122}
2016-03-08 19:52 - 2015-12-27 21:11 - 00000000 ____D C:\Users\DeniseC\Documents\YouCam
2016-03-08 19:51 - 2015-12-27 21:46 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-03-07 21:38 - 2015-12-28 21:49 - 00000000 ____D C:\Users\DeniseC\AppData\Local\Adobe
2016-03-06 20:44 - 2015-12-27 21:49 - 00000000 ___RD C:\Users\DeniseC\Dropbox
2016-03-06 12:52 - 2015-12-27 21:46 - 00000000 ____D C:\Users\DeniseC\AppData\Local\Dropbox
2016-03-06 12:51 - 2016-01-05 12:18 - 00000000 ___RD C:\Users\DeniseC\iCloudDrive
2016-03-04 14:33 - 2015-12-28 16:25 - 00000000 ____D C:\Users\DeniseC
2016-03-04 13:18 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-04 12:22 - 2015-09-16 09:05 - 00016454 _____ C:\WINDOWS\system32\results.xml
2016-03-03 00:36 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-02 22:07 - 2015-09-16 08:55 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-02 22:07 - 2015-09-16 08:54 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-03-02 22:06 - 2015-09-16 09:01 - 00000000 ____D C:\ProgramData\Realtek
2016-03-02 22:06 - 2015-07-14 03:28 - 00000000 ____D C:\SWSetup
2016-03-02 22:05 - 2015-09-16 08:54 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-03-02 22:04 - 2015-12-28 16:21 - 00018400 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-03-02 22:04 - 2015-12-28 16:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-02 22:02 - 2015-09-16 08:54 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-03-02 22:02 - 2015-09-16 08:54 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-03-02 22:02 - 2015-09-16 08:54 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-03-02 22:02 - 2015-09-16 08:54 - 02826832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-03-02 22:02 - 2015-09-16 08:54 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-03-02 22:02 - 2015-09-16 08:54 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-03-02 22:02 - 2015-09-16 08:54 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-03-02 21:56 - 2015-12-28 16:21 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-02 21:54 - 2015-09-16 09:24 - 32130848 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 31213112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 25836536 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 13680976 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 11235256 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 07868880 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-03-02 21:54 - 2015-09-16 09:24 - 06457600 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 04941952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 02041856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 00733184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 00369664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-03-02 21:54 - 2015-09-16 09:24 - 00354936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-03-02 21:54 - 2015-09-16 09:24 - 00335992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-03-02 21:54 - 2015-09-16 09:24 - 00282744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-03-02 21:54 - 2015-09-16 09:24 - 00250488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-03-02 21:49 - 2015-12-28 16:19 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-02 21:49 - 2015-09-16 08:55 - 01385640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\esif_uf.exe
2016-03-02 21:49 - 2015-09-16 08:55 - 00963232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120.dll
2016-03-02 21:49 - 2015-09-16 08:55 - 00660128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120.dll
2016-03-02 21:48 - 2015-07-14 03:28 - 00000000 ___HD C:\SYSTEM.SAV
2016-03-02 21:39 - 2015-07-16 17:05 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-02 21:38 - 2015-12-28 16:16 - 00231728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-02 21:36 - 2015-10-30 20:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-02 21:36 - 2015-10-30 18:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-02 21:36 - 2015-10-30 17:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 21:36 - 2015-10-30 17:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-02 19:26 - 2015-10-30 18:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-01 14:02 - 2015-12-28 00:35 - 00000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-01 13:51 - 2015-12-27 21:09 - 00000000 ___HD C:\Users\DeniseC\Documents\hp.system.package.metadata
2016-02-26 22:58 - 2016-01-29 19:31 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-02-26 22:57 - 2016-01-29 19:31 - 00287016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-02-21 22:59 - 2015-12-28 21:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-21 22:24 - 2015-09-16 09:26 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-15 16:33 - 2015-12-28 21:54 - 00000000 ____D C:\ProgramData\Adobe
2016-02-15 16:33 - 2015-12-28 21:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-15 16:32 - 2015-12-27 21:10 - 00000000 ____D C:\Users\DeniseC\AppData\Roaming\Adobe
2016-02-12 18:51 - 2015-12-28 00:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-12 18:48 - 2015-12-28 00:02 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-11 22:43 - 2015-12-27 21:10 - 00000000 ____D C:\Users\DeniseC\AppData\Local\Packages
2016-02-08 14:30 - 2015-12-27 21:13 - 00000000 ____D C:\Users\DeniseC\AppData\Local\Hewlett-Packard
2016-02-08 14:10 - 2015-12-27 21:13 - 00002372 _____ C:\Users\DeniseC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-08 14:10 - 2015-12-27 21:13 - 00000000 ___RD C:\Users\DeniseC\OneDrive
2016-02-07 22:57 - 2016-01-29 19:31 - 01065720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-02-07 22:57 - 2016-01-29 19:31 - 00165344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-02-07 22:57 - 2016-01-29 19:31 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-02-07 22:57 - 2016-01-29 19:31 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-02-07 22:57 - 2016-01-29 19:31 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-02-07 22:57 - 2016-01-29 19:31 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

==================== Files in the root of some directories =======

2015-12-27 21:10 - 2016-03-08 20:22 - 0797923 _____ () C:\Users\DeniseC\AppData\Local\BTServer.log
2015-12-28 00:05 - 2014-04-17 09:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall344930.exe

Files to move or delete:
====================
C:\ProgramData\uninstall344930.exe


Some files in TEMP:
====================
C:\Users\DeniseC\AppData\Local\Temp\McCSPInstall.dll
C:\Users\DeniseC\AppData\Local\Temp\mccspuninstall.exe
C:\Users\DeniseC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-02 19:18

==================== End of FRST.txt ============================
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Tue Mar 08, 2016 1:41 am    Post subject: Reply with quote

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by DeniseC (2016-03-08 20:30:44)
Running from C:\Users\DeniseC\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-28 05:42:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-76950604-892644173-2988696240-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-76950604-892644173-2988696240-503 - Limited - Disabled)
DeniseC (S-1-5-21-76950604-892644173-2988696240-1001 - Administrator - Enabled) => C:\Users\DeniseC
Guest (S-1-5-21-76950604-892644173-2988696240-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{4AFDCB72-7B0C-07D0-A648-D19E41D27E2F}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 en-US)) (Version: 38.6.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.46 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.62 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.3.1 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-76950604-892644173-2988696240-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02FBD7E0-23B7-46F7-BA0C-71E1800C9CD6} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-20] ()
Task: {0D7A173B-B342-4EC6-8F38-ACBCEF313E80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {1D60F92A-9888-4458-8D5E-557E0E21DA6B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {2A76F14B-47C4-42C3-B237-DE4B6209430F} - System32\Tasks\{335C3151-0B63-80E1-D8AB-A5F959F61E0A} => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
Task: {327802DA-3C26-4765-A93A-908718713C66} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {43ACD467-FD98-4A90-9D33-82D9280E3F75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-09-28] (Hewlett-Packard Company)
Task: {4DC02EEE-3A87-4243-ADEF-17DF73A6EFEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {5E2066E3-EAFF-4FE4-978B-FB19F79525AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-12] (Microsoft Corporation)
Task: {5F0C2EF4-165B-4E33-9F26-E5EF551592DB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-07] (AVAST Software)
Task: {83CB3AC2-C700-455D-A1A4-E1049D63A1FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {9DB89EA7-7AD3-4AA6-9133-C2EF86DE786C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-07] (Adobe Systems Incorporated)
Task: {A1D623A8-26C3-42AC-B089-E1D332D00C1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {A653B1BE-133F-4034-A99F-E7372070D93D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {B892FF32-5CE2-46F0-B9F5-E6FD193139C4} - System32\Tasks\HPCeeScheduleForDeniseC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-17] (Hewlett-Packard)
Task: {C253FF73-2BC4-4B5B-A7E9-6992A23AE9E1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27] (Dropbox, Inc.)
Task: {E38EC26A-B9BD-4C68-B527-984878C5AFAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F47F8367-3B62-4BDE-AD71-5039853D7BB3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27] (Dropbox, Inc.)
Task: {FABBF7AE-40EA-4116-B8F6-4BBB6ECA67AB} - \{08080447-7D79-0D04-0511-090C0908110A} -> No File <==== ATTENTION
Task: {FF194C09-2C9B-42B2-9381-3D563A3DF3A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-02-18] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDeniseC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.booking.com/index.html?aid=398438&label=square
ShortcutWithArgument: C:\Users\Public\Desktop\Get Wi-Fi Offer.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=*&locale=*&pf=cnnb&s=iPass&tp=dticon

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 18:18 - 2015-10-30 18:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2006-12-22 07:31 - 2006-12-22 07:31 - 00108712 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2015-09-16 09:01 - 2015-09-18 16:27 - 00125656 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-29 20:04 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-03-02 19:16 - 2016-02-23 22:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 19:16 - 2016-02-23 22:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-29 11:10 - 2015-12-29 11:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 19:16 - 2016-02-23 19:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-15 15:12 - 2016-01-05 12:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-15 15:12 - 2016-01-05 12:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-29 13:40 - 2016-01-16 16:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-29 13:41 - 2016-01-16 16:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-07 22:57 - 2016-02-07 22:57 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-07 22:57 - 2016-02-07 22:57 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-07 19:45 - 2016-03-07 19:45 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030601\algo.dll
2016-02-07 22:57 - 2016-02-07 22:57 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-08 20:23 - 2016-03-08 20:23 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030701\algo.dll
2015-12-17 18:39 - 2015-12-17 18:39 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-12-17 18:39 - 2015-12-17 18:39 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-29 19:31 - 2016-01-29 19:31 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 22:04 - 2015-07-10 22:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-76950604-892644173-2988696240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe Photo Downloader"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-76950604-892644173-2988696240-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{02FD2E85-94F3-4702-A10E-569C7A150BB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5553C604-38D8-4779-8F83-651D1CA95078}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2AEBC16C-F0CB-42ED-83D7-AA76C5777AF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CB99574C-E76D-4F88-84DE-B01D1041ED1B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52828CFD-CD74-45C9-88AF-4CB40C7561F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC224436-3A29-4440-9D8C-B331925E17E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3EE09B4E-98A3-445C-9540-1F5FA53A4E29}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{06DD687E-041E-419C-9F45-633F4C80732D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{D986F84A-8B54-4C28-B08E-4095BF3E6665}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{E47CA32F-6F84-4397-9515-DD8BF03E898A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{986F8ECC-41F0-4D72-AE95-7BFBC464DAA8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{4A468CAC-A67F-4886-9B22-0E60C6FE5A7C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{7B5FE80D-7A03-48BD-84C6-D6E5A12A927A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{A7776C96-7AA2-4DF4-820C-0D2904DC9F5A}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{F8733ACB-4DA7-4C37-A1AB-B714210FCB1B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

15-02-2016 16:30:11 Installed Adobe Photoshop Elements 5.0
02-03-2016 19:18:06 Windows Update
02-03-2016 19:20:25 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2016 08:13:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/08/2016 07:55:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.10586.11, time stamp: 0x56457cb1
Faulting module name: OneBackupHandler.dll, version: 10.0.10586.0, time stamp: 0x5632d634
Exception code: 0xc0000005
Fault offset: 0x00000000000211df
Faulting process id: 0x292c
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report Id: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5

Error: (03/07/2016 05:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1187

Error: (03/07/2016 05:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1187

Error: (03/07/2016 05:27:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/07/2016 04:18:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (03/07/2016 04:18:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (03/07/2016 04:18:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/07/2016 03:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1188

Error: (03/07/2016 03:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1188


System errors:
=============
Error: (03/08/2016 08:20:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll

Error: (03/08/2016 08:20:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll

Error: (03/08/2016 08:20:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll

Error: (03/08/2016 08:20:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3518201 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/08/2016 08:20:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/08/2016 08:19:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).

Error: (03/08/2016 08:19:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/08/2016 08:19:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).

Error: (03/08/2016 08:19:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BTDevManager service terminated unexpectedly. It has done this 1 time(s).

Error: (03/08/2016 08:19:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ESIF Upper Framework Service service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
Date: 2016-03-04 13:26:12.334
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-02 21:39:17.495
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-02 19:21:01.402
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-21 22:18:50.424
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-15 18:48:37.774
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-31 19:09:34.135
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-24 02:06:44.439
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-15 15:03:09.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-12 14:09:56.737
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-01-05 12:22:23.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 28%
Total physical RAM: 8107.39 MB
Available physical RAM: 5797.84 MB
Total Virtual: 9387.39 MB
Available Virtual: 6994.11 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:909.6 GB) (Free:838.02 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.72 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7D6D503)

Partition: GPT.

==================== End of Addition.txt ============================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Tue Mar 08, 2016 4:55 am    Post subject: Reply with quote

Hi Denise,
Quote:
Thanks for your reply

You're welcome.
Quote:
I have a fairly new computer and have in the last week or two run into Firefox pop-ups appearing

Is Firefox the only browser you're having problems with?
Before we go further lets reset FireFox and see if it solves the problem, do the following then give me an update.
  • In the FireFiox browser click Help > Troubleshooting information.
  • If you're unable to access the Help menu, type about:support in your address bar, then hit Enter.
  • This will bring up the Troubleshooting Information page.
  • Now click on Refresh FireFox, in the confirmation window that opens.
  • Firefox will close and be reset. When it's done, a window will list the information that was imported.
  • Click Finish and Firefox will open.

_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Tue Mar 08, 2016 7:52 pm    Post subject: Reply with quote

To be honest, I only ever use Firefox, so hadn't checked any other browsers.

Refreshing does seem to have gotten rid of the malware messages popping up with every new tab!

I must have missed the list of what was imported though. Does that matter?

It has reopened with three tabs - restore session, Firefox + Windows 10 - perfect together and Mozilla Firefox Start page.
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Wed Mar 09, 2016 7:38 am    Post subject: Reply with quote

Quote:
To be honest, I only ever use Firefox, so hadn't checked any other browsers.

Some infections can infect one browser or all them, please check your other browsers for problems.
Quote:
Refreshing does seem to have gotten rid of the malware messages popping up with every new tab!

That's good to hear, i need you to run another scan for me.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
    Quote:
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • When prompted allow the Add-On/Active X to install.
  • Click on Run ESET Online Scanner, then elect the option YES, I accept the Terms of Use, then click Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Wed Mar 09, 2016 8:29 pm    Post subject: Reply with quote

Sorry, forgot to say that I checked another browser after you asked if it was only Firefox and I didn't get the pop-up windows, but that was after the refresh.

OK, logfile:

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=16d7cae7a3195949af68860d8a1647c5
# end=init
# utc_time=2016-03-10 02:28:54
# local_time=2016-03-10 01:28:54 (+1000, AUS Eastern Daylight Time)
# country="Australia"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28506
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=16d7cae7a3195949af68860d8a1647c5
# end=updated
# utc_time=2016-03-10 02:36:11
# local_time=2016-03-10 01:36:11 (+1000, AUS Eastern Daylight Time)
# country="Australia"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=16d7cae7a3195949af68860d8a1647c5
# engine=28506
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-03-10 03:51:51
# local_time=2016-03-10 02:51:51 (+1000, AUS Eastern Daylight Time)
# country="Australia"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 100 98 0 2735772 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10550948 10557254 0 0
# scanned=239207
# found=0
# cleaned=0
# scan_time=4540
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Thu Mar 10, 2016 3:02 am    Post subject: Reply with quote

Hi Denise,
The last scan you ran looks good, how is the computer running now any problems?
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Thu Mar 10, 2016 3:32 am    Post subject: Reply with quote

Seems all good to me!

Thanks so much for your help - I really appreciate it and will be sure to make a donation to the site.

Is there anything else I need to do now?
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Sat Mar 12, 2016 3:28 am    Post subject: Reply with quote

Hi,
Sorry for the delay in getting back to you, i didn't get email notification for your reply.
Quote:
Thanks so much for your help - I really appreciate it and will be sure to make a donation to the site.

You're most welcome, and thank you for the donation it's much appreciated.
Quote:
Seems all good to me!
Is there anything else I need to do now?

Excellent.
You computer appears to be clean now so you should be good to go.
Lets tidy up and remove the tools we used to clean your computer.

Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check the following boxes then click on Run.

    • Remove disinfection tools

  • All tools we used to clean your computer should be gone now.
  • You can now delete any tools/logs we used if they remain on your computer.

Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.

I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing!
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Mon Mar 14, 2016 4:11 am    Post subject: Reply with quote

Quote:
As your Malware issues appear to be resolved, this topic is now closed.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group