Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Installed MBAntiRansomware - Now i am getting all sorts of ransomware warnings


  • This topic is locked This topic is locked
1 reply to this topic

#1 jacreyes

jacreyes

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:17 PM

Posted 28 January 2016 - 01:09 AM

Hi, I installed the beta version of malwarebytes anti Ransomware yesterday and after installation it asked me to reboot my machine.

 

I am on Asus k55vj - windows 10.

After reboot, i got a notification that chrome has been detected infected with ransomware activity. It asked me to reboot again to finish the cleanup.

After i did, i cannot sign in on my user.. I was taken to a temp user profile. I tried to use the "startup repair" of windows 10. It finished without any errors found.

I just turned machine off...

 

Today, I booted into my old user profile, it let me in. BUt then MB anti ransomware gave another alert that software distribution is infected. Had e restart. After, firefox and edge are acting funny as it opens a new window when i click on them,

 

I have been reading this forum for quite some time so i already ran frst and heres the result of the scan. Can someone let me know how to interpret the scan logs and the next steps please... appreciate it,

 

Just scanned a few mins ago.

 

Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by JacJefferson (administrator) on ZERO-DAY (28-01-2016 01:05:27)
Running from D:\Downloads
Loaded Profiles: JacJefferson (Available Profiles: UpdatusUser & JacJefferson)
Platform: Windows 10 Home (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-08] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01272016232201798\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50622080 2016-01-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [Spotify Web Helper] => C:\Users\JacJefferson\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-22] (Spotify Ltd)
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\Run: [uTorrent] => /MINIMIZED
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [Uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\...\RunOnce: [Uninstall C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JacJefferson\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [] => 0
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [153208 2015-12-16] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-01-27]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13042e69-6434-4e3a-a8b1-e19c3b79894c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac77a4aa-d0f2-428f-a30a-3fbdfa98cd6f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SK2M_FRPage
HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-15] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1844098555-2217923043-3675393532-1002 -> hxxp://www.yandex.ru/?win=212&clid=2100767-002

FireFox:
========
FF ProfilePath: C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206
FF SelectedSearchEngine: Яндекс
FF Session Restore: -> is enabled.
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "71.205.115.155"
FF NetworkProxy: "socks_port", 65535
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: Lightbeam - C:\Users\JacJefferson\AppData\Roaming\Mozilla\Firefox\Profiles\xqvcojme.default-1436817673206\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-12-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> "hxxps://inbox.google.com/?pli=1","hxxps://accounts.google.com/Login","hxxp://moz.com/","hxxp://semrush.com/","hxxp://buzzsumo.com/","hxxp://drive.google.com/","hxxp://www.windowsxlive.net/","hxxp://www.google.com"
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-19]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (oscraper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoedkafpknpijecolafolipaidgjcoo [2016-01-20]
CHR Extension: (Genius Web Annotator) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2016-01-20]
CHR Extension: (OneTab) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-01-27]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (BuiltWith Technology Profiler) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dapjbgnjinbpoindlpdmhochffioedbn [2016-01-20]
CHR Extension: (High Contrast) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-01-20]
CHR Extension: (MozBar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2016-01-24]
CHR Extension: (Gmail Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2016-01-20]
CHR Extension: (Google Calendar) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-20]
CHR Extension: (Blur) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2016-01-20]
CHR Extension: (Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffccoaooonomblpmkaidfhphgjgkimod [2016-01-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-19]
CHR Extension: (Vysor (Beta)) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-01-20]
CHR Extension: (UX Check) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\giekhiebdpmljgchjojblnekkcgpdobp [2016-01-20]
CHR Extension: (AdBlock) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hffokgiicnnkgaodkpofkcgpdmkdpebj [2016-01-20]
CHR Extension: (Similar Sites Pro) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl [2016-01-24]
CHR Extension: (SimilarWeb - Site Traffic Sources and Ranking) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2016-01-20]
CHR Extension: (Ubersuggest CPC & Search Volume Enhancer) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\hopggcicaffnjomhjjpogcelclkbnigp [2016-01-20]
CHR Extension: (META SEO inspector) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef [2016-01-20]
CHR Extension: (JacReyes.com) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2016-01-20]
CHR Extension: (SimpleExtManager) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2016-01-20]
CHR Extension: (Momentum) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-01-23]
CHR Extension: (Evernote Web) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2016-01-20]
CHR Extension: (Wordtracker Scout) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkalodfoplipapmeogaehmiabdhhjapb [2016-01-20]
CHR Extension: (SEO Peek) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkkpfhgjmocgneajknedjhodkjkkclod [2016-01-20]
CHR Extension: (Asana) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2016-01-20]
CHR Extension: (Moqups · Mockups, Wireframes & Prototyping) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbhphohgafllkjnakmdppmmkjfbnke [2016-01-20]
CHR Extension: (GTM DevTools Sidebar Panes) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpchkkljkimifenglmblhnklbngejfh [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-19]
CHR Extension: (Evernote Web Clipper) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-19]
CHR Extension: (Inbox by Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl [2016-01-20]
CHR Profile: C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-20]
CHR Extension: (Google Docs) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-20]
CHR Extension: (Google Drive) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-20]
CHR Extension: (YouTube) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-20]
CHR Extension: (Google Search) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Советник Яндекс.Маркета) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdjdjkkjoiomafnihnobkinnfjnnlhdg [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-20]
CHR Extension: (Avira Browser Safety) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Skype) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-20]
CHR Extension: (Яндекс) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2016-01-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-20]
CHR Extension: (Gmail) - C:\Users\JacJefferson\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1844098555-2217923043-3675393532-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-07] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-06] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7152128 2015-05-28] (SecureMix LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-07] (Lenovo)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [3124536 2016-01-25] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-04] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2015-11-17] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-07] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-27] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-16] (Avira Operations GmbH & Co. KG)
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 farflt; C:\WINDOWS\system32\drivers\farflt.sys [53464 2016-01-27] (Malwarebytes)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [51712 2009-09-08] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-04] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [217328 2016-01-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185600 2015-10-08] (Intel Corporation)
S3 necbatt; C:\Windows\System32\drivers\necbatt.sys [28512 2015-09-27] (NEC Personal Computers, Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901cn; C:\Windows\System32\drivers\tap0901cn.sys [39616 2014-12-29] (Connectify)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-09-27] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 digitalpower; \SystemRoot\system32\drivers\digitalpower.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 01:05 - 2016-01-28 01:05 - 00000000 ____D C:\FRST
2016-01-28 01:04 - 2016-01-28 01:03 - 02370560 _____ (Farbar) C:\Users\JacJefferson\Desktop\FRST64.exe
2016-01-28 00:46 - 2016-01-28 00:46 - 00016148 _____ C:\WINDOWS\system32\ZERO-DAY_JacJefferson_HistoryPrediction.bin
2016-01-27 07:54 - 2016-01-27 07:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-01-27 07:52 - 2016-01-27 07:52 - 00231814 _____ C:\WINDOWS\ntbtlog.txt
2016-01-27 05:47 - 2016-01-27 07:51 - 00000000 ____D C:\Users\TEMP
2016-01-27 05:47 - 2016-01-27 05:47 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-01-27 05:02 - 2016-01-27 05:02 - 00000847 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-01-27 05:02 - 2016-01-27 05:02 - 00000000 ____D C:\Program Files\Speccy
2016-01-27 03:24 - 2016-01-27 03:24 - 00325432 _____ C:\WINDOWS\Minidump\012716-31234-01.dmp
2016-01-27 03:14 - 2016-01-27 03:14 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\NVIDIA
2016-01-27 03:09 - 2016-01-27 23:22 - 00053464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-01-27 03:09 - 2016-01-27 03:09 - 00001956 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Ransomware.lnk
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-01-27 03:09 - 2016-01-27 03:09 - 00000000 ____D C:\Program Files\Malwarebytes
2016-01-27 03:06 - 2016-01-27 03:06 - 00000000 ___HD C:\$Windows.~BT
2016-01-27 03:05 - 2016-01-27 03:30 - 00000000 ___HD C:\$SysReset
2016-01-27 01:15 - 2016-01-27 01:15 - 00001249 _____ C:\Users\Public\Desktop\Intel® Driver Update Utility 2.4.lnk
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-01-27 01:15 - 2016-01-27 01:15 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-01-26 23:58 - 2016-01-26 23:58 - 00309648 _____ C:\WINDOWS\Minidump\012616-35296-01.dmp
2016-01-26 23:53 - 2016-01-27 03:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 23:53 - 2016-01-26 23:53 - 00328424 _____ C:\WINDOWS\Minidump\012616-27750-01.dmp
2016-01-26 23:52 - 2016-01-27 03:24 - 661340051 _____ C:\WINDOWS\MEMORY.DMP
2016-01-26 23:50 - 2016-01-26 23:50 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-01-26 05:37 - 2016-01-26 05:37 - 00000218 _____ C:\Users\JacJefferson\.recently-used.xbel
2016-01-25 05:34 - 2016-01-25 05:50 - 00001651 _____ C:\Users\JacJefferson\Desktop\UnionJac Experience Mail.lnk
2016-01-25 05:32 - 2016-01-25 05:32 - 00002613 _____ C:\Users\JacJefferson\Desktop\Reyes.Jac08.lnk
2016-01-24 13:44 - 2016-01-24 13:47 - 00000000 ____D C:\AdwCleaner
2016-01-22 12:15 - 2016-01-23 00:39 - 00000000 ____D C:\Users\JacJefferson\Desktop\mbar
2016-01-22 08:51 - 2016-01-22 09:34 - 00000000 ____D C:\Users\JacJefferson\AppData\LocalLow\uTorrent
2016-01-20 06:12 - 2016-01-20 06:12 - 00002460 _____ C:\Users\JacJefferson\Desktop\Main - Jac Reyes - Chrome.lnk
2016-01-20 06:09 - 2016-01-27 05:39 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-01-20 06:04 - 2016-01-20 06:04 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-20 02:48 - 2016-01-20 02:49 - 00000000 ____D C:\Program Files\Defraggler
2016-01-20 02:48 - 2016-01-20 02:48 - 00001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-20 02:48 - 2016-01-20 02:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-19 07:52 - 2016-01-19 07:52 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00001230 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:52 - 2016-01-19 07:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-19 07:36 - 2016-01-19 07:36 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ZERO-DAY-Windows-10-Home-(64-bit).dat
2016-01-19 07:36 - 2016-01-19 07:36 - 00000000 ____D C:\RegBackup
2016-01-19 03:55 - 2016-01-19 07:51 - 00002346 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-19 03:55 - 2016-01-19 03:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-01-18 11:02 - 2016-01-18 11:02 - 00000000 ____D C:\WINDOWS\system32\NV
2016-01-18 09:55 - 2008-04-15 07:00 - 01355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00935632 _____ (Microsoft Corporation) C:\WINDOWS\system\Vb40016.dll
2016-01-18 09:55 - 1996-01-11 19:00 - 00722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb40032.dll
2016-01-18 09:55 - 1993-05-11 12:00 - 00398416 _____ (Microsoft Corporation) C:\WINDOWS\system\Vbrun300.dll
2016-01-18 09:55 - 1992-10-20 17:00 - 00356992 _____ (Microsoft Corporation) C:\WINDOWS\system\vbrun200.dll
2016-01-18 09:55 - 1991-05-09 18:00 - 00271264 _____ C:\WINDOWS\system\vbrun100.dll
2016-01-18 09:54 - 2014-09-10 11:14 - 00163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 01070232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00660120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00444328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MShflxgd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00416408 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00279192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00259736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00222360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00219288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00218776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00212112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00179352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00131728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00130712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2016-01-18 09:54 - 2013-11-25 08:27 - 00127640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00119960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00108696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTKPRP.DLL
2016-01-18 09:54 - 2013-11-25 08:27 - 00104088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2016-01-18 09:54 - 2013-11-25 08:27 - 00084624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2016-01-18 09:54 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2016-01-18 09:54 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ITA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ESP.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71ENU.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71KOR.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71JPN.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHT.DLL
2016-01-18 09:54 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71CHS.DLL
2016-01-18 09:54 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2016-01-18 09:54 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2016-01-18 09:54 - 2007-01-30 11:04 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2016-01-18 09:54 - 2006-08-25 15:28 - 01017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2016-01-18 09:54 - 2006-08-25 15:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2016-01-18 09:54 - 2006-08-25 15:07 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2016-01-18 09:54 - 2006-08-25 14:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2016-01-18 09:54 - 2006-04-10 15:41 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL32.OCX
2016-01-18 09:54 - 2005-01-20 10:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2016-01-18 09:54 - 2002-01-04 20:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP70.DLL
2016-01-18 09:54 - 1994-11-17 16:00 - 00210944 _____ C:\WINDOWS\SysWOW64\msvcrt10.dll
2016-01-18 09:49 - 2016-01-27 04:49 - 00000444 _____ C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job
2016-01-18 09:47 - 2016-01-18 10:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DriverPack Notifier
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс
2016-01-18 09:45 - 2016-01-18 10:35 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Package Cache
2016-01-18 09:44 - 2016-01-18 09:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Chromium
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Opera Software
2016-01-18 09:39 - 2016-01-18 10:22 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Opera Software
2016-01-18 09:25 - 2016-01-18 09:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-01-18 08:57 - 2016-01-18 09:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-18 08:57 - 2015-12-17 22:49 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-01-18 08:57 - 2015-12-16 06:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-01-18 08:57 - 2015-12-16 06:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 04498889 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-18 08:51 - 2015-12-17 20:48 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 03152591 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2016-01-18 08:51 - 2015-12-17 20:48 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-18 08:51 - 2015-12-17 20:48 - 02693360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02110592 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01928624 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01356504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01286160 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 01008360 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00933640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00716104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00596128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2016-01-18 08:51 - 2015-12-17 20:48 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00448584 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00224264 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00172576 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00158696 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-01-18 08:51 - 2015-12-17 20:48 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 14057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 13120760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 12986520 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 10521552 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05776680 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05338936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 05289944 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 03282024 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02823280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02437144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01421104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01211832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01186160 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01164336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00998032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00952984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00618184 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00369304 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00340648 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-18 08:50 - 2015-12-17 20:48 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01155992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00229656 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00194360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2016-01-18 08:46 - 2015-10-14 12:47 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 11896096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 03675560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00467696 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-01-18 08:46 - 2015-10-14 12:46 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00250360 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-01-18 08:46 - 2015-10-14 12:37 - 00202232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-01-18 08:46 - 2015-10-14 12:35 - 00617976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00382384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00379904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00290216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-01-18 08:46 - 2015-10-14 12:34 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2016-01-18 08:46 - 2015-10-14 12:34 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 02035712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 01766912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00264192 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-01-18 08:46 - 2015-10-14 12:33 - 00204720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-01-18 08:46 - 2015-10-14 12:33 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00095232 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00068096 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00039416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019456 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00019448 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00018936 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-01-18 08:46 - 2015-10-14 12:33 - 00013816 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 08522240 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 06509056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00232952 _____ C:\WINDOWS\system32\igdde64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00171000 _____ C:\WINDOWS\system32\igdail64.dll
2016-01-18 08:46 - 2015-10-14 12:32 - 00152568 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2016-01-18 08:46 - 2015-10-14 12:31 - 04374440 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00969128 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00555432 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00554920 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409512 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00409008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00165800 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-01-18 08:46 - 2015-10-14 12:31 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2016-01-18 08:46 - 2015-10-14 12:28 - 04378024 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-01-18 08:46 - 2015-10-14 09:34 - 00191028 __RSH C:\WINDOWS\system32\resTHA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00183668 __RSH C:\WINDOWS\system32\resELL.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00179444 __RSH C:\WINDOWS\system32\resRUS.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00165188 __RSH C:\WINDOWS\system32\resARA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164660 __RSH C:\WINDOWS\system32\resHEB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00164644 __RSH C:\WINDOWS\system32\resJPN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160020 __RSH C:\WINDOWS\system32\resHUN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00160004 __RSH C:\WINDOWS\system32\resFRA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158260 __RSH C:\WINDOWS\system32\resKOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158180 __RSH C:\WINDOWS\system32\resDEU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00158164 __RSH C:\WINDOWS\system32\resITA.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157988 __RSH C:\WINDOWS\system32\resROM.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157876 __RSH C:\WINDOWS\system32\resESN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157428 __RSH C:\WINDOWS\system32\resPLK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157332 __RSH C:\WINDOWS\system32\resSKY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00157140 __RSH C:\WINDOWS\system32\resNLD.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156532 __RSH C:\WINDOWS\system32\resPTB.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156436 __RSH C:\WINDOWS\system32\resTRK.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156372 __RSH C:\WINDOWS\system32\resCSY.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00156244 __RSH C:\WINDOWS\system32\resPTG.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155796 __RSH C:\WINDOWS\system32\resFIN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00155396 __RSH C:\WINDOWS\system32\resHRV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154932 __RSH C:\WINDOWS\system32\resSVE.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00154820 __RSH C:\WINDOWS\system32\resSLV.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153828 __RSH C:\WINDOWS\system32\resNOR.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00153332 __RSH C:\WINDOWS\system32\resDAN.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00151988 __RSH C:\WINDOWS\system32\resENU.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00150228 __RSH C:\WINDOWS\system32\resCHT.cui
2016-01-18 08:46 - 2015-10-14 09:34 - 00149364 __RSH C:\WINDOWS\system32\resCHS.cui
2016-01-18 08:46 - 2015-10-14 09:33 - 00002582 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-01-18 08:28 - 2015-10-08 09:16 - 00185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-18 08:27 - 2015-11-19 00:16 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-18 08:25 - 2015-07-10 10:46 - 00053024 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcmsmbsp.sys
2016-01-18 08:24 - 2015-11-18 11:11 - 00245432 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2016-01-18 08:24 - 2015-11-18 11:11 - 00072392 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll.muien-US
2016-01-18 08:24 - 2015-11-18 11:11 - 00046908 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2016-01-18 08:24 - 2015-11-18 11:11 - 00041996 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2016-01-18 08:24 - 2015-09-24 13:08 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-01-18 08:24 - 2009-09-08 23:23 - 00051712 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\flashud.sys
2016-01-18 08:23 - 2016-01-18 10:27 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\DRPSu
2016-01-17 21:44 - 2016-01-17 21:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-13 01:28 - 2016-01-18 12:43 - 00000000 ____D C:\SUPERDelete
2016-01-13 01:17 - 2016-01-13 01:17 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-23 00:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-13 01:16 - 2016-01-13 01:16 - 00001859 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-13 01:16 - 2016-01-13 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-12 17:09 - 2016-01-04 22:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 22:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 22:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 22:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 22:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 17:09 - 2016-01-04 21:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 17:09 - 2016-01-04 21:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 17:09 - 2016-01-04 21:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 17:09 - 2016-01-04 21:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 17:09 - 2016-01-04 21:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 21:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 17:09 - 2016-01-04 21:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 17:09 - 2016-01-04 21:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 17:09 - 2016-01-04 21:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 17:09 - 2016-01-04 21:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 17:09 - 2016-01-04 20:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 17:09 - 2016-01-04 20:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 17:09 - 2016-01-04 20:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 17:09 - 2016-01-04 20:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 17:09 - 2016-01-04 20:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 17:09 - 2016-01-04 20:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 17:08 - 2016-01-04 22:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 17:08 - 2016-01-04 22:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 17:08 - 2016-01-04 22:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 22:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 22:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 17:08 - 2016-01-04 21:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 17:08 - 2016-01-04 21:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 17:08 - 2016-01-04 21:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 17:08 - 2016-01-04 21:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 17:08 - 2016-01-04 21:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 17:08 - 2016-01-04 21:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 21:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 21:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 21:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 17:08 - 2016-01-04 21:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 17:08 - 2016-01-04 21:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 17:08 - 2016-01-04 21:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 17:08 - 2016-01-04 21:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 21:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 17:08 - 2016-01-04 21:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 17:08 - 2016-01-04 20:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 17:08 - 2016-01-04 20:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 17:08 - 2016-01-04 20:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 17:08 - 2016-01-04 20:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 17:08 - 2016-01-04 20:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 17:08 - 2016-01-04 20:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 17:08 - 2016-01-04 20:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 17:08 - 2016-01-04 20:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 17:08 - 2016-01-04 20:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 17:08 - 2016-01-04 20:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 17:08 - 2016-01-04 20:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 17:08 - 2016-01-04 20:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 17:08 - 2016-01-04 20:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 05:09 - 2016-01-10 05:09 - 00000000 ___HD C:\WINDOWS\AxInstSV
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-01-10 03:57 - 2016-01-10 03:57 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-01-10 03:56 - 2016-01-10 03:56 - 00001287 _____ C:\Users\Public\Desktop\SHAREit.lnk
2016-01-10 03:56 - 2016-01-10 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-01-08 05:46 - 2016-01-08 05:46 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:37 - 2016-01-08 05:37 - 00000000 ____D C:\ProgramData\IntelDLM
2016-01-07 15:18 - 2016-01-07 15:18 - 00004540 _____ C:\Users\JacJefferson\Desktop\NVIDIA System Information 01-08-2016 04-18-07.txt
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\CyberLink
2016-01-07 15:05 - 2016-01-07 15:05 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Power2Go
2016-01-07 15:00 - 2016-01-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2016-01-07 14:57 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\CyberLink
2016-01-07 14:44 - 2016-01-07 14:44 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\ASUS
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2016-01-07 14:41 - 2016-01-08 08:23 - 00000000 ____D C:\Program Files\Asus Drivers Download Utility
2016-01-05 00:15 - 2016-01-05 00:15 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Lenovo
2016-01-05 00:14 - 2016-01-05 00:14 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-01-04 03:04 - 2016-01-04 05:27 - 00000000 ____D C:\Users\JacJefferson\Desktop\tropicana
2015-12-29 01:37 - 2015-12-29 01:37 - 00000000 _____ C:\Users\JacJefferson\systeminfo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 01:01 - 2015-05-14 07:48 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Skype
2016-01-28 00:56 - 2015-06-10 03:52 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-28 00:52 - 2015-08-25 15:17 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5A4667B-6E95-4A17-95C1-799C060D9CCE}
2016-01-28 00:50 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-28 00:45 - 2015-09-21 06:38 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-28 00:35 - 2015-05-13 09:03 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 00:34 - 2015-06-05 23:57 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\CrashDumps
2016-01-28 00:25 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 00:24 - 2015-08-09 23:57 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-01-27 23:32 - 2015-05-13 09:03 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-27 23:22 - 2015-09-21 06:38 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-27 23:22 - 2015-08-10 00:00 - 00000000 __SHD C:\Users\JacJefferson\IntelGraphicsProfiles
2016-01-27 23:22 - 2015-05-13 00:52 - 00217328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 23:19 - 2015-07-10 07:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-27 08:03 - 2015-07-10 04:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-27 06:04 - 2015-07-10 06:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-27 05:48 - 2015-05-13 07:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-27 05:43 - 2015-08-09 19:50 - 00000000 ____D C:\Users\JacJefferson
2016-01-27 05:02 - 2015-07-10 06:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-27 03:43 - 2015-12-04 10:33 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-01-27 03:43 - 2015-06-21 16:53 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Samsung
2016-01-27 03:43 - 2012-10-23 09:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-27 03:30 - 2015-06-09 19:39 - 00000000 _____ C:\Recovery.txt
2016-01-27 03:27 - 2015-08-09 19:50 - 00000000 ____D C:\Users\UpdatusUser
2016-01-27 03:09 - 2015-05-13 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 03:05 - 2015-05-13 09:36 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\Spotify
2016-01-27 03:00 - 2015-05-13 09:40 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Spotify
2016-01-27 01:16 - 2015-05-13 00:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 09:18 - 2015-05-15 18:32 - 00000000 ___RD C:\Users\JacJefferson\Google Drive
2016-01-26 05:37 - 2015-12-22 13:51 - 00000000 ____D C:\Users\JacJefferson\AppData\Roaming\.purple
2016-01-26 04:36 - 2015-07-14 01:20 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\gtk-2.0
2016-01-24 13:50 - 2015-06-10 02:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-24 13:45 - 2015-05-13 00:13 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Packages
2016-01-24 07:50 - 2015-06-13 08:34 - 00000000 ____D C:\KMPlayer
2016-01-23 03:00 - 2015-09-27 18:19 - 00000000 ___RD C:\Users\JacJefferson\Dropbox
2016-01-23 03:00 - 2015-09-21 06:38 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\Dropbox
2016-01-23 00:41 - 2015-07-10 06:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-22 22:02 - 2015-05-13 00:52 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-21 15:08 - 2015-05-14 07:47 - 00000000 ____D C:\ProgramData\Skype
2016-01-20 06:06 - 2015-08-09 20:06 - 00774730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-20 02:48 - 2015-05-13 22:37 - 00000000 ____D C:\Users\JacJefferson\AppData\Local\ElevatedDiagnostics
2016-01-20 00:16 - 2015-05-13 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-20 00:10 - 2015-05-13 09:54 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-19 23:56 - 2015-06-10 03:52 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-19 22:20 - 2015-07-10 07:20 - 00351360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 22:16 - 2015-07-10 05:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-19 08:31 - 2015-09-05 16:29 - 00003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-01-19 08:21 - 2015-05-18 00:44 - 00774730 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-19 08:06 - 2015-05-14 03:49 - 00007614 _____ C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2016-01-19 04:45 - 2015-08-10 03:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-19 04:45 - 2015-06-08 02:09 - 00000000 ____D C:\Users\JacJefferson\Desktop\Tweaking Utils
2016-01-19 04:45 - 2015-06-03 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Frog SEO Spider
2016-01-19 03:56 - 2015-06-25 09:42 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 03:55 - 2015-05-13 09:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-18 23:02 - 2015-05-18 00:38 - 00000463 _____ C:\DelFix.txt
2016-01-18 11:05 - 2015-11-03 04:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-18 09:55 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\System
2016-01-18 09:35 - 2015-08-09 19:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-18 09:32 - 2015-08-09 19:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-18 09:25 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-18 09:25 - 2015-06-07 22:07 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-01-18 09:24 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-18 08:58 - 2015-08-09 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-17 21:44 - 2015-07-10 06:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-17 21:42 - 2015-12-07 05:51 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-14 09:00 - 2015-11-18 02:46 - 00001217 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-14 08:59 - 2015-11-18 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-12 23:28 - 2015-10-25 07:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 21:39 - 2015-10-25 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-10 03:30 - 2015-09-30 11:52 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-08 08:27 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-08 08:27 - 2012-10-23 09:28 - 00000000 ____D C:\ProgramData\P4G
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-08 08:25 - 2015-07-10 04:05 - 00000000 ____D C:\WINDOWS\servicing
2016-01-08 08:24 - 2015-12-28 08:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-08 08:24 - 2012-08-04 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-01-08 08:03 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\registration
2016-01-08 07:58 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-01-08 07:39 - 2015-08-09 23:58 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-01-08 05:46 - 2015-05-29 19:32 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-01-08 05:46 - 2015-05-14 10:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-08 05:46 - 2012-10-23 09:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-02 20:40 - 2015-07-10 06:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-07-10 06:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-14 01:06 - 2015-09-14 01:06 - 0209702 _____ () C:\Users\JacJefferson\AppData\Local\ars.cache
2015-09-14 01:06 - 2015-09-14 01:06 - 0549069 _____ () C:\Users\JacJefferson\AppData\Local\census.cache
2015-09-14 00:33 - 2015-09-14 00:33 - 0000036 _____ () C:\Users\JacJefferson\AppData\Local\housecall.guid.cache
2015-08-31 07:44 - 2015-08-31 07:44 - 0000743 _____ () C:\Users\JacJefferson\AppData\Local\recently-used.xbel
2015-05-14 03:49 - 2016-01-19 08:06 - 0007614 _____ () C:\Users\JacJefferson\AppData\Local\Resmon.ResmonCfg
2015-09-14 00:47 - 2015-09-14 00:47 - 0000010 _____ () C:\Users\JacJefferson\AppData\Local\sponge.last.runtime.cache
2015-08-09 19:47 - 2015-08-09 19:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-04 12:37 - 2012-07-30 01:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 12:37 - 2009-07-22 05:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2016-01-07 14:58 - 2016-01-07 15:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-07 14:58 - 2016-01-07 14:58 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\JacJefferson\AppData\Local\Temp\avgnt.exe
C:\Users\JacJefferson\AppData\Local\Temp\sfamcc00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfareca00001.dll
C:\Users\JacJefferson\AppData\Local\Temp\sfextra.dll
C:\Users\JacJefferson\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-21 16:00

==================== End of FRST.txt ============================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:17 AM

Posted 28 January 2016 - 10:38 AM

You are being helped here.

https://forums.malwarebytes.org/index.php?/topic/177986-installed-mbantiransomware-now-i-am-getting-all-sorts-of-ransomware-warnings/

This topic will be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users