Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Kotver!gm2 (Windows 7 64 bit)


  • This topic is locked This topic is locked
2 replies to this topic

#1 lferkins

lferkins

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 07 November 2016 - 05:53 PM

5th attempt to post FRST log...
 
Based on dramatic increase in internet usage, since about 25/25 October.  Multiple attempts to remove per Symantec guidance have failed.  Get "restart to continuing removing security risks" message from Norton several times each day.  FRST log follows:
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by Lenny (administrator) on LENNY-XPS8700 (07-11-2016 08:24:35)
Running from C:\Users\Lenny\Desktop
Loaded Profiles: Lenny (Available Profiles: Lenny)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Users\Lenny\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\Lenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Orbiscom Ltd. All rights reserved.) C:\Program Files (x86)\Citi Virtual Account Numbers\CitiVAN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Orbiscom Ltd.) C:\Windows\SysWOW64\OBroker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11733888 2012-12-03] (Motorola Solutions, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-26] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => c:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [886272 2012-05-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [76872 2012-06-25] (cyberlink)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [Virtual Account Numbers] => C:\Program Files (x86)\Citi Virtual Account Numbers\CitiVAN.exe [435712 2014-02-07] (Orbiscom Ltd. All rights reserved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758280 2016-06-17] (APN)
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-10-16] (Google Inc.)
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [Amazon Music] => C:\Users\Lenny\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-14] ()
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [Dropbox Update] => C:\Users\Lenny\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\...\Run: [**dwrnat<*>] => "C:\Users\Lenny\AppData\Local\5884f577\83637238.lnk" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-10] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.8.0.50\buShell.dll [2016-09-23] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenny\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2014-01-27]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0415f9f2.lnk [2016-11-07]
ShortcutTarget: 0415f9f2.lnk -> C:\Windows\System32\mshta.exe (Microsoft Corporation)
Startup: C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\06656d68.lnk [2016-10-24]
ShortcutTarget: 06656d68.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Startup: C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-06-02]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{6DC427C8-35F7-4FA7-A9E0-3E00BCBC7E79}: [DhcpNameServer] 24.154.1.68 24.154.1.7
Tcpip\..\Interfaces\{FA46FB72-898A-4E0F-B6E8-0A93038F828F}: [DhcpNameServer] 192.168.10.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2180218618-3025520610-2622418656-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2180218618-3025520610-2622418656-1001 -> {2B5E2B0B-E743-47EF-9837-6A20E6E53E2D} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11405&pf=V7&p2=%5EBBD%5EOSJ000%5EYY%5EUS&gct=&itbv=12.7.0.15&apn_uid=AB4D42AA-409B-4E27-BB6A-89B1A1B7C9EF&apn_ptnrs=BBD&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=ie_11.0.9600.16428&doi=2014-01-19&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKU\S-1-5-21-2180218618-3025520610-2622418656-1001 -> {720AF791-EBF4-420A-A79D-378FD61B08E8} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2180218618-3025520610-2622418656-1001 -> {A5FA6232-6836-4E1F-8A86-3EDC22FC6878} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-06-17] (APN LLC.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Virtual Account Numbers Helper -> {17424104-1444-4810-85D7-B4DA413C5A9A} -> C:\Program Files (x86)\Citi Virtual Account Numbers\CitiVANHelper.dll [2014-01-07] (Orbiscom Ltd. All rights reserved.)
BHO-x32: Ask Toolbar -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-06-17] (APN LLC.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
Toolbar: HKLM - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-06-17] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\coIEPlg.dll [2016-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-06-17] (APN LLC.)
Toolbar: HKLM-x32 - Virtual Account Numbers - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files (x86)\Citi Virtual Account Numbers\CitiVANToolbar.dll [2014-01-07] (Orbiscom Ltd. All rights reserved.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2180218618-3025520610-2622418656-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T29L10N-17037/webex/ieatgpc1.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon [2016-10-24]
FF HKLM-x32\...\Firefox\Extensions: [citius@orbiscom] - C:\Program Files (x86)\Citi Virtual Account Numbers
FF Extension: (Virtual Account Numbers for Firefox) - C:\Program Files (x86)\Citi Virtual Account Numbers [2014-10-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-10-12]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-08-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2180218618-3025520610-2622418656-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Lenny\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-09-17] (Citrix Online)
FF Plugin HKU\S-1-5-21-2180218618-3025520610-2622418656-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Lenny\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-05-09] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2180218618-3025520610-2622418656-1001: LWA64Plugin15.8 -> C:\Users\Lenny\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2180218618-3025520610-2622418656-1001: LWAPlugin15.8 -> C:\Users\Lenny\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default [2016-11-07]
CHR Extension: (Google Docs) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Google Drive) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-10-08]
CHR Extension: (Google Search) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-10]
CHR Extension: (Google Docs Offline) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Gmail) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\Lenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-21]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\Exts\Chrome.crx [2016-10-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\Exts\Chrome.crx [2016-10-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-10-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-06-17] (APN LLC.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3037424 2016-10-03] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [242448 2012-06-25] (CyberLink)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-08-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-08-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708104 2015-04-10] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-26] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-30] (Intel Corporation)
S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\N360.exe [289080 2016-09-23] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-26] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20161102.001\BHDrvx64.sys [1854712 2016-08-18] (Symantec Corporation)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1608000.032\ccSetx64.sys [174328 2016-06-01] (Symantec Corporation)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-10-03] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-03] (Symantec Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2016-10-12] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20161104.001\IDSvia64.sys [1012952 2016-10-27] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1608000.032\SRTSP64.SYS [784624 2016-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1608000.032\SRTSPX64.SYS [49400 2016-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1608000.032\SYMEFASI64.SYS [1628888 2016-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1608000.032\Ironx64.SYS [289520 2016-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1608000.032\SYMNETS.SYS [567512 2016-09-23] (Symantec Corporation)
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2014-11-14] (Rsupport Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\SDSDefs\20160708.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\SDSDefs\20160708.008\EX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-07 08:24 - 2016-11-07 08:24 - 00041057 _____ C:\Users\Lenny\Desktop\FRST.txt
2016-11-07 08:24 - 2016-11-07 08:24 - 00000000 ____D C:\FRST
2016-11-07 08:23 - 2016-11-07 08:23 - 02410496 _____ (Farbar) C:\Users\Lenny\Desktop\FRST64.exe
2016-11-07 08:23 - 2016-11-07 08:23 - 01759744 _____ (Farbar) C:\Users\Lenny\Desktop\FRST.exe
2016-11-06 09:03 - 2016-11-06 09:03 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-06 09:03 - 2016-11-06 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-06 09:03 - 2016-11-06 09:03 - 00000000 ____D C:\Program Files\iTunes
2016-11-06 09:03 - 2016-11-06 09:03 - 00000000 ____D C:\Program Files\iPod
2016-11-06 03:37 - 2016-11-06 03:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00031563.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00028378.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00027921.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00026980.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00026835.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00025498.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00023508.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00020646.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00018892.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00017238.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00017218.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00017159.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00013858.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00013113.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00013097.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00012986.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00012888.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00011415.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00009510.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00009204.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00004950.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00004445.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00003554.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00003344.tmp
2016-11-04 16:21 - 2016-11-04 16:21 - 01340008 ____T C:\Windows\SysWOW64\00002395.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00032739.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00029382.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00028568.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00027990.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00027139.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00026950.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00026763.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00026665.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00025090.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00024976.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00024457.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00024181.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00024001.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00023975.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00022459.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00021563.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00021012.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00018745.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00015916.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00015747.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00014982.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00014073.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00013353.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00012429.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00011810.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00011291.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00010465.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00010410.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00009761.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00009504.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00005015.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00003569.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00003493.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00002115.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00002106.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00001738.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00001387.tmp
2016-11-04 16:20 - 2016-11-04 16:20 - 01340008 ____T C:\Windows\SysWOW64\00001338.tmp
2016-10-29 06:33 - 2016-10-29 06:34 - 43109433 _____ C:\Users\Lenny\Downloads\2016-10 rewards $8 level.zip
2016-10-27 13:31 - 2016-10-27 13:31 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-25 09:45 - 2016-10-25 09:45 - 02805768 _____ (Symantec Corporation) C:\Users\Lenny\Downloads\FixToolKotver64.exe
2016-10-24 17:38 - 2016-10-24 17:38 - 00003008 _____ C:\Windows\System32\Tasks\{8C88CA14-0701-4B96-8D88-096BBE6297C5}
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00032609.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00032084.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00031661.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00030606.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00030305.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00030143.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00028089.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00028020.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00027701.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00025621.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00025201.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00023854.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00022727.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00022369.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00022139.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00021555.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00021126.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00020439.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00019310.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00019027.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00017793.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00016657.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00015510.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00013540.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00011976.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00011830.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00011823.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00011640.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00010574.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00009815.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00009513.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00008560.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00008261.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00006201.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00005220.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00002703.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00001783.tmp
2016-10-24 15:11 - 2016-10-24 15:11 - 01340008 ____T C:\Windows\SysWOW64\00001456.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00031473.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00030643.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00029479.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00029368.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00029322.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00028728.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00027614.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00027580.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00026496.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00026003.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00025824.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00025515.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00022939.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00022643.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00022167.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00021382.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00021213.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00021021.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00020862.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00018894.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00018237.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00016092.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00013567.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00013002.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00012538.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00012410.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00010058.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00009658.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00007984.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00006097.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00005510.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00003939.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00002938.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00001977.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00000814.tmp
2016-10-24 15:10 - 2016-10-24 15:10 - 01340008 ____T C:\Windows\SysWOW64\00000591.tmp
2016-10-24 13:32 - 2016-10-24 13:32 - 00003008 _____ C:\Windows\System32\Tasks\{E52EFDD6-2F61-4C40-803C-E09D20ED110D}
2016-10-24 12:51 - 2016-10-24 12:51 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2016-10-24 12:43 - 2016-10-24 12:43 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-10-24 12:41 - 2016-10-24 12:41 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\7df15461
2016-10-24 12:41 - 2016-10-24 12:41 - 00000000 ____D C:\Users\Lenny\AppData\Local\5884f577
2016-10-22 14:49 - 2016-10-22 14:49 - 00001004 _____ C:\Users\Lenny\Desktop\IrfanView.lnk
2016-10-22 14:49 - 2016-10-22 14:49 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-10-22 12:55 - 2016-10-22 14:49 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-10-22 12:55 - 2016-10-22 14:49 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\IrfanView
2016-10-22 12:55 - 2016-10-22 12:55 - 00001854 _____ C:\Users\Lenny\Desktop\IrfanView 64 Thumbnails.lnk
2016-10-22 12:55 - 2016-10-22 12:55 - 00000980 _____ C:\Users\Lenny\Desktop\IrfanView 64.lnk
2016-10-22 12:55 - 2016-10-22 12:55 - 00000000 ____D C:\Program Files\IrfanView
2016-10-21 20:57 - 2016-10-21 20:57 - 00007149 _____ C:\Users\Lenny\Downloads\Avis Ereceipt Durango.pdf
2016-10-13 16:53 - 2016-10-13 16:53 - 00001671 _____ C:\Users\Lenny\Desktop\Adobe Bridge  CS6 (64 Bit).lnk
2016-10-13 16:52 - 2016-10-13 16:52 - 00014175 _____ C:\Users\Lenny\Desktop\Adobe Photoshop  CS6 (64 Bit).lnk
2016-10-12 14:20 - 2016-10-12 14:20 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-10-12 14:12 - 2016-10-12 14:12 - 00000924 _____ C:\Windows\system32\.crusader
2016-10-12 14:04 - 2016-10-12 14:19 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-12 14:04 - 2016-10-12 14:04 - 00000128 _____ C:\Windows\ntbtlog.txt
2016-10-12 14:03 - 2016-10-12 14:04 - 11579432 _____ (SurfRight B.V.) C:\Users\Lenny\Downloads\HitmanPro_x64.exe
2016-10-12 14:01 - 2016-10-12 14:02 - 02744744 _____ (Symantec Corporation) C:\Users\Lenny\Downloads\FixTool64.exe
2016-10-12 13:58 - 2016-10-12 13:58 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Lenny\Downloads\rkill (1).exe
2016-10-12 13:57 - 2016-10-12 13:57 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Lenny\Downloads\rkill.exe
2016-10-12 13:48 - 2016-10-12 13:48 - 00000000 ____D C:\NPE
2016-10-12 13:46 - 2016-10-12 13:46 - 03423928 _____ (Symantec Corporation) C:\Users\Lenny\Downloads\NPE (1).exe
2016-10-12 09:37 - 2016-10-12 09:37 - 03423928 _____ (Symantec Corporation) C:\Users\Lenny\Downloads\NPE.exe
2016-10-11 15:00 - 2016-09-30 10:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 15:00 - 2016-09-30 10:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-11 15:00 - 2016-09-30 02:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 15:00 - 2016-09-30 01:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 15:00 - 2016-09-30 01:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 15:00 - 2016-09-30 01:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 15:00 - 2016-09-30 00:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 15:00 - 2016-09-30 00:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 15:00 - 2016-09-30 00:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 15:00 - 2016-09-30 00:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 15:00 - 2016-09-30 00:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 15:00 - 2016-09-30 00:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 15:00 - 2016-09-30 00:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 15:00 - 2016-09-30 00:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 15:00 - 2016-09-30 00:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 15:00 - 2016-09-30 00:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 15:00 - 2016-09-30 00:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 15:00 - 2016-09-29 23:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 15:00 - 2016-09-29 23:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 15:00 - 2016-09-12 16:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 15:00 - 2016-09-12 15:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 15:00 - 2016-09-12 14:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 15:00 - 2016-09-12 13:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 15:00 - 2016-09-12 13:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 15:00 - 2016-09-10 11:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 15:00 - 2016-09-10 10:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 15:00 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 15:00 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 15:00 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 15:00 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 15:00 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 15:00 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 15:00 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 15:00 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 15:00 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 15:00 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-11 15:00 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-11 15:00 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-11 15:00 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-11 15:00 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 15:00 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-11 15:00 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 15:00 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 15:00 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 15:00 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 15:00 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-11 15:00 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-11 14:59 - 2016-09-30 15:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 14:59 - 2016-09-30 14:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 14:59 - 2016-09-30 10:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-11 14:59 - 2016-09-30 01:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 14:59 - 2016-09-30 01:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 14:59 - 2016-09-30 01:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 14:59 - 2016-09-30 01:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 14:59 - 2016-09-30 01:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 14:59 - 2016-09-30 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 14:59 - 2016-09-30 01:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 14:59 - 2016-09-30 01:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 14:59 - 2016-09-30 01:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 14:59 - 2016-09-30 01:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 14:59 - 2016-09-30 01:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 14:59 - 2016-09-30 01:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 14:59 - 2016-09-30 01:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 14:59 - 2016-09-30 01:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 14:59 - 2016-09-30 01:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 14:59 - 2016-09-30 00:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 14:59 - 2016-09-30 00:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-11 14:59 - 2016-09-30 00:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 14:59 - 2016-09-30 00:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 14:59 - 2016-09-30 00:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 14:59 - 2016-09-30 00:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 14:59 - 2016-09-30 00:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 14:59 - 2016-09-30 00:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-11 14:59 - 2016-09-30 00:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-11 14:59 - 2016-09-30 00:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-11 14:59 - 2016-09-30 00:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-11 14:59 - 2016-09-30 00:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-11 14:59 - 2016-09-30 00:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 14:59 - 2016-09-30 00:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-11 14:59 - 2016-09-30 00:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 14:59 - 2016-09-30 00:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-11 14:59 - 2016-09-30 00:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 14:59 - 2016-09-30 00:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-11 14:59 - 2016-09-30 00:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-11 14:59 - 2016-09-30 00:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 14:59 - 2016-09-30 00:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-11 14:59 - 2016-09-30 00:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-11 14:59 - 2016-09-30 00:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-11 14:59 - 2016-09-30 00:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-11 14:59 - 2016-09-30 00:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-11 14:59 - 2016-09-30 00:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-11 14:59 - 2016-09-30 00:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-11 14:59 - 2016-09-30 00:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-11 14:59 - 2016-09-30 00:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 14:59 - 2016-09-30 00:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-11 14:59 - 2016-09-29 23:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 14:59 - 2016-09-29 23:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 14:59 - 2016-09-15 10:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 14:59 - 2016-09-15 10:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 14:59 - 2016-09-15 10:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 14:59 - 2016-09-15 10:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-11 14:59 - 2016-09-12 16:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 14:59 - 2016-09-12 16:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 14:59 - 2016-09-12 16:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 14:59 - 2016-09-12 16:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 14:59 - 2016-09-12 16:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-11 14:59 - 2016-09-12 15:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-11 14:59 - 2016-09-12 15:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 14:59 - 2016-09-12 15:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 14:59 - 2016-09-12 15:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 14:59 - 2016-09-12 15:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 14:59 - 2016-09-12 15:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 14:59 - 2016-09-12 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-11 14:59 - 2016-09-12 15:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-11 14:59 - 2016-09-09 13:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 14:59 - 2016-09-09 13:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 14:59 - 2016-09-09 13:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 13:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-11 14:59 - 2016-09-09 13:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-11 14:59 - 2016-09-09 13:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 14:59 - 2016-09-09 13:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-11 14:59 - 2016-09-09 13:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 14:59 - 2016-09-09 12:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 14:59 - 2016-09-09 12:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 14:59 - 2016-09-09 12:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-11 14:59 - 2016-09-09 12:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 14:59 - 2016-09-09 12:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 14:59 - 2016-09-09 12:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-11 14:59 - 2016-09-09 12:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-11 14:59 - 2016-09-09 12:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-11 14:59 - 2016-09-09 12:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-11 14:59 - 2016-09-09 12:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 14:59 - 2016-09-09 10:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 14:59 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 14:59 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-11 14:59 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 14:59 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-11 14:59 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 14:59 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 14:59 - 2016-08-29 10:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 14:59 - 2016-08-29 10:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 14:59 - 2016-08-29 10:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 14:59 - 2016-08-29 10:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 14:59 - 2016-08-29 10:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 14:59 - 2016-08-29 10:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-11 14:59 - 2016-08-29 10:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 14:59 - 2016-08-29 09:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 14:59 - 2016-08-16 15:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 14:59 - 2016-08-16 15:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 14:59 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 14:59 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 14:59 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 14:59 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-11 14:59 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-11 14:59 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-11 14:59 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 14:59 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 14:59 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-11 14:59 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 14:59 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-11 14:59 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-11 14:59 - 2016-07-22 09:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 14:59 - 2016-07-22 09:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-11 14:59 - 2016-06-14 12:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 14:59 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-11 14:59 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-11 14:59 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 14:59 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 14:59 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 14:59 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-11 14:59 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-11 14:59 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 14:59 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 09:23 - 2016-10-12 14:11 - 00000000 ____D C:\Users\Lenny\AppData\Local\60005c14
2016-10-11 09:23 - 2016-10-11 09:23 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\64afb2a9
2016-10-08 21:21 - 2016-10-24 13:39 - 00000000 ____D C:\Users\Lenny\AppData\Local\NPE
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-07 08:03 - 2013-08-19 07:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-07 08:01 - 2015-06-18 20:44 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2180218618-3025520610-2622418656-1001UA.job
2016-11-07 07:56 - 2016-10-06 01:00 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-07 07:51 - 2014-05-27 11:13 - 00000000 ___RD C:\Users\Lenny\Dropbox
2016-11-07 07:51 - 2013-09-01 12:26 - 00000000 ____D C:\Users\Lenny\Documents\Outlook Files
2016-11-07 07:51 - 2013-09-01 11:19 - 00000000 ____D C:\MailFolders
2016-11-07 07:50 - 2014-02-21 12:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-07 07:50 - 2013-08-19 08:08 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2016-11-07 07:50 - 2013-08-19 08:08 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2016-11-07 07:50 - 2013-08-19 07:57 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-11-07 07:49 - 2014-02-21 12:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-07 07:42 - 2009-07-13 23:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-07 07:42 - 2009-07-13 23:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-07 07:39 - 2009-07-14 00:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-07 07:39 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-11-07 07:34 - 2013-08-19 09:40 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-07 07:34 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-07 02:00 - 2014-08-16 06:31 - 00000000 ____D C:\Users\Lenny\AppData\Local\Adobe
2016-11-07 01:51 - 2015-08-30 20:29 - 00000000 ____D C:\Program Files (x86)\Dell Update
2016-11-06 22:01 - 2015-06-18 20:43 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2180218618-3025520610-2622418656-1001Core.job
2016-11-06 14:53 - 2015-12-10 07:51 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-11-06 10:14 - 2015-11-08 07:44 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A5D326DC-EA1C-4755-A94E-533DDB916596}
2016-11-06 09:55 - 2016-07-22 16:54 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2016-11-06 09:03 - 2014-04-08 21:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-04 20:56 - 2015-06-18 20:44 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2180218618-3025520610-2622418656-1001UA
2016-11-04 20:56 - 2015-06-18 20:43 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2180218618-3025520610-2622418656-1001Core
2016-10-31 15:21 - 2013-09-01 17:50 - 00000000 ____D C:\Wallpaper
2016-10-29 06:04 - 2013-11-26 08:28 - 00000000 ____D C:\Users\Lenny\AppData\Local\Google
2016-10-28 15:07 - 2015-04-03 15:40 - 00000000 ____D C:\Users\Lenny\AppData\Local\Amazon Music
2016-10-27 13:32 - 2014-05-27 11:10 - 00000000 ____D C:\Users\Lenny\AppData\Roaming\Dropbox
2016-10-27 05:50 - 2014-05-05 14:56 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-27 03:03 - 2013-08-19 07:45 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-27 03:03 - 2013-08-19 07:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-27 03:03 - 2013-08-19 07:45 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-27 03:03 - 2013-08-19 07:45 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-27 03:03 - 2013-08-19 07:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-26 21:19 - 2014-05-05 14:56 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-24 12:47 - 2013-08-19 08:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-24 12:43 - 2015-07-03 06:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2016-10-24 12:43 - 2013-09-04 13:05 - 00002227 _____ C:\Users\Public\Desktop\Norton 360.lnk
2016-10-24 12:43 - 2013-09-04 13:04 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2016-10-24 12:43 - 2013-08-31 10:48 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-21 21:25 - 2013-11-03 15:28 - 00000000 ____D C:\ProgramData\Oracle
2016-10-21 20:57 - 2014-08-29 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-21 20:57 - 2013-09-01 17:28 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-21 20:56 - 2014-08-29 13:51 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-21 20:49 - 2014-02-21 12:33 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 20:36 - 2013-09-04 13:05 - 00100592 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-10-21 20:36 - 2013-09-04 13:05 - 00008319 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-10-13 16:55 - 2015-04-02 08:24 - 00002161 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-10-12 09:38 - 2014-03-31 14:41 - 00000000 ____D C:\Program Files (x86)\CDex
2016-10-12 09:38 - 2013-09-04 12:59 - 00000000 ____D C:\ProgramData\Norton
2016-10-12 05:28 - 2013-08-31 10:44 - 00000000 ___RD C:\Users\Lenny\Virtual Machines
2016-10-12 03:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 02:36 - 2013-12-07 09:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 02:36 - 2013-12-07 09:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 02:36 - 2009-07-13 23:45 - 04948936 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 02:34 - 2014-12-11 03:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 02:34 - 2014-05-06 02:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 02:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 02:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:16 - 2013-09-03 21:29 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 02:05 - 2013-12-07 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 02:05 - 2013-09-03 21:29 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 19:59 - 2015-01-15 07:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
==================== Files in the root of some directories =======
 
2014-11-22 08:05 - 2015-04-14 11:13 - 0000132 _____ () C:\Users\Lenny\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-07-27 11:58 - 2015-09-19 20:51 - 0000132 _____ () C:\Users\Lenny\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-09-23 13:51 - 2016-06-11 21:14 - 0000000 _____ () C:\Users\Lenny\AppData\Roaming\Caches
2013-09-23 13:51 - 2016-06-11 21:14 - 0000000 _____ () C:\Users\Lenny\AppData\Roaming\Carbon
2013-08-31 17:40 - 2013-08-31 17:40 - 145762520 _____ () C:\Users\Lenny\AppData\Local\ACCCx2_1_1_220.zip.aamdownload
2013-08-31 17:40 - 2013-08-31 17:40 - 0001732 _____ () C:\Users\Lenny\AppData\Local\ACCCx2_1_1_220.zip.aamdownload.aamd
2016-06-11 21:14 - 2016-06-11 21:14 - 0000000 _____ () C:\ProgramData\Basic Synth
2016-06-11 21:14 - 2016-06-11 21:14 - 0000000 _____ () C:\ProgramData\Calibrators
2016-06-11 21:14 - 2016-06-11 21:14 - 0000000 _____ () C:\ProgramData\CMMs
2016-06-11 21:14 - 2016-06-11 21:14 - 0000000 _____ () C:\ProgramData\Common
2013-09-23 13:51 - 2016-06-11 21:14 - 0000000 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-09-23 13:52 - 2016-06-11 21:14 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-09-23 13:51 - 2016-06-11 21:14 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-09-23 13:51 - 2016-06-11 21:14 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-11-04 00:19
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 lferkins

lferkins
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:02:12 AM

Posted 07 November 2016 - 05:58 PM

Apologies for multiple posts on this subject; every attempt has received a timeout error, so I assumed they weren't succeeding. 

 

len.

 



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,569 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:12 AM

Posted 10 November 2016 - 11:03 AM

Duplicate. Topic will be closed.
http://www.bleepingcomputer.com/forums/t/631595/infected-with-kotvergm2-windows-7-64bit/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users