Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect in Chrome - have repeatedly failed to remove the cause


  • This topic is locked This topic is locked
3 replies to this topic

#1 Caligulove

Caligulove

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:09 AM

Posted 13 January 2017 - 07:44 PM

This issue is about three weeks old. With no apparent pattern, about a third of links in Chrome will redirect to spam. I've tried Panda Protection, Malwarebytes (including AdwCleaner and JRT), HitmanPro, and Reason Core Security. Some things were found and supposedly removed (including rootkits), but the issue hasn't gone away. I gave up on trying more and figured I'd turn to more knowledgeable people, which is when I found this forum.

 

As the stickied thread requests, the FRST log is copy-pasted below and the Addition log is attached. Thank you!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2017
Ran by Lilith (administrator) on DESKTOP-N5OF0QN (13-01-2017 16:31:24)
Running from C:\Users\Lilith\Desktop
Loaded Profiles: Lilith (Available Profiles: Lilith)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsEngineSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803664 2016-12-02] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [114480 2016-10-27] (Panda Security, S.L.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6aa826f2-477f-40c8-b34f-dbeefd56bef5}: [DhcpNameServer] 208.80.68.212 204.14.152.2 204.14.152.5
Tcpip\..\Interfaces\{cf3ff49b-5761-496c-9072-db2f5311502e}: [DhcpNameServer] 192.168.0.1
ManualProxies: 
 
Internet Explorer:
==================
HKU\S-1-5-21-677794713-1765714287-2786059827-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-09] (Intel Security)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-03] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-03] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-09] (Intel Security)
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-03] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default [2017-01-13]
CHR Extension: (Google Slides) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-02]
CHR Extension: (Google Docs) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-02]
CHR Extension: (Google Drive) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-02]
CHR Extension: (YouTube) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-02]
CHR Extension: (Adblock Plus) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-03]
CHR Extension: (Google Sheets) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-03]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-02]
CHR Extension: (Gmail) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-12-14] (Intel Corporation)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTek Computer Inc.)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-12-02] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-12-02] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-12-02] (Intel Corporation)
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-04-05] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-04-04] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109816 2016-10-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-10-27] (Panda Security, S.L.)
R2 rscp; C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [254232 2017-01-04] ()
R2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [89880 2016-09-29] (Reason Software Company Inc.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-04-04] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [95224 2016-12-02] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [281400 2016-12-02] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-12-02] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-12-02] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2016-12-08] (Logitech Inc.)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-11] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-11] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7139088 2016-12-02] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106928 2016-07-05] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [119728 2016-07-05] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [90032 2016-07-05] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [197040 2016-07-05] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-12-02] (NVIDIA Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179120 2016-10-24] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130992 2016-10-24] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207792 2016-10-24] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133552 2016-10-24] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-10-24] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-10-24] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [328920 2016-04-01] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-04-21] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-13 16:31 - 2017-01-13 16:31 - 00018042 _____ C:\Users\Lilith\Desktop\FRST.txt
2017-01-13 16:30 - 2017-01-13 16:31 - 00000000 ____D C:\FRST
2017-01-13 16:30 - 2017-01-13 16:30 - 02419200 _____ (Farbar) C:\Users\Lilith\Desktop\FRST64.exe
2017-01-13 15:37 - 2017-01-13 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2017-01-13 15:37 - 2017-01-13 15:37 - 00000000 ____D C:\Program Files (x86)\FileASSASSIN
2017-01-12 09:47 - 2017-01-12 10:01 - 00000000 ____D C:\Users\Lilith\Desktop\Inuyasha - Season 3
2017-01-12 09:46 - 2017-01-12 09:46 - 00015655 _____ C:\Users\Lilith\Downloads\C4C1A1BC60718B444FA370DDE60241610B68934A.torrent
2017-01-11 21:36 - 2017-01-11 22:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-11 21:23 - 2017-01-12 09:28 - 00000000 ____D C:\AdwCleaner
2017-01-11 15:51 - 2016-12-21 00:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 15:51 - 2016-12-21 00:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 15:51 - 2016-12-21 00:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 15:51 - 2016-12-20 23:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 15:51 - 2016-12-20 23:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 15:51 - 2016-12-20 23:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 15:51 - 2016-12-20 23:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 15:51 - 2016-12-20 23:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 15:51 - 2016-12-20 23:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 15:51 - 2016-12-20 23:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 15:51 - 2016-12-20 23:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 15:51 - 2016-12-20 23:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 15:51 - 2016-12-20 23:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 15:51 - 2016-12-20 23:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 15:51 - 2016-12-20 23:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 15:51 - 2016-12-20 23:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 15:51 - 2016-12-20 23:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 15:51 - 2016-12-20 23:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 15:51 - 2016-12-20 23:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 15:51 - 2016-12-20 23:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 15:51 - 2016-12-20 23:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 15:51 - 2016-12-20 23:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 15:51 - 2016-12-20 23:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 15:51 - 2016-12-20 23:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 15:51 - 2016-12-20 23:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 15:51 - 2016-12-20 23:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 15:51 - 2016-12-20 23:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 15:51 - 2016-12-20 23:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 15:51 - 2016-12-20 23:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 15:51 - 2016-12-20 23:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 15:51 - 2016-12-20 23:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 15:51 - 2016-12-20 23:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 15:51 - 2016-12-20 23:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 15:51 - 2016-12-20 22:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 15:51 - 2016-12-20 22:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 15:51 - 2016-12-20 22:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 15:51 - 2016-12-20 22:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 15:51 - 2016-12-20 22:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 15:51 - 2016-12-20 22:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 15:51 - 2016-12-20 22:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 15:51 - 2016-12-20 22:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 15:51 - 2016-12-20 22:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 15:51 - 2016-12-20 22:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 15:51 - 2016-12-20 22:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 15:51 - 2016-12-20 22:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 15:51 - 2016-12-20 22:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 15:51 - 2016-12-20 22:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 15:51 - 2016-12-20 22:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 15:51 - 2016-12-20 22:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 15:51 - 2016-12-20 22:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 15:51 - 2016-12-20 22:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 15:51 - 2016-12-20 22:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 15:51 - 2016-12-20 22:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 15:51 - 2016-12-20 21:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 15:51 - 2016-12-20 21:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 15:51 - 2016-12-20 21:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 15:51 - 2016-12-20 21:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 15:51 - 2016-12-20 20:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 15:51 - 2016-12-20 20:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 15:51 - 2016-12-20 20:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 15:51 - 2016-12-20 20:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:51 - 2016-12-20 20:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 15:51 - 2016-12-20 20:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 15:51 - 2016-12-20 20:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 15:51 - 2016-12-20 20:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 15:51 - 2016-12-20 20:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 15:51 - 2016-12-20 20:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 15:51 - 2016-12-20 20:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 15:51 - 2016-12-20 20:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 15:51 - 2016-12-20 20:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 15:51 - 2016-12-20 20:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 15:51 - 2016-12-20 20:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 15:51 - 2016-12-20 20:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 15:51 - 2016-12-20 20:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 15:51 - 2016-12-20 20:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 15:51 - 2016-12-20 20:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 15:51 - 2016-12-20 20:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 15:51 - 2016-12-20 20:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 15:51 - 2016-12-20 20:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 15:51 - 2016-12-20 20:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 15:51 - 2016-12-20 20:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 15:51 - 2016-12-13 21:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 15:51 - 2016-12-13 21:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 15:51 - 2016-12-13 21:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 15:51 - 2016-12-13 21:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 15:51 - 2016-12-13 21:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 15:51 - 2016-12-13 21:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 15:51 - 2016-12-13 21:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 15:51 - 2016-12-13 21:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 15:51 - 2016-12-13 21:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 15:51 - 2016-12-13 21:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 15:51 - 2016-12-13 21:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 15:51 - 2016-12-13 21:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 15:51 - 2016-12-13 21:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 15:51 - 2016-12-13 21:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 15:51 - 2016-12-13 21:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 15:51 - 2016-12-13 21:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 15:51 - 2016-12-13 20:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 15:51 - 2016-12-13 20:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 15:51 - 2016-12-13 20:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 15:51 - 2016-12-13 20:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 15:51 - 2016-12-13 20:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 15:51 - 2016-12-13 20:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 15:51 - 2016-12-13 20:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:51 - 2016-12-13 20:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 15:51 - 2016-12-13 20:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 15:51 - 2016-12-13 20:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 15:51 - 2016-12-13 20:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 15:51 - 2016-12-13 20:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 15:51 - 2016-12-13 20:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 15:51 - 2016-12-13 20:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 15:51 - 2016-12-13 20:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 15:51 - 2016-12-13 20:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 15:51 - 2016-12-13 20:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 15:51 - 2016-12-13 20:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 15:51 - 2016-12-13 20:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 15:51 - 2016-12-13 20:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 15:51 - 2016-12-13 20:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 15:51 - 2016-12-13 20:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 15:51 - 2016-12-13 20:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 15:51 - 2016-12-13 20:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 15:51 - 2016-12-13 20:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 15:51 - 2016-12-13 20:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 15:51 - 2016-12-13 20:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 15:51 - 2016-12-13 20:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 15:51 - 2016-12-13 20:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 15:51 - 2016-12-13 20:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 15:51 - 2016-12-13 20:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 15:51 - 2016-12-13 20:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 15:51 - 2016-12-13 20:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 15:51 - 2016-12-13 20:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 15:51 - 2016-12-13 20:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 15:51 - 2016-12-13 20:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 15:51 - 2016-12-13 20:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 15:51 - 2016-12-13 20:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 15:51 - 2016-12-13 20:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 15:51 - 2016-12-13 20:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 15:51 - 2016-11-02 04:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 15:51 - 2016-11-02 03:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 15:51 - 2016-11-02 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:51 - 2016-11-02 02:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 15:51 - 2016-11-02 02:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 15:51 - 2016-08-01 20:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 15:50 - 2016-12-20 23:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 15:50 - 2016-12-20 23:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 15:50 - 2016-12-20 23:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 15:50 - 2016-12-20 23:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 15:50 - 2016-12-20 23:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 15:50 - 2016-12-20 23:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 15:50 - 2016-12-20 20:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 15:50 - 2016-12-20 20:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 15:50 - 2016-12-20 20:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 15:50 - 2016-12-20 20:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 15:50 - 2016-12-13 21:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 15:50 - 2016-12-13 21:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 15:50 - 2016-12-13 20:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 15:50 - 2016-12-13 20:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 15:50 - 2016-12-13 20:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:50 - 2016-12-13 20:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 15:50 - 2016-12-13 20:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 15:50 - 2016-12-13 20:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-05 20:51 - 2017-01-13 14:50 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-05 20:51 - 2017-01-11 22:02 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-05 20:51 - 2017-01-11 22:02 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-05 20:51 - 2017-01-11 22:01 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-05 20:51 - 2017-01-11 21:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-05 20:51 - 2017-01-09 17:10 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-05 20:51 - 2017-01-05 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-05 20:51 - 2017-01-05 20:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-05 20:51 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-05 20:50 - 2017-01-05 20:50 - 54199488 _____ (Malwarebytes ) C:\Users\Lilith\Downloads\mb3-setup-consumer-3.0.5.1299 (1).exe
2017-01-04 18:57 - 2017-01-04 18:57 - 00000945 _____ C:\Users\Lilith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyrimSELauncher.lnk
2017-01-04 18:50 - 2017-01-04 18:50 - 00052542 _____ C:\Users\Lilith\Downloads\AE449B0EE3B916819D5DB86AE6EC228F72D62E43.torrent
2017-01-04 18:43 - 2017-01-04 18:43 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1F6732CC.sys
2017-01-04 18:05 - 2017-01-04 18:05 - 00003640 _____ C:\WINDOWS\System32\Tasks\ReasonSecurityScheduledScan
2017-01-04 18:05 - 2017-01-04 18:05 - 00000000 ____D C:\ProgramData\Reason
2017-01-04 18:04 - 2017-01-04 18:04 - 06406240 _____ (Reason Software Company Inc.) C:\Users\Lilith\Downloads\reason-core-security-setup.exe
2017-01-04 18:04 - 2017-01-04 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2017-01-04 18:04 - 2017-01-04 18:04 - 00000000 ____D C:\Program Files\Reason
2017-01-04 17:47 - 2017-01-04 17:47 - 00000000 ____D C:\Program Files\HitmanPro
2017-01-04 17:46 - 2017-01-04 17:54 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-04 17:45 - 2017-01-04 17:46 - 11581544 _____ (SurfRight B.V.) C:\Users\Lilith\Downloads\hitmanpro_x64.exe
2017-01-04 17:33 - 2017-01-04 17:34 - 54199488 _____ (Malwarebytes ) C:\Users\Lilith\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-04 17:20 - 2017-01-04 17:20 - 00000000 _____ C:\autoexec.bat
2017-01-04 17:19 - 2017-01-04 17:19 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-01-04 17:18 - 2017-01-04 17:18 - 05659315 _____ (Swearware) C:\Users\Lilith\Downloads\ComboFix.exe
2017-01-04 17:17 - 2017-01-04 17:17 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Lilith\Downloads\SpyHunter-Installer.exe
2017-01-03 19:21 - 2017-01-03 19:21 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\NVIDIA
2017-01-03 14:15 - 2017-01-03 14:15 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\Digiarty
2017-01-03 13:52 - 2017-01-03 13:52 - 00012726 _____ C:\Users\Lilith\Downloads\C1F36777769B2A43AA2077281F3DEF78F403A60B.torrent
2016-12-26 17:45 - 2016-12-26 17:45 - 00013575 _____ C:\Users\Lilith\Downloads\57772EAE2BE274B57FE6E2D6E437F9DD340AE325.torrent
2016-12-26 17:42 - 2016-12-26 17:42 - 00018542 _____ C:\Users\Lilith\Downloads\06A98011D2A9EF4774139F572F865893AAAEFD65.torrent
2016-12-22 20:40 - 2016-12-22 20:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-22 17:38 - 2016-12-22 17:38 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\MPC-HC
2016-12-22 15:23 - 2016-12-22 16:18 - 3009299533 _____ C:\Users\Lilith\Desktop\Star Wars - The Force Awakens 2015 (1080p x265 10bit Tigole).mkv
2016-12-22 15:22 - 2016-12-22 15:22 - 00042238 _____ C:\Users\Lilith\Downloads\CE1368726136D61008E34AE11511956072C74B25.torrent
2016-12-22 15:17 - 2016-12-22 15:17 - 00156999 _____ C:\Users\Lilith\Downloads\1C1DD20CE9F9BDC2A361AB88389415E9B270D0F4.torrent
2016-12-22 12:39 - 2016-12-22 12:39 - 00000755 _____ C:\Users\Lilith\Downloads\Documents - Shortcut.lnk
2016-12-22 12:37 - 2016-12-22 12:38 - 00000000 ____D C:\Users\Lilith\Documents\wallpapers
2016-12-19 19:45 - 2016-12-19 19:45 - 00000000 ____D C:\Users\Lilith\Documents\My Games
2016-12-19 19:45 - 2016-12-19 19:45 - 00000000 ____D C:\Users\Lilith\AppData\Local\Skyrim Special Edition
2016-12-19 18:55 - 2016-12-19 18:55 - 00000000 ____D C:\Users\Lilith\AppData\Local\Logitech
2016-12-19 18:55 - 2016-12-19 18:55 - 00000000 ____D C:\ProgramData\LogiShrd
2016-12-19 18:54 - 2016-12-21 18:39 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-12-19 18:54 - 2016-12-21 18:39 - 00000776 _____ C:\WINDOWS\LkmdfCoInst.log
2016-12-19 18:54 - 2016-12-19 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-12-19 18:53 - 2016-12-19 18:54 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-12-19 18:52 - 2016-12-19 18:52 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\Logitech
2016-12-19 18:52 - 2016-12-19 18:52 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\Logishrd
2016-12-19 18:51 - 2016-12-19 18:52 - 93704136 _____ (Logitech Inc.) C:\Users\Lilith\Downloads\LGS_8.89.68_x64_Logitech.exe
2016-12-18 09:41 - 2016-12-18 09:41 - 00000000 ____D C:\Users\Lilith\AppData\Local\Chromium
2016-12-17 21:31 - 2016-12-17 21:31 - 00039776 _____ C:\Users\Lilith\Downloads\3BF0032DA37B0AF7A805FB832C9D4170A5FEB94F.torrent
2016-12-17 19:41 - 2016-12-17 19:41 - 00000239 _____ C:\Users\Lilith\Downloads\Titanfall 2 Deluxe Edition-FULL UNLOCKED Torrent.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-13 16:10 - 2016-12-02 23:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-13 12:38 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-13 12:38 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-13 12:00 - 2016-12-02 23:35 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-01-13 12:00 - 2016-12-02 23:35 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-01-13 10:06 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 09:16 - 2016-12-02 21:27 - 01439608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-13 09:15 - 2016-12-02 21:37 - 00000000 __SHD C:\Users\Lilith\IntelGraphicsProfiles
2017-01-12 16:38 - 2016-12-03 00:46 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-12 16:38 - 2016-12-03 00:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-12 11:51 - 2016-12-03 01:13 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\uTorrent
2017-01-12 11:42 - 2016-12-04 10:54 - 00000000 ____D C:\Users\Lilith\Documents\Torrent Downloads
2017-01-12 09:22 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-11 22:01 - 2016-12-02 23:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-11 22:01 - 2016-07-15 22:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-01-11 21:34 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-11 21:31 - 2016-12-03 00:46 - 00000000 ____D C:\Program Files\TrueKey
2017-01-11 21:31 - 2016-12-02 23:30 - 00270672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 21:30 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 21:30 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 21:30 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 21:30 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 21:30 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 16:04 - 2016-07-16 03:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 15:55 - 2016-12-02 22:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 15:54 - 2016-12-02 22:50 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 15:33 - 2016-12-03 11:44 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-01-09 17:52 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-09 16:02 - 2016-07-15 22:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-04 18:54 - 2016-12-03 20:26 - 00000000 ____D C:\Games
2017-01-04 17:15 - 2016-12-02 23:57 - 00000000 ____D C:\Users\Lilith\AppData\Local\Google
2017-01-03 19:28 - 2016-12-04 22:29 - 00000000 ____D C:\Users\Lilith\AppData\Roaming\vlc
2016-12-30 10:46 - 2016-12-04 12:42 - 00000000 ____D C:\Users\Lilith\Documents\Berkeley
2016-12-23 11:20 - 2016-12-03 00:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-22 20:41 - 2016-12-02 23:31 - 00019503 _____ C:\WINDOWS\setupact.log
2016-12-22 20:40 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-22 15:13 - 2016-07-16 03:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-22 15:13 - 2016-07-16 03:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 12:38 - 2016-12-02 21:16 - 00000000 ___RD C:\Users\Lilith\Documents
2016-12-19 00:59 - 2016-12-02 23:32 - 00000000 ____D C:\Users\Lilith
2016-12-18 09:41 - 2016-12-03 00:16 - 00000000 ____D C:\Users\Lilith\AppData\Local\Steam
2016-12-18 09:21 - 2016-12-05 11:08 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-18 09:21 - 2016-12-03 21:03 - 00013544 _____ C:\WINDOWS\DirectX.log
2016-12-16 14:55 - 2016-12-02 23:57 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 14:55 - 2016-12-02 23:57 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 14:55 - 2015-07-10 03:04 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 19:29 - 2016-12-02 21:18 - 00002366 _____ C:\Users\Lilith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-15 19:29 - 2016-12-02 21:18 - 00000000 ___RD C:\Users\Lilith\OneDrive
2016-12-14 12:46 - 2016-12-02 23:57 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2016-12-02 23:31 - 2016-12-02 23:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-01-11 15:53
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:09 AM

Posted 14 January 2017 - 11:47 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
Task: {0A175FFF-C24D-4F64-93FD-2204F06B0DA7} - \OneDrive Standalone Update Task -> No File <==== ATTENTION
Task: {3B6A3F2E-7348-4DB6-A89C-04F72028B30C} - \RtHDVBg_ListenToDevice -> No File <==== ATTENTION
Task: {49253AD5-B168-44B7-9781-7E344F51D5CD} - \RTKCPL -> No File <==== ATTENTION
Task: {532CC4F8-E7C8-4980-8F09-71F6C58FD380} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {E29F82F0-8910-46CD-840F-C59CE7CC456A} - \Update Checker -> No File <==== ATTENTION

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
===

Please let me know if the problem persists with this computer.

#3 Caligulove

Caligulove
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:09 AM

Posted 15 January 2017 - 12:21 AM

The issue appears to be resolved. Thank you!

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,243 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:09 AM

Posted 15 January 2017 - 10:26 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users