Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have a virus - do not know which


  • Please log in to reply
10 replies to this topic

#1 coachoflife

coachoflife

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 04 May 2017 - 04:35 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
Ran by owner (administrator) on DELL (04-05-2017 22:31:51)
Running from C:\Users\owner\Downloads
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
() C:\Windows\runSW.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Realtek) C:\Windows\SwUSB.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [atchk] => C:\Program Files (x86)\Intel\AMT\atchk.exe [401408 2009-12-01] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\...\Run: [Google Update] => C:\Users\owner\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\...\MountPoints2: {7ae72d62-26aa-11e7-b499-806e6f6e6963} - D:\Setup.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{BC86470E-0E37-472D-99DB-E1587E0BC040}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3699702372-485332349-1573838822-1000 -> DefaultScope {25099973-B6F6-40BC-AE1A-1A0A33019DC0} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3699702372-485332349-1573838822-1000 -> {25099973-B6F6-40BC-AE1A-1A0A33019DC0} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-01] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-01] (Oracle Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3699702372-485332349-1573838822-1000: @tools.google.com/Google Update;version=3 -> C:\Users\owner\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3699702372-485332349-1573838822-1000: @tools.google.com/Google Update;version=9 -> C:\Users\owner\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default [2017-05-04]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-27]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-04-26]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-27]
CHR Extension: (AdBlock) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-26]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-26]
StartMenuInternet: Google Chrome.Q3VKFN7P45HVXBIT4S4T2RTCG4 - C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atchksrv; C:\Program Files (x86)\Intel\AMT\atchksrv.exe [176128 2009-12-01] (Intel Corporation) [File not signed]
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-06-10] (CyberLink Corp.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-07-01] (Macrovision Europe Ltd.) [File not signed]
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [102400 2009-12-01] (Intel) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 Realtek8723AU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-14] ()
R2 UNS; C:\Program Files (x86)\Intel\AMT\UNS.exe [2519040 2009-12-01] (Intel) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [455168 2007-08-03] (Analog Devices, Inc.) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-05-04] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-05-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-05-04] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-05-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-04] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-05-04] (Malwarebytes)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [84168 2013-03-12] (Cyberlink Corp.)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2350152 2013-05-07] (Realtek Semiconductor Corporation                           )
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-05-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-05-04] (Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-04 22:31 - 2017-05-04 22:32 - 00010765 _____ C:\Users\owner\Downloads\FRST.txt
2017-05-04 22:31 - 2017-05-04 22:31 - 00000000 ____D C:\FRST
2017-05-04 22:30 - 2017-05-04 22:30 - 02428928 _____ (Farbar) C:\Users\owner\Downloads\FRST64.exe
2017-05-04 22:02 - 2017-05-04 22:31 - 00047677 _____ C:\Windows\ZAM.krnl.trace
2017-05-04 22:02 - 2017-05-04 22:31 - 00006476 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-05-04 22:02 - 2017-05-04 22:02 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-05-04 22:02 - 2017-05-04 22:02 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-05-04 22:02 - 2017-05-04 22:02 - 00001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-05-04 22:02 - 2017-05-04 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-05-04 22:02 - 2017-05-04 22:02 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-05-04 22:01 - 2017-05-04 22:01 - 05774688 _____ (Zemana Ltd. ) C:\Users\owner\Downloads\Zemana.AntiMalware.Setup.exe
2017-05-04 22:01 - 2017-05-04 22:01 - 00000000 ____D C:\Users\owner\AppData\Local\Zemana
2017-05-04 19:43 - 2017-05-04 19:43 - 06752896 _____ (ESET spol. s r.o.) C:\Users\owner\Downloads\esetonlinescanner_enu.exe
2017-05-04 19:43 - 2017-05-04 19:43 - 06752896 _____ (ESET spol. s r.o.) C:\Users\owner\Downloads\esetonlinescanner_enu (1).exe
2017-05-04 19:41 - 2017-05-04 19:41 - 00001866 _____ C:\Users\owner\Desktop\JRT.txt
2017-05-04 19:38 - 2017-05-04 19:38 - 04089296 _____ C:\Users\owner\Downloads\AdwCleaner.exe
2017-05-04 19:38 - 2017-05-04 19:38 - 01663672 _____ (Malwarebytes) C:\Users\owner\Downloads\JRT.exe
2017-05-04 19:32 - 2017-05-04 19:33 - 04102600 _____ C:\Users\owner\Downloads\adwcleaner_6.046.exe
2017-05-04 19:26 - 2017-05-04 20:40 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-04 19:26 - 2017-05-04 20:40 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-05-04 19:26 - 2017-05-04 20:40 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-05-04 19:26 - 2017-05-04 20:40 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-05-04 19:26 - 2017-05-04 19:38 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-04 19:26 - 2017-05-04 19:26 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-04 19:26 - 2017-05-04 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-04 19:25 - 2017-05-04 20:39 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-05-04 19:25 - 2017-05-04 19:25 - 57131432 _____ (Malwarebytes ) C:\Users\owner\Downloads\mb3-setup-1878.1878-3.0.6.1469-1075.exe
2017-05-04 19:25 - 2017-05-04 19:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-04 19:25 - 2017-05-04 19:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-04 17:51 - 2017-05-04 17:51 - 00016324 _____ C:\Users\owner\Documents\bank1.html
2017-05-04 17:51 - 2017-05-04 17:51 - 00000000 ____D C:\Users\owner\Documents\bank1_files
2017-05-04 14:32 - 2017-05-04 14:32 - 00062783 _____ C:\Users\owner\Downloads\ipnetinfo.zip
2017-05-04 14:32 - 2017-05-04 14:32 - 00000000 ____D C:\Users\owner\Downloads\ipnetinfo
2017-05-03 19:41 - 2017-05-04 16:24 - 00000022 _____ C:\Users\owner\Downloads\cports-x64.zip
2017-05-03 19:41 - 2017-05-04 02:49 - 00000000 ____D C:\Users\owner\Downloads\cports-x64
2017-05-02 16:46 - 2017-05-02 16:46 - 00000000 ____D C:\Users\owner\AppData\Local\ElevatedDiagnostics
2017-04-30 15:10 - 2017-04-30 15:10 - 00000000 ___DL C:\Users\owner\AppData\LocalLow\PlayReady
2017-04-29 01:15 - 2017-04-29 01:15 - 00005130 _____ C:\Users\owner\Documents\cc_20170429_011532.reg
2017-04-28 16:25 - 2017-04-28 16:25 - 00014438 _____ C:\Users\owner\Documents\cc_20170428_162533.reg
2017-04-28 16:24 - 2017-05-02 11:39 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-28 16:24 - 2017-04-28 16:24 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-28 16:24 - 2017-04-28 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-28 16:24 - 2017-04-28 16:24 - 00000000 ____D C:\Program Files\CCleaner
2017-04-28 16:22 - 2017-04-28 16:22 - 00000000 ____D C:\Windows\pss
2017-04-27 23:53 - 2017-04-27 23:53 - 00000000 ____D C:\Users\owner\AppData\Local\ESET
2017-04-27 23:46 - 2017-05-03 16:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\ZHP
2017-04-27 23:46 - 2017-05-03 16:13 - 00000000 ____D C:\Users\owner\AppData\Local\ZHP
2017-04-27 23:37 - 2017-05-03 16:04 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-04-27 23:37 - 2017-04-27 23:37 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-04-27 23:32 - 2017-05-04 19:36 - 00000000 ____D C:\AdwCleaner
2017-04-27 15:38 - 2017-04-27 15:38 - 00000000 ____D C:\Windows\System32\Tasks\Games
2017-04-26 15:35 - 2016-03-16 19:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-04-26 15:35 - 2016-03-16 19:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2017-04-26 15:35 - 2016-03-16 19:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2017-04-26 15:35 - 2016-02-05 19:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-04-26 15:35 - 2016-02-05 19:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-04-26 15:35 - 2016-02-05 18:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-04-26 15:35 - 2016-02-02 19:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-04-26 15:35 - 2016-01-21 01:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-04-26 15:35 - 2015-06-03 21:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-04-26 15:34 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-04-26 15:34 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-26 15:34 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-26 15:34 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-04-26 15:34 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-26 15:34 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-26 15:34 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-04-26 15:34 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-04-26 15:34 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-26 15:34 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-26 15:34 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-04-26 15:34 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-26 15:34 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-04-26 15:34 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-04-26 15:34 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-04-26 15:34 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-04-26 15:34 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-04-26 15:34 - 2016-07-07 16:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-26 15:34 - 2016-07-07 16:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-04-26 15:34 - 2016-07-07 16:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-04-26 15:34 - 2016-07-07 16:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-04-26 15:34 - 2016-05-12 16:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-26 15:34 - 2016-03-09 20:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-04-26 15:34 - 2016-03-09 19:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-04-26 15:34 - 2016-03-09 19:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-04-26 15:34 - 2016-03-09 19:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2017-04-26 14:59 - 2017-04-26 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-26 14:59 - 2017-04-26 14:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-26 14:59 - 2017-04-26 14:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-26 14:20 - 2017-04-26 14:20 - 00003058 _____ C:\Windows\System32\Tasks\HpWebReg.exe
2017-04-26 14:20 - 2017-04-26 14:20 - 00002236 _____ C:\Users\Public\Desktop\HP Deskjet 3050 J610 series.lnk
2017-04-26 14:20 - 2017-04-26 14:20 - 00001231 _____ C:\Users\Public\Desktop\HP Deskjet 3050 J610 series Scan.lnk
2017-04-26 14:20 - 2017-04-26 14:20 - 00001194 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 3050 J610 series.lnk
2017-04-26 14:20 - 2017-04-26 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-04-26 14:20 - 2010-11-16 21:24 - 00750440 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM9311.dll
2017-04-26 14:19 - 2017-04-26 14:19 - 00000000 ____D C:\ProgramData\HP
2017-04-26 14:19 - 2017-04-26 14:19 - 00000000 ____D C:\Program Files\HP
2017-04-26 14:19 - 2017-04-26 14:19 - 00000000 ____D C:\Program Files (x86)\HP
2017-04-26 14:17 - 2017-04-26 14:21 - 00000000 ____D C:\Users\owner\AppData\Local\HP
2017-04-26 12:33 - 2017-03-27 19:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-26 12:33 - 2017-03-27 18:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-26 12:33 - 2017-03-25 20:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-26 12:33 - 2017-03-25 19:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-26 12:33 - 2017-03-25 19:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-26 12:33 - 2017-03-25 19:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-26 12:33 - 2017-03-25 19:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-26 12:33 - 2017-03-25 19:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-04-26 12:33 - 2017-03-25 19:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-26 12:33 - 2017-03-25 19:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-26 12:33 - 2017-03-25 19:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-04-26 12:33 - 2017-03-25 19:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-04-26 12:33 - 2017-03-25 19:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-04-26 12:33 - 2017-03-25 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-04-26 12:33 - 2017-03-25 19:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-26 12:33 - 2017-03-25 19:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-26 12:33 - 2017-03-25 19:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-26 12:33 - 2017-03-25 18:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-26 12:33 - 2017-03-25 18:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-26 12:33 - 2017-03-25 18:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-26 12:33 - 2017-03-25 18:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-26 12:33 - 2017-03-25 18:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-26 12:33 - 2017-03-25 17:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-26 12:33 - 2017-03-22 16:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-26 12:33 - 2017-03-22 16:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-26 12:33 - 2017-03-22 16:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-26 12:33 - 2017-03-22 16:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-26 12:33 - 2017-03-22 16:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-26 12:33 - 2017-03-22 16:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-26 12:33 - 2017-03-22 16:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-26 12:33 - 2017-03-22 16:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-26 12:33 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-04-26 12:33 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-04-26 12:33 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-04-26 12:33 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-04-26 12:33 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-04-26 12:33 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-04-26 12:33 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-04-26 12:33 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-04-26 12:33 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-04-26 12:33 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-26 12:33 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-04-26 12:33 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-04-26 12:33 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-26 12:33 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-04-26 12:33 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-04-26 12:33 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-04-26 12:32 - 2017-03-25 20:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-26 12:32 - 2017-03-25 20:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-26 12:32 - 2017-03-25 19:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-26 12:32 - 2017-03-25 19:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-26 12:32 - 2017-03-25 19:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-26 12:32 - 2017-03-25 19:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-04-26 12:32 - 2017-03-25 19:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-26 12:32 - 2017-03-25 19:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-04-26 12:32 - 2017-03-25 19:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-26 12:32 - 2017-03-25 19:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-04-26 12:32 - 2017-03-25 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-04-26 12:32 - 2017-03-25 19:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-04-26 12:32 - 2017-03-25 19:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-04-26 12:32 - 2017-03-25 19:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-04-26 12:32 - 2017-03-25 19:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-26 12:32 - 2017-03-25 19:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-26 12:32 - 2017-03-25 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-26 12:32 - 2017-03-25 19:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-26 12:32 - 2017-03-25 19:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-26 12:32 - 2017-03-25 19:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-26 12:32 - 2017-03-25 19:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-26 12:32 - 2017-03-25 19:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-26 12:32 - 2017-03-25 18:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-26 12:32 - 2017-03-25 18:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-26 12:32 - 2017-03-25 18:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-26 12:32 - 2017-03-25 18:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-26 12:32 - 2017-03-25 18:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-26 12:32 - 2017-03-25 18:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-26 12:32 - 2017-03-25 18:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-26 12:32 - 2017-03-25 18:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-26 12:32 - 2017-03-25 18:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-26 12:32 - 2017-03-25 18:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-26 12:32 - 2017-03-25 18:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-26 12:32 - 2017-03-25 18:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-04-26 12:32 - 2017-03-25 18:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-04-26 12:32 - 2017-03-25 18:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-26 12:32 - 2017-03-25 17:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-26 12:32 - 2017-03-25 17:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-26 12:32 - 2017-03-25 17:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-26 12:32 - 2017-03-25 17:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-26 12:32 - 2017-03-25 17:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-04-26 12:32 - 2017-03-25 17:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-26 12:32 - 2017-03-25 17:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-26 12:32 - 2017-03-24 23:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-26 12:32 - 2017-03-24 23:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-26 12:32 - 2017-03-22 16:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-26 12:32 - 2017-03-22 16:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-26 12:32 - 2017-03-22 16:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-26 12:32 - 2017-03-22 16:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-26 12:32 - 2017-03-22 16:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-26 12:32 - 2017-03-22 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-26 12:32 - 2017-03-22 16:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-26 12:32 - 2017-03-22 16:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-26 12:32 - 2017-03-14 16:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-26 12:32 - 2017-03-14 16:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-26 12:32 - 2017-03-14 16:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-26 12:32 - 2017-03-10 17:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-26 12:32 - 2017-03-10 17:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-26 12:32 - 2017-03-10 17:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-26 12:32 - 2017-03-10 17:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-26 12:32 - 2017-03-10 17:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-26 12:32 - 2017-03-10 17:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-26 12:32 - 2017-03-10 17:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-26 12:32 - 2017-03-10 17:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-26 12:32 - 2017-03-10 17:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-26 12:32 - 2017-03-10 17:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-26 12:32 - 2017-03-10 16:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-26 12:32 - 2017-03-08 21:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-26 12:32 - 2017-03-08 21:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-04-26 12:32 - 2017-03-08 05:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-26 12:32 - 2017-03-08 05:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-26 12:32 - 2017-03-08 05:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-04-26 12:32 - 2017-03-08 05:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-26 12:32 - 2017-03-08 05:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-26 12:32 - 2017-03-08 05:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-04-26 12:32 - 2017-03-08 05:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-04-26 12:32 - 2017-03-08 05:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-04-26 12:32 - 2017-03-08 05:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 05:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-26 12:32 - 2017-03-08 05:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-26 12:32 - 2017-03-08 05:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-26 12:32 - 2017-03-08 05:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-26 12:32 - 2017-03-08 05:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-26 12:32 - 2017-03-08 04:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-26 12:32 - 2017-03-08 04:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-04-26 12:32 - 2017-03-08 04:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-26 12:32 - 2017-03-08 04:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-26 12:32 - 2017-03-08 04:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-26 12:32 - 2017-03-08 04:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-26 12:32 - 2017-03-08 04:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-26 12:32 - 2017-03-08 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-04-26 12:32 - 2017-03-08 04:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-04-26 12:32 - 2017-03-08 04:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-04-26 12:32 - 2017-03-08 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-04-26 12:32 - 2017-03-08 04:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-04-26 12:32 - 2017-03-08 04:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 04:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 04:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-26 12:32 - 2017-03-08 04:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-26 12:32 - 2017-03-07 17:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-26 12:32 - 2017-03-07 17:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-26 12:32 - 2017-03-07 15:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-26 12:32 - 2017-03-04 02:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-26 12:32 - 2017-03-04 02:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-26 12:32 - 2017-03-04 02:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-26 12:32 - 2017-03-04 02:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-26 12:32 - 2017-02-14 17:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-26 12:32 - 2017-02-14 17:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-26 12:32 - 2017-02-11 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-26 12:32 - 2017-02-11 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-26 12:32 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-04-26 12:32 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-04-26 12:32 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-04-26 12:32 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-04-26 12:32 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-04-26 12:32 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-04-26 12:32 - 2017-02-09 17:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-26 12:32 - 2017-02-09 17:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-26 12:32 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-04-26 12:32 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-04-26 12:32 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-04-26 12:32 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-04-26 12:32 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-04-26 12:32 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-26 12:32 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-04-26 12:32 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-04-26 12:32 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-04-26 12:32 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-26 12:32 - 2017-01-18 16:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-26 12:32 - 2017-01-18 16:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-26 12:32 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-26 12:32 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-04-26 12:32 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-26 12:32 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-04-26 12:32 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-04-26 12:32 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-04-26 12:32 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-04-26 12:32 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-04-26 12:32 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-04-26 12:32 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2017-04-26 12:32 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-26 12:32 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-04-26 12:32 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-04-26 12:32 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-04-26 12:32 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-04-26 12:32 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-04-26 12:32 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-04-26 12:32 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-04-26 12:32 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-04-26 12:32 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2017-04-26 12:32 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-04-26 12:32 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-04-26 12:32 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2017-04-26 12:32 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2017-04-26 12:32 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-04-26 12:32 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2017-04-26 12:32 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2017-04-26 12:32 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2017-04-26 12:32 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-04-26 12:32 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2017-04-26 12:32 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-04-26 12:32 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2017-04-26 12:32 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2017-04-26 12:32 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-04-26 12:32 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2017-04-26 12:32 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-04-26 12:32 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2017-04-26 12:32 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2017-04-26 12:32 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-04-26 12:32 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2017-04-26 12:32 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2017-04-26 12:32 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2017-04-26 12:32 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-04-26 12:32 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-04-26 12:32 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-04-26 12:32 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-26 12:32 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2017-04-26 12:32 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-26 12:32 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-04-26 12:32 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-04-26 12:32 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-04-26 12:32 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-04-26 12:32 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-04-26 12:32 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-04-26 12:32 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-04-26 12:32 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-04-26 12:32 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-04-26 12:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-04-26 12:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2017-04-26 12:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-04-26 12:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2017-04-26 12:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-04-26 12:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2017-04-26 12:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-04-26 12:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-04-26 12:32 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-04-26 12:32 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-04-26 12:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-04-26 12:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-04-26 12:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-04-26 12:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-04-26 12:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-04-26 12:32 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-04-26 12:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-04-26 12:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-04-26 12:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-04-26 12:32 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2017-04-26 12:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-04-26 12:32 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-04-26 12:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-04-26 12:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-04-26 12:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-04-26 12:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2017-04-26 12:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-04-26 12:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-04-26 12:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-04-26 12:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2017-04-26 12:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2017-04-26 12:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-04-26 12:32 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-04-26 12:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-04-26 12:32 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-04-26 12:32 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-04-26 12:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-04-26 12:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-04-26 12:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-04-26 12:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-04-26 12:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-04-26 12:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-04-26 12:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-04-26 12:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-04-26 12:32 - 2016-05-12 14:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-04-26 12:32 - 2016-05-12 14:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-04-26 12:32 - 2016-05-11 18:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-04-26 12:32 - 2016-05-11 16:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-04-26 12:32 - 2016-04-14 14:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2017-04-26 12:32 - 2016-04-14 14:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-04-26 12:32 - 2016-03-23 23:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-26 12:32 - 2016-03-23 23:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-26 12:32 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-04-26 12:32 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-04-26 12:32 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-04-26 12:32 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2017-04-26 12:32 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-04-26 12:31 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-04-26 12:31 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-04-26 12:31 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-04-26 12:31 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-04-26 12:31 - 2016-05-12 18:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2017-04-26 12:31 - 2016-05-12 16:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2017-04-26 12:31 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2017-04-26 12:31 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2017-04-26 12:31 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2017-04-26 12:31 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2017-04-26 12:31 - 2016-05-12 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2017-04-26 12:31 - 2016-05-12 15:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2017-04-26 12:31 - 2016-05-12 15:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2017-04-26 12:31 - 2016-05-11 18:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-04-26 12:31 - 2016-05-11 18:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-04-26 12:31 - 2016-05-11 18:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-04-26 12:31 - 2016-05-11 16:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-04-26 12:31 - 2016-05-11 16:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2017-04-26 12:31 - 2016-05-11 16:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2017-04-26 12:31 - 2016-05-11 16:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-04-26 12:31 - 2016-05-11 16:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-04-26 12:31 - 2016-05-11 15:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-04-26 12:31 - 2016-04-09 05:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-26 12:31 - 2016-04-09 04:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-05-04 22:02 - 2014-07-01 11:27 - 00000000 ____D C:\Users\owner
2017-05-04 19:45 - 2009-07-14 05:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-04 19:45 - 2009-07-14 05:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-04 19:42 - 2009-07-14 06:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-04 19:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-05-04 19:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-04 19:23 - 2014-07-01 20:15 - 00000000 ____D C:\Windows\Panther
2017-05-02 22:11 - 2014-07-01 12:14 - 00002350 _____ C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-02 22:11 - 2014-07-01 12:14 - 00002342 _____ C:\Users\owner\Desktop\Google Chrome.lnk
2017-04-30 16:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-04-29 21:49 - 2014-07-01 12:17 - 00000000 ____D C:\Users\Public\CyberLink
2017-04-28 21:03 - 2016-02-24 11:57 - 00003506 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699702372-485332349-1573838822-1000UA
2017-04-28 21:03 - 2016-02-24 11:56 - 00003234 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699702372-485332349-1573838822-1000Core
2017-04-27 11:35 - 2016-02-24 23:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-04-27 11:35 - 2016-02-24 23:08 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-26 15:43 - 2009-07-14 05:45 - 00267272 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-26 15:41 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-04-26 15:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-04-26 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2017-04-26 15:36 - 2016-02-22 23:19 - 00000000 ____D C:\Windows\system32\MRT
2017-04-26 15:35 - 2016-02-22 23:19 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-26 15:30 - 2016-02-24 22:42 - 00765280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-26 13:04 - 2014-07-01 12:14 - 00000000 ____D C:\Users\owner\AppData\Local\Google
2017-04-21 16:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2017-04-21 16:57 - 2014-07-01 12:21 - 00060416 _____ C:\Users\owner\AppData\Local\GDIPFONTCACHEV1.DAT
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-05-03 18:29
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
Ran by owner (04-05-2017 22:32:32)
Running from C:\Users\owner\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-07-01 10:27:37)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3699702372-485332349-1573838822-500 - Administrator - Disabled)
Guest (S-1-5-21-3699702372-485332349-1573838822-501 - Limited - Disabled)
owner (S-1-5-21-3699702372-485332349-1573838822-1000 - Administrator - Enabled) => C:\Users\owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3007 - CyberLink Corp.)
Google Chrome (HKU\S-1-5-21-3699702372-485332349-1573838822-1000\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{7D220A57-969F-4D09-9297-D48195A8ABDD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.3 - Ralink)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0219 - REALTEK Semiconductor Corp.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.5491 - Analog Devices)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3699702372-485332349-1573838822-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3699702372-485332349-1573838822-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\owner\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1E7FB706-097C-4AF2-A747-ADBC03934A80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699702372-485332349-1573838822-1000UA => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-24] (Google Inc.)
Task: {4D3E658F-E7BE-496C-B8BA-BF83D88193F5} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3699702372-485332349-1573838822-1000
Task: {616C6F78-45A8-4063-B479-AC7189AB7BEE} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {65F6707D-69AC-4449-BDF4-23AACFBF1E07} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3699702372-485332349-1573838822-1000Core => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-24] (Google Inc.)
Task: {DB49B562-764C-48E9-BC45-EB4B833B0C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-02 12:02 - 2013-05-14 14:24 - 00044104 _____ () C:\Windows\runSW.exe
2017-05-04 19:25 - 2017-05-04 20:39 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-04 19:25 - 2017-05-04 20:39 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-03 01:32 - 2017-03-31 11:50 - 31113816 _____ () C:\Users\owner\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.148\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3699702372-485332349-1573838822-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6209F7F7-D0BF-4BCC-ADEC-A01AC592AD58}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3353A17B-AC42-47F6-9E98-810342E2019D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{8BEAAC68-CBC9-441A-BAA1-7A1AA5C4109A}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{7D957ECB-D847-4B1E-984D-4264C7AFFE2A}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{24AF232C-6358-497D-A1D2-F21F0533F2F6}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{EF06F4C4-2A76-4D14-B074-91BC5C1610E7}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{0AC614F6-AD73-4A45-AF0B-527D8752B0DF}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{F7F69C79-FA67-4458-A68A-462C6A0BEE0B}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{93AA650C-6B75-404B-A066-F0D6481BE612}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe
FirewallRules: [{9B7CDB9A-0B69-4135-9247-47756D9AD9A6}] => (Allow) LPort=1542
FirewallRules: [{B945914C-A8CB-4EA4-960B-F173261C6527}] => (Allow) LPort=1542
FirewallRules: [{7EAC5366-8E2F-4678-9AEE-0FC4A91D9E74}] => (Allow) LPort=53
FirewallRules: [{001D4A51-E357-46EA-BA58-64D729D4197A}] => (Allow) LPort=67
FirewallRules: [{6F3E2358-D203-45F3-9C86-6AB7D5EEB87F}] => (Allow) LPort=68
FirewallRules: [{D77ADC31-AAEE-48FB-A36D-CD74DE4E531D}] => (Allow) LPort=53
FirewallRules: [{F0B941C0-1D8A-4A50-9C97-6C2C551E0885}] => (Allow) LPort=53
FirewallRules: [{9D6D8D1A-DD10-463D-B063-90B737FBFFAC}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{5BF9F67A-E721-4ED1-9B11-38168D935275}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{72F172D3-EB95-436A-8BFA-2417D1461BBB}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{3405411C-7CC6-4A93-96E7-CDB43EC9828F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B34840EA-009C-415C-9F2B-FF498D14C725}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
 
==================== Restore Points =========================
 
29-04-2017 22:13:32 JRT Pre-Junkware Removal
29-04-2017 22:40:57 Windows Modules Installer
29-04-2017 22:41:56 Windows Modules Installer
29-04-2017 22:42:37 Windows Modules Installer
02-05-2017 11:35:25 Windows Update
02-05-2017 19:01:28 JRT Pre-Junkware Removal
03-05-2017 16:01:57 JRT Pre-Junkware Removal
04-05-2017 16:19:55 Windows Modules Installer
04-05-2017 19:39:17 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/04/2017 07:38:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/04/2017 01:26:46 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1928) An attempt to open the file "C:\Users\owner\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (05/04/2017 01:23:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/03/2017 07:27:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/03/2017 05:20:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/03/2017 01:20:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/02/2017 04:56:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/02/2017 11:33:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/01/2017 01:34:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (04/30/2017 11:17:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (05/04/2017 07:48:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/04/2017 07:48:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\owner\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/04/2017 07:48:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/04/2017 07:48:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\owner\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/04/2017 07:48:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/04/2017 07:48:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\owner\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/04/2017 07:48:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/04/2017 07:48:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\owner\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/04/2017 07:48:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (05/04/2017 07:48:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\owner\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
CodeIntegrity:
===================================
  Date: 2014-07-01 11:41:48.017
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\owner\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-01 11:41:48.001
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\owner\AppData\Roaming\DellInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 68%
Total physical RAM: 3956.61 MB
Available physical RAM: 1253.35 MB
Total Virtual: 7911.41 MB
Available Virtual: 5006.18 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.55 GB) (Free:195.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 93A303EA)
Partition 1: (Active) - (Size=283 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.6 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by Chris Cosgrove, 04 May 2017 - 04:48 PM.
Duplicate of this topic deleted.


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:50 AM

Posted 07 May 2017 - 08:59 AM

hi,

 

The log looks ok as far as malware goes. Dont see anything that looks out of order anyway.

 

You said you think you have a virus? Are a updated Windows Defender, MBAM and Zemana coming up clean after a scan?

 

Usually online only once or twice per day so you may not get a reply back from me until the following day.


How Can I Reduce My Risk to Malware?


#3 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 07 May 2017 - 09:20 AM

Scans from these coming up with no malware.  Getting a message saying Zemana failed to start when I boot up my computer.



#4 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:50 AM

Posted 07 May 2017 - 12:58 PM

 

Scans from these coming up with no malware.

Thats good. For the "failed to start" you could try this;

 

Click on the start Orb and in the search field type in services.msc

 

This will open up Windows service panel.

Under the name column look for ZAMSvc

 

Right click on it and select properties. Next to Startup type make sure it says Automatic. If it dosnt you can change it in the drop down menu

Under service status you can click on Start unless its already started.

Click apply then OK if you make any changes and reboot machine

See if that helps.

 


How Can I Reduce My Risk to Malware?


#5 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 07 May 2017 - 03:58 PM

It is already under automatic.  I assume I have been hacked which is why I have had problems with 6 computers over 2 years.  The latest problem is to send my computers into a loop if I try to help myself by going back to factory settings.  This has failed and left 4 computers in the last 6 months in a loop.  I have 1 computer with someone trying to help which I had used for 4 days.



#6 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:50 AM

Posted 07 May 2017 - 06:49 PM

Based on the logs theres no hacking/malware going on. You have antivirus and two antimalware apps that come up clean after a scan. Computers can have plenty of other annoying problems that arent caused by hacking or malware.

 

For Zemana you might try uninstalling, reboot then reinstall it. May be a bit extreme. not sure if they have a support forum but you might poke around there for a solution.

 

 

send my computers into a loop if I try to help myself by going back to factory settings

If you havent you should check out the computer vendors support site. Most of the big name machines have very good troubleshooting guides/ diagnostics etc. Iam sure you would find answers on how to repair a machine thats stuck in a loop.


How Can I Reduce My Risk to Malware?


#7 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 08 May 2017 - 11:50 AM

The main reason for posting this was not being able to use my debit card online and as it turns out the bank told me it was not them generating a message each time it was declined but this turns out not to be true as fraudulent activity was attempted on my account.  Everything else looks okay for now except the message about needing log-on details to start up my computer after switching it on.



#8 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:50 AM

Posted 10 May 2017 - 06:44 PM

Sorry for the delay. You mean like a username password combo at startup. Do you provide one to log on?


How Can I Reduce My Risk to Malware?


#9 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 10 May 2017 - 08:00 PM

No it is the router starting up and a message saying additional log-on information required to continue and it then takes me to my browser when opened up.  Nothing is required as my computer starts up anyway.  Have had this before but an actual pop up.  When I first got the router this would come up before setting it up and then it would not appear again.  Then after a while a pop up would appear with this message but computer would load up fine.  I have new problems.  A few of the things I watch online refused to play and then the google browser put up a new list of things which I had previously on another computer but never saved which does allow me to watch these things now.  Watching one of the things it gives me a blurry look most of the time and for about 20-30 seconds it looks fine then back to blurry again.  I tried to go back via restore point but this failed.



#10 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:03:50 AM

Posted 12 May 2017 - 05:41 PM

 

additional log-on information required to continue

See if this thread helps any:

 

https://www.sevenforums.com/network-sharing/42785-additional-log-may-required-warning.html

 

 

I watch online refused to play

You tried playing them in a different browser other than chrome?


How Can I Reduce My Risk to Malware?


#11 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 13 May 2017 - 12:50 AM

Yes and no.  Yes at other times and it worked fine , as it did in chrome, but no not at this time.  It was two separate problems the first one was an error message that came up saying two reasons it would not play and after trying, and failing with restore point, the picture was not good.  Things are better now but not perfect so not much of a problem.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users