Jump to content

VFN

Honorary Members
  • Posts

    26
  • Joined

  • Last visited

Reputation

0 Neutral
  1. If it were my laptop those programs wouldn't be on it. (My PC has Avast! and I scan with Malwarebytes weekly.) But it's not mine and I'm not comfortable advising their removal as the user is comfortable with what he has. (His friend who knows a thing or two about computers-I've seen this guy in action--recommended them and has them on his own PC--not that I'm refuting what you claim because I really don't know enough about them.) This laptop is also only a few months old and is functioning well so I'm not going to go further with this process. In fact, its owner is so clueless when it comes to the internet that cleaning anything minor now is a fool's errand as it's only a short matter of time before stuff gets on his computer again. So what should I do with the quarantined items, most specifically the rogue.multiple and trojan.agent as those two were the only items classified as malware by Malwarebytes? I want to truly thank you for your time and responsiveness. It's rare that someone shows such care and attention on a forum. If I run into a problem with my own PC I'll be looking for you. VFN
  2. I'm actually helping a relative with this computer so I'm not sure I should remove Advanced Systemcare 7. Second, are you directing me to perform these other procedures because I'm infected or because you want to scan more thoroughly?
  3. Addition.txtMalwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/21/2014Scan Time: 5:21:29 PMLogfile: Administrator: Yes Version: 2.00.3.1025Malware Database: v2014.10.21.11Rootkit Database: v2014.10.20.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Allan Scan Type: Threat ScanResult: CompletedObjects Scanned: 302398Time Elapsed: 15 min, 34 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 36PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa.4.61, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa.4.61, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}\INPROCSERVER32, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt.8.1, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt.8.1, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}\INPROCSERVER32, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c98e8295314b24122d1595123bc79769], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c98e8295314b24122d1595123bc79769], PUP.Optional.SweetIM.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, Quarantined, [bd9aad6a601c0f27091a8c1d58aa42be], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{01B91C29-337A-1FFD-7CFC-473451D2F861}, Quarantined, [5ef95eb9ee8e1125c92bb307be434db3], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}, Quarantined, [5205d83fb4c8ac8ad51fe4d644bd649c], PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}, Quarantined, [e0771dfa6e0e5bdb07c63ff1a06334cc], PUP.Optional.MultiIE.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [bf980e092953053106a2c9bf59ab7c84], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [114658bfaece6ec8bdbf2908f211e020], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Registry Values: 1PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, Quarantined, [b6a150c7483448ee51fea5d721e3cf31] Registry Data: 1PUP.Optional.FindWide, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, Good: (www.google.com), Bad: (http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search),Replaced,[a0b764b33745171f5de6be6a29dc629e] Folders: 5Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [72e57b9ce9932e08df9fb42b6f93b44c], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Files: 14Trojan.Agent, C:\ProgramData\Performance Optimizer\PERFORMANCEOPTIMIZER.DLL, Delete-on-Reboot, [54031106ec90f244800de734cf366898], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\OUA.X64.DLL, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.dll, Quarantined, [b3a460b7017bd660d51e7c3e18e9a060], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\CVSMM.X64.DLL, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.dll, Quarantined, [0a4d30e73646181eab4852685ca59e62], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.exe, Quarantined, [5ef95eb9ee8e1125c92bb307be434db3], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.exe, Quarantined, [5205d83fb4c8ac8ad51fe4d644bd649c], PUP.Optional.Proxy.A, C:\Users\Allan\AppData\Local\proxy.log, Quarantined, [4215c354c4b8a59130471a0e9e650bf5], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport64.dll, Quarantined, [32251ef9f7854ee8da239f513bc78b75], Physical Sectors: 0(No malicious items detected) (end) (FRST.txt) (x64) Version: 21-10-2014Ran by Allan (administrator) on OFFICEPC on 21-10-2014 17:47:41Running from C:\Users\Allan\DesktopLoaded Profile: Allan (Available profiles: Allan)Platform: Windows 8.1 Connected (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-3513599277-296145143-110265111-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)AppInit_DLLs: C:\PROGRA~3\Performance Optimizer\PerformanceOptimizer_x64.dll => C:\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll [4303360 2014-09-24] ()AppInit_DLLs-x32: c:\progra~3\performance optimizer\performanceoptimizer.dll => "c:\progra~3\performance optimizer\performanceoptimizer.dll" File Not FoundStartup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnkShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJBSearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKCU - {18E7AD89-69B9-45E9-9395-4A6ABCB797C8} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10887SearchScopes: HKCU - {3E32A54C-5C24-4EB2-97A0-855A502D1856} URL = http://search.findwide.com/serp?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=default_search&k={searchTerms}BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKCU - No Name - {7909531A-9D66-4361-BD71-3E34B6FBDECE} - No FileTcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR HomePage: Default -> https://mail.aol.com/38798-516/aol-6/en-us/suite.aspxCHR StartupUrls: Default -> "hxxp://aol.com/"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Allan\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-20]CHR Extension: (Google Docs) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-20]CHR Extension: (Google Drive) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-20]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-20]CHR Extension: (YouTube) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-20]CHR Extension: (Adblock Plus) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-21]CHR Extension: (Google Search) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-20]CHR Extension: (Google Sheets) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-20]CHR Extension: (Google Wallet) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-20]CHR Extension: (Gmail) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-20] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 892cc6a3; c:\ProgramData\performance optimizer\performanceoptimizerSvc.dll [186192 2014-09-24] () [File not signed]R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-27] (WildTangent)R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-06] (Microsoft Corporation)S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-06] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-06] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-06] (Microsoft Corporation)U0 msahci; system32\drivers\msahci.sys ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-21 17:47 - 2014-10-21 17:48 - 00012689 _____ () C:\Users\Allan\Desktop\FRST.txt2014-10-21 17:47 - 2014-10-21 17:47 - 00000000 ____D () C:\FRST2014-10-21 17:46 - 2014-10-21 17:46 - 02110976 _____ (Farbar) C:\Users\Allan\Desktop\FRST64.exe2014-10-21 17:38 - 2014-10-21 17:38 - 00004672 _____ () C:\Windows\PFRO.log2014-10-21 00:45 - 2014-10-21 00:58 - 00025026 _____ () C:\Users\Allan\Desktop\log.xml2014-10-21 00:11 - 2014-10-21 17:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-10-21 00:10 - 2014-10-21 00:10 - 00001132 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-10-21 00:10 - 2014-10-21 00:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-10-21 00:10 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-10-21 00:10 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-10-21 00:10 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-10-20 23:51 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Sun2014-10-20 23:51 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-10-20 23:51 - 2014-10-20 23:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-10-20 23:50 - 2014-10-20 23:51 - 00000000 ____D () C:\ProgramData\Oracle2014-10-20 23:50 - 2014-10-20 23:50 - 00000000 ____D () C:\Program Files (x86)\Java2014-10-20 23:21 - 2014-10-21 17:39 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-10-20 23:21 - 2014-10-21 17:26 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-10-20 23:21 - 2014-10-20 23:21 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-10-20 23:21 - 2014-10-20 23:21 - 00003650 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-10-20 23:21 - 2014-10-20 23:21 - 00002279 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-10-20 23:21 - 2014-10-20 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-10-20 22:49 - 2014-10-20 22:49 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-10-20 22:49 - 2014-10-20 22:49 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-10-20 22:49 - 2014-10-20 22:49 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll2014-10-20 22:49 - 2014-10-20 22:49 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll2014-10-20 22:49 - 2014-10-20 22:49 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-10-20 22:49 - 2014-10-20 22:49 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll2014-10-20 22:49 - 2014-10-20 22:49 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-10-20 22:49 - 2014-10-20 22:49 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll2014-10-20 22:49 - 2014-10-20 22:49 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll2014-10-20 22:49 - 2014-10-20 22:49 - 01420288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-10-20 22:49 - 2014-10-20 22:49 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00561416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-10-20 22:49 - 2014-10-20 22:49 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml2014-10-20 22:49 - 2014-10-20 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll2014-10-20 22:49 - 2014-10-20 22:49 - 00236864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-10-20 22:49 - 2014-10-20 22:49 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS2014-10-20 22:46 - 2014-10-20 22:46 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-10-20 22:46 - 2014-10-20 22:46 - 02779648 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00921600 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll2014-10-20 22:46 - 2014-10-20 22:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll2014-10-20 21:48 - 2014-10-20 21:54 - 00000005 _____ () C:\end2014-10-20 21:48 - 2014-10-20 21:48 - 00000000 ____D () C:\Program Files\CouponArific2014-10-20 21:27 - 2014-10-20 21:27 - 00078848 _____ () C:\Users\Allan\Downloads\2014_ROUNDS_Jim.xls2014-10-20 21:26 - 2014-10-20 21:26 - 00032768 _____ () C:\Users\Allan\Downloads\Membership_Log_YrA.xls2014-10-20 20:57 - 2014-10-20 20:58 - 00000000 ____D () C:\Users\Allan\AppData\Local\Google2014-10-20 20:57 - 2014-10-20 20:58 - 00000000 ____D () C:\Program Files (x86)\Google2014-10-20 20:56 - 2014-10-20 23:20 - 00000000 ____D () C:\Users\Allan\AppData\Local\Deployment2014-10-20 20:56 - 2014-10-20 23:20 - 00000000 ____D () C:\Users\Allan\AppData\Local\Apps\2.02014-10-20 16:11 - 2014-10-20 16:11 - 66973696 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00237568 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak2014-10-20 16:11 - 2014-10-20 16:11 - 00000000 _____ () C:\asc_rdflag2014-10-19 17:58 - 2014-02-17 13:41 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe2014-10-19 17:55 - 2014-10-19 17:55 - 66973696 _____ () C:\Windows\system32\config\SOFTWARE.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00237568 _____ () C:\Windows\system32\config\DEFAULT.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00028672 _____ () C:\Windows\system32\config\SAM.iobit2014-10-19 17:55 - 2014-10-19 17:55 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit2014-10-19 17:26 - 2014-09-29 18:45 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-10-19 17:26 - 2014-09-29 18:45 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-10-17 15:12 - 2014-10-17 15:12 - 00000000 ____D () C:\ProgramData\LowPricesApp2014-10-16 10:20 - 2014-10-21 17:37 - 00000000 ____D () C:\ProgramData\surfukeepIt2014-10-16 10:11 - 2014-08-16 00:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll2014-10-16 10:11 - 2014-08-16 00:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2014-10-16 10:11 - 2014-08-15 23:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-10-16 10:11 - 2014-08-15 23:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll2014-10-16 10:11 - 2014-08-15 23:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2014-10-16 10:11 - 2014-08-15 21:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-10-16 10:11 - 2014-08-15 21:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll2014-10-16 10:11 - 2014-08-15 20:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll2014-10-16 10:11 - 2014-08-15 20:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll2014-10-16 10:11 - 2014-08-15 20:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll2014-10-16 10:11 - 2014-08-15 20:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll2014-10-16 10:11 - 2014-08-15 20:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll2014-10-16 10:11 - 2014-08-15 20:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll2014-10-16 10:11 - 2014-08-15 20:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll2014-10-16 10:11 - 2014-08-15 20:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll2014-10-16 10:11 - 2014-08-15 20:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-10-16 10:11 - 2014-08-15 20:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll2014-10-16 10:11 - 2014-08-15 20:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll2014-10-16 10:11 - 2014-08-15 20:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll2014-10-16 10:11 - 2014-08-15 20:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-10-16 10:11 - 2014-08-15 20:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll2014-10-16 10:11 - 2014-08-15 20:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll2014-10-16 10:11 - 2014-08-15 20:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll2014-10-16 10:11 - 2014-08-15 20:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2014-10-16 10:11 - 2014-08-15 20:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll2014-10-16 10:11 - 2014-08-15 20:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll2014-10-16 10:11 - 2014-08-15 20:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll2014-10-16 10:11 - 2014-08-15 20:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe2014-10-16 10:11 - 2014-08-15 20:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2014-10-16 10:11 - 2014-08-15 20:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll2014-10-16 10:10 - 2014-09-27 18:25 - 04183040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-10-16 10:09 - 2014-09-07 23:15 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2014-10-16 10:09 - 2014-09-07 21:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2014-10-16 10:09 - 2014-09-07 21:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2014-10-16 10:09 - 2014-09-07 20:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2014-10-16 10:09 - 2014-09-07 20:07 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2014-10-16 10:09 - 2014-09-07 20:05 - 03448320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2014-10-16 10:09 - 2014-09-07 20:04 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll2014-10-16 10:09 - 2014-09-07 20:04 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2014-10-16 10:09 - 2014-09-07 20:03 - 01702400 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2014-10-16 10:09 - 2014-09-07 20:03 - 00839680 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2014-10-16 10:09 - 2014-09-07 19:59 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2014-10-16 10:09 - 2014-09-07 19:59 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2014-10-16 10:09 - 2014-09-07 19:56 - 00672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2014-10-16 10:09 - 2014-09-07 19:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2014-10-16 10:08 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-10-16 10:08 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-10-16 10:07 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-10-16 10:07 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-10-16 10:07 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-10-16 10:07 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-10-16 10:07 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-10-16 10:07 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-10-16 10:07 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-10-16 10:07 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-10-16 10:07 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-10-16 10:07 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-10-16 10:07 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-10-16 10:07 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-10-16 10:07 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-10-16 10:07 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-10-16 10:07 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-10-16 10:07 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-10-16 10:07 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-10-16 10:07 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-10-16 10:07 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-10-16 10:07 - 2014-09-18 20:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-10-16 10:07 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-10-16 10:07 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-10-16 10:07 - 2014-09-18 20:20 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-10-16 10:07 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-10-16 10:07 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-10-16 10:07 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-10-16 10:07 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-10-16 10:07 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-10-16 10:07 - 2014-09-13 02:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-10-16 10:07 - 2014-09-13 01:49 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-10-16 10:07 - 2014-08-28 21:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll2014-10-16 10:07 - 2014-08-28 19:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2014-10-16 10:07 - 2014-08-28 19:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2014-10-16 10:06 - 2014-09-03 20:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll2014-10-16 10:06 - 2014-09-03 20:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll2014-10-07 11:17 - 2014-10-07 11:17 - 00002487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2014-09-28 13:18 - 2014-10-21 17:37 - 00000000 ____D () C:\ProgramData\APptaoiU2014-09-28 13:18 - 2014-10-16 10:20 - 00000000 ____D () C:\ProgramData\3b90f368c5ba7f552014-09-24 21:20 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll2014-09-24 21:20 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll2014-09-24 21:20 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll2014-09-24 21:20 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll2014-09-24 21:20 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-09-24 21:19 - 2014-07-24 11:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2014-09-24 21:19 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll2014-09-24 21:19 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2014-09-24 21:19 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2014-09-24 21:19 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll2014-09-24 21:19 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll2014-09-24 21:19 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2014-09-24 21:19 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll2014-09-24 21:19 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll2014-09-24 21:19 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll2014-09-24 21:19 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys2014-09-24 21:19 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys2014-09-24 21:19 - 2014-07-24 07:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys2014-09-24 21:19 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll2014-09-24 21:19 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll2014-09-24 21:19 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll2014-09-24 21:19 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll2014-09-24 21:19 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll2014-09-24 21:19 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll2014-09-24 21:19 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll2014-09-24 21:19 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll2014-09-24 21:19 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll2014-09-24 21:19 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll2014-09-24 21:19 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll2014-09-24 21:19 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe2014-09-24 21:19 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll2014-09-24 21:19 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv2014-09-24 21:19 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll2014-09-24 21:19 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll2014-09-24 21:19 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll2014-09-24 21:19 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll2014-09-24 21:19 - 2014-07-24 00:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls2014-09-24 21:19 - 2014-07-24 00:11 - 00513544 _____ () C:\Windows\system32\locale.nls2014-09-24 21:19 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll2014-09-24 21:19 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll2014-09-24 21:19 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-09-24 21:19 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll2014-09-24 21:19 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll2014-09-24 21:19 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll2014-09-24 21:18 - 2014-07-24 11:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS2014-09-24 21:18 - 2014-07-24 11:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2014-09-24 21:18 - 2014-07-24 11:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys2014-09-24 21:18 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll2014-09-24 21:18 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll2014-09-24 21:18 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe2014-09-24 21:18 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2014-09-24 21:18 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2014-09-24 21:18 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2014-09-24 21:18 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe2014-09-24 21:18 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll2014-09-24 21:18 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2014-09-24 21:18 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll2014-09-24 21:18 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys2014-09-24 21:18 - 2014-07-24 07:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys2014-09-24 21:18 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys2014-09-24 21:18 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys2014-09-24 21:18 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys2014-09-24 21:18 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll2014-09-24 21:18 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll2014-09-24 21:18 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll2014-09-24 21:18 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-09-24 21:18 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll2014-09-24 21:18 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll2014-09-24 21:18 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll2014-09-24 21:18 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll2014-09-24 21:18 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2014-09-24 21:18 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll2014-09-24 21:18 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll2014-09-24 21:18 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll2014-09-24 21:18 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll2014-09-24 21:18 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll2014-09-24 21:18 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv2014-09-24 21:18 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll2014-09-24 21:18 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll2014-09-24 21:18 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll2014-09-24 21:18 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll2014-09-24 21:18 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll2014-09-24 21:18 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-09-24 21:18 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll2014-09-24 21:18 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll2014-09-24 21:18 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys2014-09-24 21:18 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll2014-09-24 21:18 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll2014-09-24 21:18 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys2014-09-24 21:18 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2014-09-24 21:18 - 2014-06-18 22:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys2014-09-24 21:18 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys2014-09-24 21:18 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll2014-09-24 21:18 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll2014-09-24 21:18 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll2014-09-24 21:18 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll2014-09-24 21:18 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll2014-09-24 21:18 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll2014-09-24 21:18 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll2014-09-24 21:18 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll2014-09-24 21:17 - 2014-07-24 11:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys2014-09-24 21:17 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe2014-09-24 21:17 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll2014-09-24 21:17 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe2014-09-24 21:17 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll2014-09-24 21:17 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2014-09-24 21:17 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll2014-09-24 21:17 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll2014-09-24 21:17 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2014-09-24 21:17 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll2014-09-24 21:17 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll2014-09-24 21:17 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll2014-09-24 21:17 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll2014-09-24 21:17 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll2014-09-24 21:17 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll2014-09-24 21:17 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll2014-09-24 21:17 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll2014-09-24 21:17 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll2014-09-24 21:17 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll2014-09-24 21:17 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll2014-09-24 21:17 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll2014-09-24 21:17 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll2014-09-24 21:17 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll2014-09-24 21:17 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll2014-09-24 21:17 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll2014-09-24 21:17 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll2014-09-24 21:17 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll2014-09-24 21:17 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll2014-09-24 21:17 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll2014-09-24 21:17 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll2014-09-24 21:17 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll2014-09-24 21:17 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll2014-09-24 21:16 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL2014-09-24 21:16 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL2014-09-24 21:16 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2014-09-24 21:16 - 2014-07-24 07:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys2014-09-24 21:16 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL2014-09-24 21:16 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL2014-09-24 21:16 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL2014-09-24 21:16 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2014-09-24 21:16 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl2014-09-24 21:16 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl2014-09-24 21:16 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll2014-09-24 21:16 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-09-24 21:16 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll2014-09-24 21:16 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll2014-09-24 21:16 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll2014-09-24 21:16 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll2014-09-24 21:16 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll2014-09-24 21:16 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll2014-09-24 21:16 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe2014-09-24 21:16 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll2014-09-24 21:16 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll2014-09-24 21:16 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll2014-09-24 21:16 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll2014-09-24 21:16 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll2014-09-24 21:16 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll2014-09-24 21:16 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll2014-09-24 21:16 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll2014-09-24 21:16 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll2014-09-24 21:16 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll2014-09-24 21:16 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll2014-09-24 21:16 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll2014-09-24 21:16 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll2014-09-24 21:16 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll2014-09-24 21:16 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll2014-09-24 21:09 - 2014-10-21 17:38 - 00000000 ____D () C:\ProgramData\Performance Optimizer2014-09-21 14:04 - 2014-10-20 22:30 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-09-21 13:53 - 2014-10-21 01:33 - 00000000 ____D () C:\Windows\system32\MRT2014-09-21 13:53 - 2014-10-21 01:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-09-21 12:45 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe2014-09-21 12:45 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe2014-09-21 12:45 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll2014-09-21 12:45 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll2014-09-21 12:45 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll2014-09-21 12:45 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll2014-09-21 12:45 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll2014-09-21 12:45 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys2014-09-21 12:45 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll2014-09-21 12:45 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-21 17:40 - 2014-09-03 12:27 - 00000074 _____ () C:\Users\Allan\AppData\Roaming\sp_data.sys2014-10-21 17:39 - 2014-09-03 12:30 - 00000000 ___DO () C:\Users\Allan\OneDrive2014-10-21 17:38 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP2014-10-21 17:38 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-10-21 17:37 - 2014-09-06 12:00 - 00000260 _____ () C:\Windows\Tasks\ASC7_SkipUac_Allan.job2014-10-21 17:37 - 2014-05-02 18:21 - 01599971 _____ () C:\Windows\WindowsUpdate.log2014-10-21 17:37 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2014-10-21 17:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru2014-10-21 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache2014-10-21 15:43 - 2014-09-03 12:31 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3513599277-296145143-110265111-10012014-10-21 15:35 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness2014-10-21 15:26 - 2014-09-03 12:35 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A1B232CD-DBBC-42B5-8FB8-AB0B5F5A001F}2014-10-21 01:37 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager2014-10-20 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera2014-10-20 22:50 - 2014-09-06 12:00 - 00002223 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk2014-10-20 22:37 - 2014-09-03 12:25 - 00000000 ____D () C:\Users\Allan2014-10-20 22:30 - 2014-09-06 12:01 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\ProductData2014-10-20 22:30 - 2014-09-06 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 72014-10-20 22:30 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup2014-10-20 22:30 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep2014-10-20 22:29 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-10-20 22:29 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2014-10-20 22:20 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration2014-10-20 22:17 - 2014-09-06 11:58 - 00000000 ____D () C:\ProgramData\IObit2014-10-19 17:35 - 2014-03-18 05:47 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI2014-10-19 17:25 - 2013-08-22 10:44 - 00353736 _____ () C:\Windows\system32\FNTCACHE.DAT2014-10-19 17:22 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore2014-10-02 17:11 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-10-02 17:11 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2014-10-02 17:10 - 2014-03-18 05:33 - 00000000 ____D () C:\Program Files\Windows Journal2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\winrm2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\WCN2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\slmgr2014-10-02 17:10 - 2014-03-18 05:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\dsc2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Com2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\MUI2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Com2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\IME2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Help2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer2014-10-02 17:10 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe2014-10-02 17:10 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism2014-09-22 02:42 - 2014-09-06 11:39 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-09-21 16:31 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2014-09-21 16:31 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing2014-09-21 16:11 - 2014-09-06 13:24 - 00000000 ____D () C:\ProgramData\Adobe2014-09-21 16:11 - 2014-09-03 12:27 - 00000000 ____D () C:\ProgramData\USBChargerPlus2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-09-21 14:03 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates Files to move or delete:====================C:\ProgramData\SetStretch.exeC:\ProgramData\SetStretch.VBSC:\ProgramData\Setup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  4. My question is regarding the quarantine procedure. If I quarantine all files detected by MBAM will my PC run correctly? Thanks.
  5. I wanted to add that while it seems this report says no malicious the actual scan says two malwares and have them highlighted in red. The Trojan.Agent and Rogue.Multiple.
  6. Scan Type: Threat Scan Result: Completed Objects Scanned: 302289 Time Elapsed: 14 min, 10 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 36 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\ApPttoUa.ApPttoUa.4.61, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ApPttoUa.ApPttoUa.4.61, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A2716DF7-6671-3058-5900-D407C42B8D0F}, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{A2716DF7-6671-3058-5900-D407C42B8D0F}\INPROCSERVER32, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\surffkeepIt.surffkeepIt.8.1, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\surffkeepIt.surffkeepIt.8.1, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D936026D-D41D-0A11-21FB-5C396664AF29}, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{D936026D-D41D-0A11-21FB-5C396664AF29}\INPROCSERVER32, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [ea6f8f88522ad85e34b691151fe349b7], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [ea6f8f88522ad85e34b691151fe349b7], PUP.Optional.SweetIM.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, , [0e4bee299ddf1f17c803b4f422e0d828], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{01B91C29-337A-1FFD-7CFC-473451D2F861}, , [9ebb8b8c98e457dfde0b63572bd614ec], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}, , [aeab42d5770579bd12d7dbdf1ae72cd4], PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}, , [aeabb463ef8d5bdb5c05d45c0af95ba5], PUP.Optional.MultiIE.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [2336cb4c601c85b1a8947810ff05a957], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [c792948382fa62d4858baf82966de31d], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, , [114841d61666270ff6af846c09f960a0], Registry Values: 1 PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, , [c792d740dca084b2e6fdc0bbad5737c9] Registry Data: 1 PUP.Optional.FindWide, HKU\S-1-5-21-3513599277-296145143-110265111-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search, Good: (www.google.com), Bad: (http://search.findwide.com/?guid={0A93A8F6-6514-4EA7-8F30-1292F20EBE0A}&action=homepage_search),,[5900f522f4885dd9a818180ff1147090] Folders: 5 Rogue.Multiple, C:\ProgramData\374311380, , [7bdee631354755e1b373b32c887a6997], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887, , [114841d61666270ff6af846c09f960a0], Files: 14 Trojan.Agent, C:\ProgramData\Performance Optimizer\PERFORMANCEOPTIMIZER.DLL, , [90c961b6cab26ec81808ca51877e0cf4], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\OUA.X64.DLL, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.dll, , [2831879075079a9c5c8c3882c93818e8], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\CVSMM.X64.DLL, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.dll, , [14459c7b9ae24aecd2161e9c29d8d62a], PUP.Optional.MultiPlug, C:\ProgramData\APptaoiU\Oua.exe, , [9ebb8b8c98e457dfde0b63572bd614ec], PUP.Optional.MultiPlug, C:\ProgramData\surfukeepIt\cVsMM.exe, , [aeab42d5770579bd12d7dbdf1ae72cd4], PUP.Optional.Proxy.A, C:\Users\Allan\AppData\Local\proxy.log, , [4d0cc750512bc670cd3efa2e10f32fd1], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar.dll, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1829\IEToolbar64.dll, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport.dll, , [114841d61666270ff6af846c09f960a0], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10887\passport64.dll, , [114841d61666270ff6af846c09f960a0], Physical Sectors: 0 (No malicious items detected) (end)
  7. Ran scan and have about 50 PUPS and two malware. Don't think any pose real threat but would like someone to look over my log. How can I proceed here? Thanks.
  8. When something is found at the end of a scan the malware name and location is not fully shown. How can I see them fully, Thanks
  9. Thanks, but I think that the PC is slow for some reason and thus Malwarebytes is also slow. The PC was infected with several trojans that I got rid of but I suspect there are more that I haven't found and the system is most likely corrupted to some extent anyway. Thanks again.
  10. No. 30 minutes is not quick is it? When I said scanning quickly in my OP i was referring to that scanning step that is done seconds before the scanning is completed. In fact, when I originally installed the program it was taking about 9 minutes. I reinstalled and I'm still getting 30 minute scans now.
  11. Friend's PC is taking 30 minutes to quick scan. About 90k objects are scanned until the extra objects are then scanned quickly. Any idea what the trouble may be. I should add that my friend's pc seems slow at times. Thanks VFN
  12. Thanks. I think that I may be having a problem with a driver or device as I'm getting restart messages that capture window and some kind of audio device are still open and need to be closed. (My PC closes them.) Hopefully I can resolve that even though I'm a computer dummy.
  13. I restarted and the sound is back so I'm not sure what happened.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.