Tread

Members

View Profile See their activity

Posts
5
Joined
August 27, 2016
Last visited
August 30, 2016

Reputation

0 Neutral

Malwarebytes only removes one threat at a time

Tread replied to Tread's topic in Resolved Malware Removal Logs

Hi Kevin, There were no firefox entries found. Thanks, Tread
Malwarebytes only removes one threat at a time

Tread replied to Tread's topic in Resolved Malware Removal Logs

Hi Kevin, Nope, no difference. It's still only removing one at a time. Thanks, again, -Tread MBAMScanLog29Aug.txt
Malwarebytes only removes one threat at a time

Tread replied to Tread's topic in Resolved Malware Removal Logs

Thanks, again, Kevin. I changed the settings in MBAM and am attaching the scan log (MBAMScanLog.txt). I ran AdwCleaner and am attaching the text file for that, as well (AdwCleaner[C0].txt). Finally, I ran Sophos and no threats were found. However, MBAM is still only removing 1 threat at a time. Maybe I should explain that a little more. I run the scan and it gives me a list of threats--all checked. So I click on remove. It tells me that all the threats are removed. But when I run the scan again, it gives me a list of threats which is one threat fewer than the list of threats from the previous scan. Thanks, again, for your help in this. -Tread MBAMScanLog.txt AdwCleaner[C0].txt
Malwarebytes only removes one threat at a time

Tread replied to Tread's topic in Resolved Malware Removal Logs

Thanks, Kevin. I think I've got everything you asked for. I've attached the 4 log files with two of them copied and pasted into the text of this reply. Please, let me know if there's anything I missed or anything else you need. Thanks, Tread ------------------------------------------------------------------- Rkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2016 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 08/27/2016 06:58:02 PM in x64 mode. Windows Version: Windows 10 Home Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 (PID: 4468) [AU-HEUR] * C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 (PID: 6388) [AU-HEUR] * C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_zika_7.08_windows_x86_64 (PID: 15712) [AU-HEUR] * C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 (PID: 12304) [AU-HEUR] 4 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 08/27/2016 06:59:40 PM Execution time: 0 hours(s), 1 minute(s), and 38 seconds(s) RogueKillerReport.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016 Ran by idazz (administrator) on DESKTOP-PV2ISJN (27-08-2016 19:05:41) Running from C:\Users\idazz\Downloads Loaded Profiles: idazz & vinta & lilyb & (Available Profiles: idazz & black & vinta & lilyb) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (World Community Grid) C:\Program Files (x86)\BOINC\boincmgr.exe (Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinctray.exe (World Community Grid) C:\Program Files (x86)\BOINC\boinc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Webroot) C:\Program Files\Webroot\WRSA.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Space Sciences Laboratory) C:\Program Files (x86)\BOINC\boinctray.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_zika_7.08_windows_x86_64 () C:\ProgramData\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.36_windows_x86_64 (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-15] (Realtek Semiconductor) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-01] (CyberLink Corp.) HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [937008 2016-08-18] (Webroot) HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\boincmgr.exe [3909264 2014-03-25] (World Community Grid) HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-25] (Space Sciences Laboratory) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-19] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001\...\MountPoints2: {4e7b81cc-3ec2-11e6-9cff-480fcf33cc12} - "G:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-3647385203-3709005935-2562020422-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\boinc.scr [972432 2014-03-25] (World Community Grid) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4e7b81cc-3ec2-11e6-9cff-480fcf33cc12} - "G:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\boinc.scr [972432 2014-03-25] (World Community Grid) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {4e7b81cc-3ec2-11e6-9cff-480fcf33cc12} - "G:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\boinc.scr [972432 2014-03-25] (World Community Grid) HKU\S-1-5-21-3647385203-3709005935-2562020422-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4e7b81cc-3ec2-11e6-9cff-480fcf33cc12} - "G:\VZW_Software_upgrade_assistant.exe" HKU\S-1-5-21-3647385203-3709005935-2562020422-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {4e7b81cc-3ec2-11e6-9cff-480fcf33cc12} - "G:\VZW_Software_upgrade_assistant.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-03-13] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-03-13] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4a69946a-1992-4c64-9a74-716ff175e6a4}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE SearchScopes: HKLM -> {06F83971-14F5-4DA5-AEC7-28691A968023} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {06F83971-14F5-4DA5-AEC7-28691A968023} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3647385203-3709005935-2562020422-1001 -> {06F83971-14F5-4DA5-AEC7-28691A968023} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {06F83971-14F5-4DA5-AEC7-28691A968023} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3647385203-3709005935-2562020422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {06F83971-14F5-4DA5-AEC7-28691A968023} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-03-13] (Webroot) BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-08-04] (Webroot) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-27] (Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-03-13] (Webroot) BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-08-04] (Webroot) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-03-13] (Webroot) Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-03-13] (Webroot) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-27] (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-05-24] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-05-24] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\idazz\AppData\Roaming\Mozilla\Firefox\Profiles\m4liict1.default FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-05-24] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-05-24] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-10-12] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\vinta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\vinta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\vinta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lilyb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lilyb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3647385203-3709005935-2562020422-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\lilyb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS) FF Extension: (Webroot Password Manager) - C:\Users\idazz\AppData\Roaming\Mozilla\Firefox\Profiles\m4liict1.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2016-03-13] FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer FF Extension: (Webroot Filtering Extension) - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2016-08-04] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-06-27] [not signed] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-13] CHR Extension: (Google Docs) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-13] CHR Extension: (Google Drive) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-13] CHR Extension: (YouTube) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-13] CHR Extension: (Google Sheets) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-13] CHR Extension: (Google Docs Offline) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19] CHR Extension: (Webroot Filtering Extension) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-08-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01] CHR Extension: (Gmail) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-13] CHR Extension: (Chrome Media Router) - C:\Users\idazz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20] CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [139504 2016-01-24] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [139504 2016-01-24] (Dropbox, Inc.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-05-24] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc.) R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.) R3 mfevtp; C:\windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-01-15] (Realtek Semiconductor) R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60440 2016-04-04] (Advanced Micro Devices, Inc.) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-06-30] (Microsoft Corporation) R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [937008 2016-08-18] (Webroot) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 amdkmcsp; C:\Windows\System32\drivers\amdkmcsp.sys [101112 2016-04-04] (Advanced Micro Devices, Inc. ) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-08-31] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [277240 2016-04-04] (Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-08-31] (Advanced Micro Devices) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-27] (Malwarebytes) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4620504 2015-12-03] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [139088 2016-08-27] (Webroot) R3 wrUrlFlt; C:\windows\system32\DRIVERS\wrUrlFlt.sys [54512 2016-08-04] (Webroot) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-27 19:05 - 2016-08-27 19:06 - 00025975 _____ C:\Users\idazz\Downloads\FRST.txt 2016-08-27 19:05 - 2016-08-27 19:05 - 00000000 ____D C:\FRST 2016-08-27 19:04 - 2016-08-27 19:04 - 02396672 _____ (Farbar) C:\Users\idazz\Downloads\FRST64.exe 2016-08-27 19:03 - 2016-08-27 19:04 - 01746944 _____ (Farbar) C:\Users\idazz\Downloads\FRST.exe 2016-08-27 18:58 - 2016-08-27 18:59 - 00003098 _____ C:\Users\idazz\Desktop\Rkill.txt 2016-08-27 18:54 - 2016-08-27 18:57 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\idazz\Downloads\rkill.exe 2016-08-27 08:55 - 2016-08-27 08:55 - 00000000 ____D C:\Users\idazz\OneDrive\Documents\U-Play online 2016-08-27 08:55 - 2016-08-27 08:55 - 00000000 ____D C:\Users\idazz\AppData\LocalLow\U-Play online 2016-08-27 08:48 - 2016-08-27 08:49 - 01446792 _____ C:\Users\vinta\Downloads\SteamSetup(1).exe 2016-08-27 08:00 - 2016-08-27 08:00 - 00000000 ___HD C:\OneDriveTemp 2016-08-26 22:24 - 2016-08-26 22:24 - 00000000 ____D C:\Users\idazz\AppData\Local\Steam 2016-08-26 19:40 - 2016-08-26 19:40 - 00000000 ____D C:\Users\vinta\AppData\LocalLow\U-Play online 2016-08-26 19:36 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll 2016-08-26 19:36 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll 2016-08-26 19:36 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll 2016-08-26 19:36 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll 2016-08-26 19:36 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll 2016-08-26 19:36 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll 2016-08-26 19:36 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll 2016-08-26 19:36 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll 2016-08-26 19:36 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll 2016-08-26 19:36 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll 2016-08-26 19:20 - 2016-08-26 19:20 - 00000222 _____ C:\Users\vinta\Desktop\Youtubers Life.url 2016-08-26 19:20 - 2016-08-26 19:20 - 00000000 ____D C:\Users\vinta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-26 19:19 - 2016-08-26 19:19 - 00000000 ____D C:\Users\vinta\AppData\Local\Steam 2016-08-26 19:16 - 2016-08-27 15:48 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-26 19:16 - 2016-08-26 19:16 - 00001003 _____ C:\Users\Public\Desktop\Steam.lnk 2016-08-26 19:16 - 2016-08-26 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-26 19:15 - 2016-08-26 19:15 - 01446792 _____ C:\Users\vinta\Downloads\SteamSetup.exe 2016-08-26 16:39 - 2016-08-27 08:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-19 21:04 - 2016-08-19 21:04 - 00000000 ____D C:\Users\idazz\AppData\Roaming\Skype 2016-08-18 11:28 - 2016-08-18 11:28 - 00003342 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task 2016-08-18 11:27 - 2016-08-18 11:27 - 00000000 ____D C:\Users\vinta\AppData\Roaming\Skype 2016-08-14 19:08 - 2016-08-14 19:09 - 02460701 _____ C:\Users\idazz\Downloads\Camp Moon Hwa (3).mp4 2016-08-14 18:46 - 2016-08-14 18:46 - 02997208 _____ C:\Users\idazz\Downloads\Camp Moon Hwa Brick Break.mp4 2016-08-14 18:46 - 2016-08-14 18:46 - 02078285 _____ C:\Users\idazz\Downloads\Camp Moon Hwa (2).mp4 2016-08-14 18:45 - 2016-08-14 18:49 - 20989341 _____ C:\Users\idazz\Downloads\Camp Moon Hwa (1).mp4 2016-08-14 18:45 - 2016-08-14 18:45 - 04638051 _____ C:\Users\idazz\Downloads\Camp Moon Hwa.mp4 2016-08-14 18:45 - 2016-08-14 18:45 - 02753768 _____ C:\Users\idazz\Downloads\Camp Moon Hwa 2016 (1).mp4 2016-08-14 18:44 - 2016-08-14 18:45 - 19523586 _____ C:\Users\idazz\Downloads\Camp Moon Hwa 2016.mp4 2016-08-12 03:02 - 2016-08-03 06:14 - 00050368 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2016-08-12 03:02 - 2016-08-03 05:36 - 07469408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2016-08-12 03:02 - 2016-08-03 05:36 - 00099680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys 2016-08-12 03:02 - 2016-08-03 05:30 - 00026408 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2016-08-12 03:02 - 2016-08-03 05:23 - 00693600 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll 2016-08-12 03:02 - 2016-08-03 05:23 - 00115040 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll 2016-08-12 03:02 - 2016-08-03 05:22 - 00808288 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe 2016-08-12 03:02 - 2016-08-03 05:22 - 00465248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2016-08-12 03:02 - 2016-08-03 05:22 - 00331616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys 2016-08-12 03:02 - 2016-08-03 05:21 - 03675512 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2016-08-12 03:02 - 2016-08-03 05:21 - 00566112 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe 2016-08-12 03:02 - 2016-08-03 05:20 - 01540224 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll 2016-08-12 03:02 - 2016-08-03 05:20 - 00692136 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll 2016-08-12 03:02 - 2016-08-03 05:19 - 00604928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2016-08-12 03:02 - 2016-08-03 05:19 - 00161632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2016-08-12 03:02 - 2016-08-03 05:13 - 01988448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2016-08-12 03:02 - 2016-08-03 05:13 - 00576864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys 2016-08-12 03:02 - 2016-08-03 05:13 - 00393056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2016-08-12 03:02 - 2016-08-03 04:51 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2016-08-12 03:02 - 2016-08-03 04:44 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe 2016-08-12 03:02 - 2016-08-03 04:44 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll 2016-08-12 03:02 - 2016-08-03 04:44 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll 2016-08-12 03:02 - 2016-08-03 04:43 - 16985088 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll 2016-08-12 03:02 - 2016-08-03 04:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll 2016-08-12 03:02 - 2016-08-03 04:41 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryBroker.dll 2016-08-12 03:02 - 2016-08-03 04:40 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe 2016-08-12 03:02 - 2016-08-03 04:40 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll 2016-08-12 03:02 - 2016-08-03 04:39 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll 2016-08-12 03:02 - 2016-08-03 04:39 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll 2016-08-12 03:02 - 2016-08-03 04:38 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll 2016-08-12 03:02 - 2016-08-03 04:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll 2016-08-12 03:02 - 2016-08-03 04:36 - 00198144 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2016-08-12 03:02 - 2016-08-03 04:35 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll 2016-08-12 03:02 - 2016-08-03 04:31 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\wevtutil.exe 2016-08-12 03:02 - 2016-08-03 04:30 - 00515072 _____ (Microsoft Corporation) C:\windows\system32\OneDriveSettingSyncProvider.dll 2016-08-12 03:02 - 2016-08-03 04:29 - 14252544 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2016-08-12 03:02 - 2016-08-03 04:29 - 01500160 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe 2016-08-12 03:02 - 2016-08-03 04:29 - 01387520 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys 2016-08-12 03:02 - 2016-08-03 04:28 - 01213440 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll 2016-08-12 03:02 - 2016-08-03 04:28 - 00848896 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2016-08-12 03:02 - 2016-08-03 04:27 - 07536640 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2016-08-12 03:02 - 2016-08-03 04:27 - 01717760 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll 2016-08-12 03:02 - 2016-08-03 04:18 - 06974464 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll 2016-08-12 03:02 - 2016-08-03 04:18 - 02067968 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll 2016-08-12 03:02 - 2016-08-03 04:18 - 01388032 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2016-08-12 03:02 - 2016-08-03 04:17 - 02175488 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll 2016-08-12 03:02 - 2016-08-03 04:16 - 05123072 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll 2016-08-12 03:02 - 2016-08-03 04:16 - 03589120 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys 2016-08-12 03:02 - 2016-08-03 04:16 - 02635776 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll 2016-08-12 03:02 - 2016-08-03 04:16 - 01732096 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2016-08-12 03:02 - 2016-08-03 04:14 - 01997824 _____ (Microsoft Corporation) C:\windows\system32\ActiveSyncProvider.dll 2016-08-12 03:02 - 2016-08-03 04:13 - 03025920 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2016-08-12 03:02 - 2016-08-03 04:13 - 02280960 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2016-08-12 03:02 - 2016-08-03 04:12 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepository.dll 2016-08-12 03:02 - 2016-08-03 04:11 - 04171264 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2016-08-12 03:02 - 2016-08-03 00:52 - 00034088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wldp.dll 2016-08-12 03:02 - 2016-08-03 00:34 - 00501592 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll 2016-08-12 03:02 - 2016-08-03 00:34 - 00084832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll 2016-08-12 03:02 - 2016-08-03 00:33 - 00051128 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsNativeApi.dll 2016-08-12 03:02 - 2016-08-03 00:31 - 02921368 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2016-08-12 03:02 - 2016-08-03 00:31 - 00957608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll 2016-08-12 03:02 - 2016-08-03 00:31 - 00703840 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe 2016-08-12 03:02 - 2016-08-03 00:30 - 21123320 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2016-08-12 03:02 - 2016-08-02 23:57 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdlrecover.exe 2016-08-12 03:02 - 2016-08-02 23:48 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll 2016-08-12 03:02 - 2016-08-02 23:47 - 13018112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll 2016-08-12 03:02 - 2016-08-02 23:44 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-12 03:02 - 2016-08-02 23:44 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-12 03:02 - 2016-08-02 23:42 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll 2016-08-12 03:02 - 2016-08-02 23:37 - 00219136 _____ (Microsoft Corporation) C:\windows\SysWOW64\VEEventDispatcher.dll 2016-08-12 03:02 - 2016-08-02 23:35 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtutil.exe 2016-08-12 03:02 - 2016-08-02 23:34 - 00792064 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2016-08-12 03:02 - 2016-08-02 23:32 - 12585984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2016-08-12 03:02 - 2016-08-02 23:32 - 00434688 _____ (Microsoft Corporation) C:\windows\SysWOW64\LogonController.dll 2016-08-12 03:02 - 2016-08-02 23:31 - 06743040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2016-08-12 03:02 - 2016-08-02 23:31 - 00705536 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2016-08-12 03:02 - 2016-08-02 23:25 - 04078080 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll 2016-08-12 03:02 - 2016-08-02 23:19 - 02180096 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepository.dll 2016-08-12 03:01 - 2016-08-03 06:14 - 01505984 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2016-08-12 03:01 - 2016-08-03 06:14 - 00092352 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2016-08-12 03:01 - 2016-08-03 05:36 - 00037744 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll 2016-08-12 03:01 - 2016-08-03 05:22 - 01322760 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2016-08-12 03:01 - 2016-08-03 05:22 - 00058408 _____ (Microsoft Corporation) C:\windows\system32\SensorsNativeApi.dll 2016-08-12 03:01 - 2016-08-03 05:21 - 22561256 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2016-08-12 03:01 - 2016-08-03 05:21 - 00303216 _____ (Microsoft Corporation) C:\windows\system32\LockAppHost.exe 2016-08-12 03:01 - 2016-08-03 05:11 - 00422744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys 2016-08-12 03:01 - 2016-08-03 04:51 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\tdlrecover.exe 2016-08-12 03:01 - 2016-08-03 04:46 - 22384128 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll 2016-08-12 03:01 - 2016-08-03 04:40 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\VEDataLayerHelpers.dll 2016-08-12 03:01 - 2016-08-03 04:40 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll 2016-08-12 03:01 - 2016-08-03 04:38 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll 2016-08-12 03:01 - 2016-08-03 04:37 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\IdCtrls.dll 2016-08-12 03:01 - 2016-08-03 04:36 - 00221696 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2016-08-12 03:01 - 2016-08-03 04:35 - 00764928 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll 2016-08-12 03:01 - 2016-08-03 04:34 - 00383488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2016-08-12 03:01 - 2016-08-03 04:33 - 00339968 _____ (Microsoft Corporation) C:\windows\system32\SensorService.dll 2016-08-12 03:01 - 2016-08-03 04:33 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\VEEventDispatcher.dll 2016-08-12 03:01 - 2016-08-03 04:31 - 00506880 _____ (Microsoft Corporation) C:\windows\system32\tileobjserver.dll 2016-08-12 03:01 - 2016-08-03 04:31 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll 2016-08-12 03:01 - 2016-08-03 04:30 - 24613888 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2016-08-12 03:01 - 2016-08-03 04:30 - 00970752 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2016-08-12 03:01 - 2016-08-03 04:29 - 02127360 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2016-08-12 03:01 - 2016-08-03 04:29 - 00784384 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2016-08-12 03:01 - 2016-08-03 04:28 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\LogonController.dll 2016-08-12 03:01 - 2016-08-03 04:27 - 01752576 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2016-08-12 03:01 - 2016-08-03 04:27 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll 2016-08-12 03:01 - 2016-08-03 04:20 - 13390336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2016-08-12 03:01 - 2016-08-03 04:15 - 07833088 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll 2016-08-12 03:01 - 2016-08-03 04:14 - 04895232 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2016-08-12 03:01 - 2016-08-03 00:30 - 00465760 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe 2016-08-12 03:01 - 2016-08-03 00:30 - 00255168 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppHost.exe 2016-08-12 03:01 - 2016-08-02 23:40 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\IdCtrls.dll 2016-08-12 03:01 - 2016-08-02 23:39 - 19351040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2016-08-12 03:01 - 2016-08-02 23:37 - 00335872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2016-08-12 03:01 - 2016-08-02 23:35 - 00286208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll 2016-08-12 03:01 - 2016-08-02 23:34 - 00400896 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-12 03:01 - 2016-08-02 23:33 - 18677760 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll 2016-08-12 03:01 - 2016-08-02 23:33 - 02050048 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2016-08-12 03:01 - 2016-08-02 23:33 - 00687616 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2016-08-12 03:01 - 2016-08-02 23:32 - 01526272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2016-08-12 03:01 - 2016-08-02 23:32 - 01467392 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll 2016-08-12 03:01 - 2016-08-02 23:29 - 12133376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2016-08-12 03:01 - 2016-08-02 23:28 - 03663360 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2016-08-12 03:01 - 2016-08-02 23:25 - 05323776 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll 2016-08-12 03:01 - 2016-08-02 23:23 - 05660672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll 2016-08-12 03:01 - 2016-08-02 23:23 - 01799680 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll 2016-08-12 03:01 - 2016-08-02 23:22 - 02501120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2016-08-12 03:01 - 2016-08-02 23:22 - 01502208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2016-08-12 03:01 - 2016-08-02 23:21 - 01708032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActiveSyncProvider.dll 2016-08-07 09:57 - 2016-08-07 09:57 - 00000000 ___HD C:\$WINDOWS.~BT 2016-07-31 10:06 - 2016-07-31 10:06 - 00191651 _____ C:\Users\idazz\Downloads\tickets506654.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-27 19:01 - 2016-01-24 06:56 - 00000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-08-27 18:58 - 2016-03-26 10:20 - 00000000 ____D C:\ProgramData\BOINC 2016-08-27 18:55 - 2016-03-13 14:40 - 00139088 _____ (Webroot) C:\windows\system32\Drivers\WRkrn.sys 2016-08-27 18:54 - 2015-11-03 21:13 - 00907548 _____ C:\windows\system32\PerfStringBackup.INI 2016-08-27 18:54 - 2015-10-30 02:21 - 00000000 ____D C:\windows\INF 2016-08-27 18:32 - 2016-03-19 13:30 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2016-08-27 18:09 - 2016-03-13 14:54 - 00000938 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-27 18:09 - 2016-03-13 14:54 - 00000934 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-27 18:05 - 2016-04-25 18:06 - 00003256 _____ C:\windows\System32\Tasks\HPCeeScheduleForidazz 2016-08-27 18:05 - 2016-04-25 18:06 - 00000364 _____ C:\windows\Tasks\HPCeeScheduleForidazz.job 2016-08-27 15:48 - 2016-03-13 14:53 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2016-08-27 14:11 - 2016-06-30 21:20 - 00004168 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{212F6BA7-2EDC-4E95-8391-5D239D600235} 2016-08-27 10:52 - 2016-03-13 14:40 - 00000000 ____D C:\ProgramData\WRData 2016-08-27 08:59 - 2016-01-24 06:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-08-27 08:55 - 2016-03-13 13:52 - 00000000 ____D C:\Users\idazz 2016-08-27 08:46 - 2016-03-13 14:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-27 08:42 - 2016-03-19 11:04 - 00000000 ____D C:\Users\vinta\AppData\LocalLow\LastPass 2016-08-27 08:42 - 2016-01-24 06:56 - 00000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-08-27 08:42 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-27 08:42 - 2015-10-30 02:24 - 00000000 ____D C:\windows\AppReadiness 2016-08-27 08:36 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-27 08:00 - 2016-03-13 14:00 - 00000000 ___RD C:\Users\idazz\OneDrive 2016-08-26 19:36 - 2016-03-14 18:07 - 00000000 ____D C:\Users\vinta 2016-08-19 21:05 - 2016-03-13 14:00 - 00002374 _____ C:\Users\idazz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-18 11:31 - 2016-03-13 14:40 - 00185272 _____ (Webroot) C:\windows\SysWOW64\WRusr.dll 2016-08-18 11:31 - 2016-03-13 14:40 - 00119920 _____ (Webroot) C:\windows\system32\WRusr.dll 2016-08-18 11:28 - 2016-03-19 11:05 - 00002374 _____ C:\Users\vinta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-18 11:28 - 2016-03-19 11:05 - 00000000 ___RD C:\Users\vinta\OneDrive 2016-08-18 11:26 - 2015-11-03 21:11 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-14 10:59 - 2015-10-30 02:24 - 00000000 ____D C:\windows\rescache 2016-08-13 19:07 - 2016-03-19 11:03 - 00000000 ____D C:\Users\lilyb\AppData\LocalLow\LastPass 2016-08-13 10:01 - 2016-01-24 06:24 - 00837154 _____ C:\windows\SysWOW64\rootpa.e2e 2016-08-13 10:01 - 2015-10-30 01:28 - 00032768 ___SH C:\windows\system32\config\ELAM 2016-08-13 10:00 - 2015-11-03 21:11 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-08-12 23:34 - 2015-10-30 01:28 - 01048576 ___SH C:\windows\system32\config\BBI 2016-08-12 23:33 - 2016-01-24 06:24 - 00065536 _____ C:\windows\system32\spu_storage.bin 2016-08-12 23:31 - 2015-10-30 04:05 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-12 23:31 - 2015-10-30 02:24 - 00000000 ___RD C:\windows\ImmersiveControlPanel 2016-08-12 23:31 - 2015-10-30 02:24 - 00000000 ____D C:\windows\system32\appraiser 2016-08-12 18:48 - 2016-03-13 18:37 - 00000000 ____D C:\windows\system32\MRT 2016-08-12 18:48 - 2015-10-30 02:24 - 00000000 ____D C:\windows\system32\SecureBootUpdates 2016-08-12 18:48 - 2015-10-30 02:11 - 00000000 ____D C:\windows\CbsTemp 2016-08-12 18:16 - 2016-03-13 18:37 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2016-08-08 18:11 - 2016-03-13 15:24 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-08 18:11 - 2016-03-13 15:24 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-08-07 09:57 - 2015-11-03 20:57 - 00000000 ____D C:\windows\Panther 2016-08-07 09:37 - 2016-03-30 17:01 - 00000000 ____D C:\Users\black\AppData\LocalLow\LastPass 2016-08-04 22:09 - 2016-03-13 14:41 - 00054512 ____T (Webroot) C:\windows\system32\Drivers\wrUrlFlt.sys 2016-08-04 19:05 - 2016-05-07 10:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-07-30 09:10 - 2016-01-24 07:03 - 00000000 ____D C:\ProgramData\McAfee 2016-07-28 18:04 - 2016-03-13 14:54 - 00003996 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-07-28 18:04 - 2016-03-13 14:54 - 00003764 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2016-03-13 14:41 - 2016-03-13 14:41 - 12964920 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe 2016-03-27 20:12 - 2016-03-27 20:18 - 0000000 _____ () C:\Users\idazz\AppData\Local\{0B77114E-CB8E-4549-81EE-7872A58979B7} Some files in TEMP: ==================== C:\Users\idazz\AppData\Local\Temp\WRupdate657076500.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-08-18 20:18 ==================== End of FRST.txt ============================ Rkill.txt Addition.txt FRST.txt
Malwarebytes only removes one threat at a time

Tread posted a topic in Resolved Malware Removal Logs

Hi, I used Malwarebytes last night and it came up with a bunch of threats. All the threats were checked and I clicked on remove, but only one was removed. So, I've been spending hours scanning and removing one threat at a time, even thought each time all the threats are checked. Can anyone help me with this problem? Thanks

Sign In

Tread

Posts

Joined

Last visited

Reputation

Malwarebytes only removes one threat at a time

Malwarebytes only removes one threat at a time

Malwarebytes only removes one threat at a time

Malwarebytes only removes one threat at a time

Malwarebytes only removes one threat at a time

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information