Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Popup infection that I just cannot get rid of, followed other threads already
Message
<blockquote data-quote="Mnemoch" data-source="post: 379325" data-attributes="member: 36087"><p>Upload button not working, sorry, I will post the log below:</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01</p><p>Ran by Trevor (administrator) on MAPOO on 30-04-2015 16:10:06</p><p>Running from C:\Users\Trevor\Downloads</p><p>Loaded Profiles: Trevor (Available profiles: Trevor)</p><p>Platform: Windows 8.1 Pro (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe</p><p>(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe</p><p>(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe</p><p>(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe</p><p>(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe</p><p>(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch</p><p>HKU\S-1-5-21-1217871043-332092552-3241288942-1001\...\MountPoints2: {74d475cc-abc7-11e4-825f-60029255d7ee} - "D:\autorun.exe"</p><p>HKU\S-1-5-21-1217871043-332092552-3241288942-1001\...\MountPoints2: {74d4766d-abc7-11e4-825f-60029255d7ee} - "D:\autorun.exe"</p><p>HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation)</p><p>CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://www.google.com" target="_blank">www.google.com</a></p><p>SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =</p><p>SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =</p><p>SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =</p><p>BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)</p><p>BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)</p><p>Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.1</p><p>Tcpip\..\Interfaces\{735FBFF0-AB84-4263-AE6D-7CD6921466CB}: [NameServer] 31.168.228.248,82.166.96.246</p><p>Tcpip\..\Interfaces\{85826326-C7E2-42FD-9D91-659F71E8C8B3}: [NameServer] 31.168.228.248,82.166.96.246</p><p>Tcpip\..\Interfaces\{A5703695-77F9-4375-8934-49E0BF8FD098}: [NameServer] 31.168.228.248,82.166.96.246</p><p>StartMenuInternet: IEXPLORE.EXE - iexplore.exe</p><p></p><p>FireFox:</p><p>========</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-03] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)</p><p>R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)</p><p>R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)</p><p>R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)</p><p>R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)</p><p>R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)</p><p>S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [26048 2015-01-12] ()</p><p>R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)</p><p>R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)</p><p>R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-08] (Microsoft Corporation)</p><p>R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-07] (Intel Corporation)</p><p>R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-07] (Intel Corporation)</p><p>R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)</p><p>R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-30] (Malwarebytes Corporation)</p><p>R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)</p><p>R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2014-01-31] (Intel Corporation)</p><p>R3 mrvlpcie8897; C:\Windows\system32\DRIVERS\mrvlpcie8897.sys [1002496 2014-12-24] (Marvell Semiconductors Inc.)</p><p>R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)</p><p>R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)</p><p>R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [51856 2014-05-30] (Microsoft Corporation)</p><p>R3 SurfaceCapacitiveHomeButton; C:\Windows\System32\drivers\SurfaceCapacitiveHomeButton.sys [44152 2014-11-27] (Microsoft Corporation)</p><p>R3 SurfaceDisplayCalibration; C:\Windows\System32\drivers\SurfaceDisplayCalibration.sys [41616 2014-05-02] (Microsoft Corporation)</p><p>R3 SurfaceIntegrationDriver; C:\Windows\System32\drivers\SurfaceIntegrationDriver.sys [49776 2014-12-09] (Microsoft Corporation)</p><p>R0 SurfacePciController; C:\Windows\System32\drivers\SurfacePciController.sys [35440 2014-10-08] (Microsoft Corporation)</p><p>R3 SurfacePenDriver; C:\Windows\system32\DRIVERS\SurfacePenDriver.sys [72304 2015-01-14] (Microsoft Corporation)</p><p>S3 SurfaceTouchCover; C:\Windows\System32\drivers\SurfaceTouchCover.sys [35976 2014-04-14] (Microsoft Corporation)</p><p>S3 SurfaceTypeCover; C:\Windows\System32\drivers\SurfaceTypeCover.sys [35984 2014-03-19] (Microsoft Corporation)</p><p>R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2014-09-29] (The OpenVPN Project)</p><p>R3 TrueColor; C:\Windows\system32\DRIVERS\TrueColor.sys [35952 2014-07-07] ()</p><p>R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)</p><p>R3 WiFiClass; C:\Windows\system32\DRIVERS\wificlass.sys [411648 2014-12-24] (Microsoft Corporation)</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2015-04-30 16:10 - 2015-04-30 16:10 - 00009841 _____ () C:\Users\Trevor\Downloads\FRST.txt</p><p>2015-04-30 16:10 - 2015-04-30 16:10 - 00000000 ____D () C:\FRST</p><p>2015-04-30 16:09 - 2015-04-30 16:09 - 02101248 _____ (Farbar) C:\Users\Trevor\Downloads\FRST64.exe</p><p>2015-04-30 14:14 - 2015-04-30 14:14 - 00000334 _____ () C:\windows\PFRO.log</p><p>2015-04-30 14:14 - 2015-04-30 14:01 - 00024064 _____ () C:\windows\zoek-delete.exe</p><p>2015-04-30 14:04 - 2015-04-30 14:04 - 00000460 _____ () C:\Users\Trevor\Desktop\Remove YourAdExchange.com pop-up ads (Removal Guide).website</p><p>2015-04-30 14:01 - 2015-04-30 14:41 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1217871043-332092552-3241288942-1001</p><p>2015-04-30 14:01 - 2015-04-30 14:13 - 00000000 ____D () C:\zoek_backup</p><p>2015-04-30 14:01 - 2015-04-30 14:01 - 01305600 _____ () C:\Users\Trevor\Downloads\zoek.exe</p><p>2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight</p><p>2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight</p><p>2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight</p><p>2015-04-30 13:44 - 2015-04-30 13:44 - 00000738 _____ () C:\Users\Trevor\Downloads\JRT.txt</p><p>2015-04-30 13:42 - 2015-04-30 03:30 - 02716306 _____ (Thisisu) C:\Users\Trevor\Downloads\JRT_NEW.exe</p><p>2015-04-23 19:52 - 2015-04-23 19:52 - 00000000 ____D () C:\windows\system32\appraiser</p><p>2015-04-23 19:40 - 2014-04-15 19:35 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll</p><p>2015-04-23 19:40 - 2014-04-15 19:34 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll</p><p>2015-04-23 19:39 - 2015-01-05 23:01 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys</p><p>2015-04-23 19:39 - 2015-01-05 22:59 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys</p><p>2015-04-23 19:39 - 2015-01-05 21:12 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll</p><p>2015-04-23 19:39 - 2015-01-05 21:02 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll</p><p>2015-04-23 19:38 - 2015-04-23 19:38 - 00000448 _____ () C:\Users\Trevor\Desktop\Reinstalling Flash after uninstall - Windows 8.... Adobe Community.website</p><p>2015-04-23 19:38 - 2015-03-13 00:03 - 00239424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys</p><p>2015-04-23 19:38 - 2015-03-13 00:03 - 00154432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys</p><p>2015-04-23 19:38 - 2015-03-12 22:59 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll</p><p>2015-04-23 19:38 - 2015-03-12 22:38 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll</p><p>2015-04-23 19:38 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll</p><p>2015-04-23 19:38 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll</p><p>2015-04-23 19:38 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll</p><p>2015-04-23 19:38 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll</p><p>2015-04-23 19:38 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll</p><p>2015-04-23 19:38 - 2015-02-12 22:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll</p><p>2015-04-23 19:38 - 2015-02-12 21:46 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll</p><p>2015-04-23 19:38 - 2014-11-17 16:17 - 00672984 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe</p><p>2015-04-23 19:38 - 2014-11-17 16:17 - 00273240 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe</p><p>2015-04-23 19:38 - 2014-11-15 15:05 - 00801584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll</p><p>2015-04-23 19:38 - 2014-11-15 02:29 - 00962216 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll</p><p>2015-04-23 19:38 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll</p><p>2015-04-23 19:38 - 2014-11-14 02:57 - 01027584 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll</p><p>2015-04-23 19:38 - 2014-11-14 02:54 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll</p><p>2015-04-23 19:38 - 2014-11-14 02:46 - 02171904 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll</p><p>2015-04-23 19:38 - 2014-11-14 02:39 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll</p><p>2015-04-23 19:38 - 2014-11-14 01:03 - 00885760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll</p><p>2015-04-23 19:38 - 2014-11-10 14:06 - 02485056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys</p><p>2015-04-23 19:38 - 2014-11-10 14:06 - 00473408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys</p><p>2015-04-23 19:38 - 2014-11-10 14:06 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS</p><p>2015-04-23 19:38 - 2014-11-10 14:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys</p><p>2015-04-23 19:38 - 2014-11-09 22:57 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys</p><p>2015-04-23 19:38 - 2014-11-09 21:37 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL</p><p>2015-04-23 19:38 - 2014-11-09 21:34 - 01084416 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL</p><p>2015-04-23 19:38 - 2014-11-09 21:26 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL</p><p>2015-04-23 19:38 - 2014-11-09 21:20 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll</p><p>2015-04-23 19:38 - 2014-11-09 21:09 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL</p><p>2015-04-23 19:38 - 2014-11-09 21:08 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll</p><p>2015-04-23 19:38 - 2014-11-09 21:06 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll</p><p>2015-04-23 19:38 - 2014-11-09 20:57 - 00624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll</p><p>2015-04-23 19:38 - 2014-11-09 20:57 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll</p><p>2015-04-23 19:38 - 2014-11-08 00:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys</p><p>2015-04-23 19:38 - 2014-11-07 23:58 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys</p><p>2015-04-23 19:38 - 2014-11-07 23:56 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp</p><p>2015-04-23 19:38 - 2014-11-07 23:56 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll</p><p>2015-04-23 19:38 - 2014-11-07 23:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll</p><p>2015-04-23 19:38 - 2014-11-07 23:24 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll</p><p>2015-04-23 19:38 - 2014-11-07 23:13 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp</p><p>2015-04-23 19:38 - 2014-11-07 23:13 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll</p><p>2015-04-23 19:38 - 2014-11-07 23:13 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll</p><p>2015-04-23 19:38 - 2014-11-07 22:48 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll</p><p>2015-04-23 19:38 - 2014-11-07 22:38 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll</p><p>2015-04-23 19:38 - 2014-11-07 22:17 - 00143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll</p><p>2015-04-23 19:38 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll</p><p>2015-04-23 19:38 - 2014-11-07 21:58 - 04837376 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll</p><p>2015-04-23 19:38 - 2014-11-07 21:49 - 01154048 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe</p><p>2015-04-23 19:38 - 2014-11-06 23:58 - 00952896 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll</p><p>2015-04-23 19:38 - 2014-11-06 23:20 - 00786120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll</p><p>2015-04-23 19:38 - 2014-11-04 22:12 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL</p><p>2015-04-23 19:38 - 2014-11-04 22:12 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL</p><p>2015-04-23 19:38 - 2014-11-04 22:06 - 00514048 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:44 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:43 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:39 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL</p><p>2015-04-23 19:38 - 2014-11-04 21:39 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL</p><p>2015-04-23 19:38 - 2014-11-04 21:33 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:21 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:20 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:14 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll</p><p>2015-04-23 19:38 - 2014-11-04 21:06 - 00555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll</p><p>2015-04-23 19:38 - 2014-11-04 15:33 - 00058176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys</p><p>2015-04-23 19:38 - 2014-11-04 15:25 - 00059712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys</p><p>2015-04-23 19:38 - 2014-11-04 15:25 - 00051008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys</p><p>2015-04-23 19:38 - 2014-11-04 02:55 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys</p><p>2015-04-23 19:38 - 2014-11-04 02:54 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys</p><p>2015-04-23 19:38 - 2014-11-04 02:54 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys</p><p>2015-04-23 19:38 - 2014-11-04 02:54 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys</p><p>2015-04-23 19:38 - 2014-11-04 02:27 - 00128512 _____ (Microsoft Corporation) C:\windows\splwow64.exe</p><p>2015-04-23 19:38 - 2014-11-04 01:01 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe</p><p>2015-04-23 19:38 - 2014-10-30 20:51 - 18823168 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll</p><p>2015-04-23 19:38 - 2014-10-30 20:10 - 15158784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll</p><p>2015-04-23 19:38 - 2014-10-28 23:05 - 00551232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys</p><p>2015-04-23 19:38 - 2014-10-28 21:55 - 00242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll</p><p>2015-04-23 19:38 - 2014-10-28 21:13 - 00169984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll</p><p>2015-04-23 19:38 - 2014-10-20 21:59 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll</p><p>2015-04-23 19:38 - 2014-10-20 21:19 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll</p><p>2015-04-23 19:38 - 2014-10-20 20:50 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll</p><p>2015-04-23 19:38 - 2014-10-20 20:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll</p><p>2015-04-23 19:38 - 2014-10-20 20:31 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll</p><p>2015-04-23 19:38 - 2014-10-20 20:30 - 01454080 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe</p><p>2015-04-23 19:38 - 2014-10-20 20:20 - 01142272 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll</p><p>2015-04-23 19:38 - 2014-10-17 00:56 - 00039744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys</p><p>2015-04-23 19:38 - 2014-10-16 23:35 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys</p><p>2015-04-23 19:33 - 2015-04-23 19:33 - 18782051 _____ () C:\Users\Trevor\Downloads\Windows8.1-KB3044132-x64.msu</p><p>2015-04-23 19:32 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe</p><p>2015-04-23 19:32 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll</p><p>2015-04-23 19:32 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll</p><p>2015-04-23 19:32 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll</p><p>2015-04-23 19:32 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll</p><p>2015-04-23 19:32 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll</p><p>2015-04-23 19:32 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll</p><p>2015-04-23 19:32 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll</p><p>2015-04-23 19:32 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe</p><p>2015-04-23 19:32 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe</p><p>2015-04-23 19:32 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll</p><p>2015-04-23 19:32 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll</p><p>2015-04-23 19:32 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll</p><p>2015-04-23 19:32 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll</p><p>2015-04-23 19:32 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys</p><p>2015-04-23 19:32 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll</p><p>2015-04-23 19:03 - 2015-04-23 19:03 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MAPOO-Windows-8.1-Pro-(64-bit).dat</p><p>2015-04-23 19:03 - 2015-04-23 19:03 - 00000000 ____D () C:\RegBackup</p><p>2015-04-23 19:02 - 2015-04-30 13:42 - 00000572 _____ () C:\Users\Trevor\Desktop\Remove Ad.Adserverplus pop-up virus (Removal Guide).website</p><p>2015-04-23 19:02 - 2015-04-23 19:02 - 02685470 _____ (Thisisu) C:\Users\Trevor\Downloads\JRT.exe</p><p>2015-04-23 18:52 - 2015-04-30 16:00 - 00000696 _____ () C:\windows\setupact.log</p><p>2015-04-23 18:52 - 2015-04-23 18:52 - 00000000 _____ () C:\windows\setuperr.log</p><p>2015-04-23 18:51 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll</p><p>2015-04-23 18:51 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll</p><p>2015-04-23 18:51 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe</p><p>2015-04-23 18:51 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll</p><p>2015-04-23 18:51 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll</p><p>2015-04-23 18:51 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll</p><p>2015-04-23 18:51 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll</p><p>2015-04-23 18:51 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe</p><p>2015-04-23 18:51 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll</p><p>2015-04-23 18:51 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe</p><p>2015-04-23 18:51 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll</p><p>2015-04-23 18:51 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll</p><p>2015-04-23 18:51 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll</p><p>2015-04-23 18:51 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll</p><p>2015-04-23 18:51 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe</p><p>2015-04-23 18:51 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll</p><p>2015-04-23 18:51 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll</p><p>2015-04-23 18:51 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll</p><p>2015-04-23 18:51 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys</p><p>2015-04-23 18:51 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll</p><p>2015-04-23 18:51 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll</p><p>2015-04-23 18:51 - 2014-12-02 19:09 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll</p><p>2015-04-23 18:50 - 2015-04-30 16:00 - 01804196 _____ () C:\windows\WindowsUpdate.log</p><p>2015-04-23 18:39 - 2015-04-23 18:39 - 00000834 _____ () C:\windows\system32\.crusader</p><p>2015-04-23 18:37 - 2015-04-23 18:39 - 00000000 ____D () C:\ProgramData\HitmanPro</p><p>2015-04-23 18:33 - 2015-04-23 19:03 - 00000589 _____ () C:\Users\Trevor\Desktop\Remove Adcash.com pop-up ads (Removal Guide).website</p><p>2015-04-23 18:32 - 2015-04-23 18:33 - 11028616 _____ (SurfRight B.V.) C:\Users\Trevor\Downloads\HitmanPro_x64.exe</p><p>2015-04-23 18:31 - 2015-04-30 13:48 - 00000000 ____D () C:\AdwCleaner</p><p>2015-04-23 18:31 - 2015-04-23 18:31 - 02224640 _____ () C:\Users\Trevor\Downloads\adwcleaner_4.202.exe</p><p>2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\Updater5</p><p>2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\GrandpaVCD</p><p>2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\Geoff Skeete History of Barbados CD Copy</p><p>2015-04-22 09:04 - 2008-10-09 13:45 - 00002234 _____ () C:\Users\Trevor\Documents\Stanford.txt</p><p>2015-04-22 09:04 - 2007-06-27 15:37 - 00000000 ____D () C:\Users\Trevor\Documents\My Received Files</p><p>2015-04-22 09:04 - 2005-12-30 09:25 - 00006134 _____ () C:\Users\Trevor\Documents\Congratulations.txt</p><p>2015-04-22 09:04 - 2005-12-11 17:21 - 00002941 _____ () C:\Users\Trevor\Documents\Silver Sands Development.txt</p><p>2015-04-22 09:04 - 2005-06-06 22:59 - 00001992 _____ () C:\Users\Trevor\Documents\Untitled.txt</p><p>2015-04-22 09:04 - 2004-10-08 08:23 - 00056832 _____ () C:\Users\Trevor\Documents\ABBAS ASSIGNMENT # 1.xls</p><p>2015-04-05 03:16 - 2015-04-23 18:05 - 00000000 ___SD () C:\windows\system32\GWX</p><p>2015-04-05 03:16 - 2015-04-05 03:16 - 00000000 ___SD () C:\windows\SysWOW64\GWX</p><p>2015-04-02 08:17 - 2015-04-02 08:17 - 41840320 _____ (Microsoft Corporation) C:\Users\Trevor\Downloads\Windows-KB890830-x64-V5.22.exe</p><p>2015-04-02 07:57 - 2015-04-02 07:57 - 05344528 _____ (Piriform Ltd) C:\Users\Trevor\Downloads\ccsetup504.exe</p><p>2015-04-02 07:55 - 2015-04-30 16:01 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2015-04-02 07:55 - 2015-04-23 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2015-04-02 07:55 - 2015-04-23 18:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2015-04-02 07:55 - 2015-04-02 07:55 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2015-04-02 07:55 - 2015-04-02 07:55 - 00000000 ____D () C:\ProgramData\Malwarebytes</p><p>2015-04-02 07:55 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys</p><p>2015-04-02 07:55 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys</p><p>2015-04-02 07:55 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys</p><p>2015-04-02 07:54 - 2015-04-02 07:55 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Trevor\Downloads\mbam-setup-2.1.4.1018.exe</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p></p><p>2015-04-30 16:05 - 2014-05-08 23:06 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI</p><p>2015-04-30 16:01 - 2015-02-03 12:21 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MAPOO-Trevor mapoo</p><p>2015-04-30 16:01 - 2014-10-14 09:15 - 00000000 __RDO () C:\Users\Trevor\OneDrive</p><p>2015-04-30 16:01 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT</p><p>2015-04-30 16:00 - 2013-08-22 11:20 - 00000000 ____D () C:\windows\CbsTemp</p><p>2015-04-30 15:14 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru</p><p>2015-04-30 14:14 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\BBI</p><p>2015-04-30 14:13 - 2015-02-03 11:59 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Google</p><p>2015-04-26 20:55 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Packages</p><p>2015-04-26 06:11 - 2015-02-04 16:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer</p><p>2015-04-24 11:59 - 2014-10-20 00:49 - 00000000 ____D () C:\windows\system32\MRT</p><p>2015-04-24 05:53 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\rescache</p><p>2015-04-23 20:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness</p><p>2015-04-23 19:52 - 2015-03-04 17:29 - 00000000 ___SD () C:\windows\system32\CompatTel</p><p>2015-04-23 19:52 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\SysWOW64\setup</p><p>2015-04-23 19:52 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\setup</p><p>2015-04-23 19:41 - 2013-08-22 11:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel</p><p>2015-04-23 18:33 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor</p><p>2015-04-23 18:28 - 2015-02-04 16:04 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk</p><p>2015-04-23 18:28 - 2015-02-04 16:04 - 00000978 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk</p><p>2015-04-23 18:26 - 2013-08-22 11:43 - 00000000 ____D () C:\windows\DigitalLocker</p><p>2015-04-23 18:22 - 2015-02-03 11:59 - 00000000 ____D () C:\Program Files (x86)\Google</p><p>2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 __RSD () C:\windows\Media</p><p>2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\SysWOW64\Macromed</p><p>2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\PolicyDefinitions</p><p>2015-04-23 18:05 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Sysprep</p><p>2015-04-23 18:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\registration</p><p>2015-04-23 18:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppCompat</p><p>2015-04-23 18:03 - 2015-02-10 12:24 - 00000000 __RHD () C:\MSOCache</p><p>2015-04-21 10:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\NDF</p><p>2015-04-15 16:14 - 2014-12-07 21:48 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll</p><p>2015-04-08 07:30 - 2015-02-14 18:46 - 00000000 ____D () C:\ProgramData\HP</p><p>2015-04-04 05:44 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor\AppData\Roaming\Adobe</p><p>2015-04-03 10:57 - 2015-02-15 12:17 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Windows Live</p><p>2015-04-02 08:12 - 2014-05-08 23:55 - 00000000 ____D () C:\windows\Panther</p><p>2015-04-02 08:02 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\Speech</p><p>2015-04-02 07:41 - 2014-10-14 09:12 - 00001449 _____ () C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk</p><p>2015-04-01 11:16 - 2014-10-20 00:49 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2015-04-22 08:51 - 2015-04-22 08:52 - 0011728 _____ () C:\Users\Trevor\AppData\Local\Temp-log.txt</p><p>2014-05-08 22:58 - 2014-05-08 22:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl</p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2015-04-26 02:14</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="Mnemoch, post: 379325, member: 36087"] Upload button not working, sorry, I will post the log below: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01 Ran by Trevor (administrator) on MAPOO on 30-04-2015 16:10:06 Running from C:\Users\Trevor\Downloads Loaded Profiles: Trevor (Available profiles: Trevor) Platform: Windows 8.1 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKU\S-1-5-21-1217871043-332092552-3241288942-1001\...\MountPoints2: {74d475cc-abc7-11e4-825f-60029255d7ee} - "D:\autorun.exe" HKU\S-1-5-21-1217871043-332092552-3241288942-1001\...\MountPoints2: {74d4766d-abc7-11e4-825f-60029255d7ee} - "D:\autorun.exe" HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL='http://www.google.com']www.google.com[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL='http://www.google.com']www.google.com[/URL] SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{735FBFF0-AB84-4263-AE6D-7CD6921466CB}: [NameServer] 31.168.228.248,82.166.96.246 Tcpip\..\Interfaces\{85826326-C7E2-42FD-9D91-659F71E8C8B3}: [NameServer] 31.168.228.248,82.166.96.246 Tcpip\..\Interfaces\{A5703695-77F9-4375-8934-49E0BF8FD098}: [NameServer] 31.168.228.248,82.166.96.246 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [26048 2015-01-12] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-08] (Microsoft Corporation) R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-07] (Intel Corporation) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-07] (Intel Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-30] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2014-01-31] (Intel Corporation) R3 mrvlpcie8897; C:\Windows\system32\DRIVERS\mrvlpcie8897.sys [1002496 2014-12-24] (Marvell Semiconductors Inc.) R3 SensorsHIDClassDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation) R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation) R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [51856 2014-05-30] (Microsoft Corporation) R3 SurfaceCapacitiveHomeButton; C:\Windows\System32\drivers\SurfaceCapacitiveHomeButton.sys [44152 2014-11-27] (Microsoft Corporation) R3 SurfaceDisplayCalibration; C:\Windows\System32\drivers\SurfaceDisplayCalibration.sys [41616 2014-05-02] (Microsoft Corporation) R3 SurfaceIntegrationDriver; C:\Windows\System32\drivers\SurfaceIntegrationDriver.sys [49776 2014-12-09] (Microsoft Corporation) R0 SurfacePciController; C:\Windows\System32\drivers\SurfacePciController.sys [35440 2014-10-08] (Microsoft Corporation) R3 SurfacePenDriver; C:\Windows\system32\DRIVERS\SurfacePenDriver.sys [72304 2015-01-14] (Microsoft Corporation) S3 SurfaceTouchCover; C:\Windows\System32\drivers\SurfaceTouchCover.sys [35976 2014-04-14] (Microsoft Corporation) S3 SurfaceTypeCover; C:\Windows\System32\drivers\SurfaceTypeCover.sys [35984 2014-03-19] (Microsoft Corporation) R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2014-09-29] (The OpenVPN Project) R3 TrueColor; C:\Windows\system32\DRIVERS\TrueColor.sys [35952 2014-07-07] () R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation) R3 WiFiClass; C:\Windows\system32\DRIVERS\wificlass.sys [411648 2014-12-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 16:10 - 2015-04-30 16:10 - 00009841 _____ () C:\Users\Trevor\Downloads\FRST.txt 2015-04-30 16:10 - 2015-04-30 16:10 - 00000000 ____D () C:\FRST 2015-04-30 16:09 - 2015-04-30 16:09 - 02101248 _____ (Farbar) C:\Users\Trevor\Downloads\FRST64.exe 2015-04-30 14:14 - 2015-04-30 14:14 - 00000334 _____ () C:\windows\PFRO.log 2015-04-30 14:14 - 2015-04-30 14:01 - 00024064 _____ () C:\windows\zoek-delete.exe 2015-04-30 14:04 - 2015-04-30 14:04 - 00000460 _____ () C:\Users\Trevor\Desktop\Remove YourAdExchange.com pop-up ads (Removal Guide).website 2015-04-30 14:01 - 2015-04-30 14:41 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1217871043-332092552-3241288942-1001 2015-04-30 14:01 - 2015-04-30 14:13 - 00000000 ____D () C:\zoek_backup 2015-04-30 14:01 - 2015-04-30 14:01 - 01305600 _____ () C:\Users\Trevor\Downloads\zoek.exe 2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-04-30 13:50 - 2015-04-30 13:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-04-30 13:44 - 2015-04-30 13:44 - 00000738 _____ () C:\Users\Trevor\Downloads\JRT.txt 2015-04-30 13:42 - 2015-04-30 03:30 - 02716306 _____ (Thisisu) C:\Users\Trevor\Downloads\JRT_NEW.exe 2015-04-23 19:52 - 2015-04-23 19:52 - 00000000 ____D () C:\windows\system32\appraiser 2015-04-23 19:40 - 2014-04-15 19:35 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll 2015-04-23 19:40 - 2014-04-15 19:34 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll 2015-04-23 19:39 - 2015-01-05 23:01 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys 2015-04-23 19:39 - 2015-01-05 22:59 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys 2015-04-23 19:39 - 2015-01-05 21:12 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll 2015-04-23 19:39 - 2015-01-05 21:02 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll 2015-04-23 19:38 - 2015-04-23 19:38 - 00000448 _____ () C:\Users\Trevor\Desktop\Reinstalling Flash after uninstall - Windows 8.... Adobe Community.website 2015-04-23 19:38 - 2015-03-13 00:03 - 00239424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys 2015-04-23 19:38 - 2015-03-13 00:03 - 00154432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys 2015-04-23 19:38 - 2015-03-12 22:59 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-04-23 19:38 - 2015-03-12 22:38 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-04-23 19:38 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll 2015-04-23 19:38 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll 2015-04-23 19:38 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll 2015-04-23 19:38 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll 2015-04-23 19:38 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll 2015-04-23 19:38 - 2015-02-12 22:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2015-04-23 19:38 - 2015-02-12 21:46 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2015-04-23 19:38 - 2014-11-17 16:17 - 00672984 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe 2015-04-23 19:38 - 2014-11-17 16:17 - 00273240 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe 2015-04-23 19:38 - 2014-11-15 15:05 - 00801584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll 2015-04-23 19:38 - 2014-11-15 02:29 - 00962216 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2015-04-23 19:38 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll 2015-04-23 19:38 - 2014-11-14 02:57 - 01027584 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll 2015-04-23 19:38 - 2014-11-14 02:54 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll 2015-04-23 19:38 - 2014-11-14 02:46 - 02171904 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll 2015-04-23 19:38 - 2014-11-14 02:39 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll 2015-04-23 19:38 - 2014-11-14 01:03 - 00885760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll 2015-04-23 19:38 - 2014-11-10 14:06 - 02485056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2015-04-23 19:38 - 2014-11-10 14:06 - 00473408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2015-04-23 19:38 - 2014-11-10 14:06 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2015-04-23 19:38 - 2014-11-10 14:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys 2015-04-23 19:38 - 2014-11-09 22:57 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys 2015-04-23 19:38 - 2014-11-09 21:37 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL 2015-04-23 19:38 - 2014-11-09 21:34 - 01084416 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL 2015-04-23 19:38 - 2014-11-09 21:26 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL 2015-04-23 19:38 - 2014-11-09 21:20 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll 2015-04-23 19:38 - 2014-11-09 21:09 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL 2015-04-23 19:38 - 2014-11-09 21:08 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll 2015-04-23 19:38 - 2014-11-09 21:06 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll 2015-04-23 19:38 - 2014-11-09 20:57 - 00624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll 2015-04-23 19:38 - 2014-11-09 20:57 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll 2015-04-23 19:38 - 2014-11-08 00:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys 2015-04-23 19:38 - 2014-11-07 23:58 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys 2015-04-23 19:38 - 2014-11-07 23:56 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp 2015-04-23 19:38 - 2014-11-07 23:56 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll 2015-04-23 19:38 - 2014-11-07 23:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll 2015-04-23 19:38 - 2014-11-07 23:24 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll 2015-04-23 19:38 - 2014-11-07 23:13 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp 2015-04-23 19:38 - 2014-11-07 23:13 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll 2015-04-23 19:38 - 2014-11-07 23:13 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll 2015-04-23 19:38 - 2014-11-07 22:48 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll 2015-04-23 19:38 - 2014-11-07 22:38 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll 2015-04-23 19:38 - 2014-11-07 22:17 - 00143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll 2015-04-23 19:38 - 2014-11-07 22:03 - 00733696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll 2015-04-23 19:38 - 2014-11-07 21:58 - 04837376 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll 2015-04-23 19:38 - 2014-11-07 21:49 - 01154048 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe 2015-04-23 19:38 - 2014-11-06 23:58 - 00952896 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll 2015-04-23 19:38 - 2014-11-06 23:20 - 00786120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll 2015-04-23 19:38 - 2014-11-04 22:12 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL 2015-04-23 19:38 - 2014-11-04 22:12 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL 2015-04-23 19:38 - 2014-11-04 22:06 - 00514048 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll 2015-04-23 19:38 - 2014-11-04 21:44 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll 2015-04-23 19:38 - 2014-11-04 21:43 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll 2015-04-23 19:38 - 2014-11-04 21:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll 2015-04-23 19:38 - 2014-11-04 21:39 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL 2015-04-23 19:38 - 2014-11-04 21:39 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL 2015-04-23 19:38 - 2014-11-04 21:33 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll 2015-04-23 19:38 - 2014-11-04 21:21 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll 2015-04-23 19:38 - 2014-11-04 21:20 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll 2015-04-23 19:38 - 2014-11-04 21:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll 2015-04-23 19:38 - 2014-11-04 21:14 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll 2015-04-23 19:38 - 2014-11-04 21:06 - 00555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll 2015-04-23 19:38 - 2014-11-04 15:33 - 00058176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys 2015-04-23 19:38 - 2014-11-04 15:25 - 00059712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys 2015-04-23 19:38 - 2014-11-04 15:25 - 00051008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys 2015-04-23 19:38 - 2014-11-04 02:55 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys 2015-04-23 19:38 - 2014-11-04 02:54 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys 2015-04-23 19:38 - 2014-11-04 02:54 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys 2015-04-23 19:38 - 2014-11-04 02:54 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys 2015-04-23 19:38 - 2014-11-04 02:27 - 00128512 _____ (Microsoft Corporation) C:\windows\splwow64.exe 2015-04-23 19:38 - 2014-11-04 01:01 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe 2015-04-23 19:38 - 2014-10-30 20:51 - 18823168 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll 2015-04-23 19:38 - 2014-10-30 20:10 - 15158784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll 2015-04-23 19:38 - 2014-10-28 23:05 - 00551232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys 2015-04-23 19:38 - 2014-10-28 21:55 - 00242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll 2015-04-23 19:38 - 2014-10-28 21:13 - 00169984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll 2015-04-23 19:38 - 2014-10-20 21:59 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll 2015-04-23 19:38 - 2014-10-20 21:19 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll 2015-04-23 19:38 - 2014-10-20 20:50 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll 2015-04-23 19:38 - 2014-10-20 20:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll 2015-04-23 19:38 - 2014-10-20 20:31 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll 2015-04-23 19:38 - 2014-10-20 20:30 - 01454080 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe 2015-04-23 19:38 - 2014-10-20 20:20 - 01142272 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll 2015-04-23 19:38 - 2014-10-17 00:56 - 00039744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys 2015-04-23 19:38 - 2014-10-16 23:35 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys 2015-04-23 19:33 - 2015-04-23 19:33 - 18782051 _____ () C:\Users\Trevor\Downloads\Windows8.1-KB3044132-x64.msu 2015-04-23 19:32 - 2015-03-23 17:59 - 07476032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-04-23 19:32 - 2015-03-23 17:59 - 01733952 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-04-23 19:32 - 2015-03-23 17:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll 2015-04-23 19:32 - 2015-03-23 17:58 - 01498872 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-04-23 19:32 - 2015-03-23 17:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll 2015-04-23 19:32 - 2015-03-20 00:12 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll 2015-04-23 19:32 - 2015-03-20 00:10 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-04-23 19:32 - 2015-03-20 00:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-04-23 19:32 - 2015-03-19 23:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe 2015-04-23 19:32 - 2015-03-19 22:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe 2015-04-23 19:32 - 2015-03-19 22:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-04-23 19:32 - 2015-03-19 22:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2015-04-23 19:32 - 2015-03-14 04:20 - 01385256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll 2015-04-23 19:32 - 2015-03-14 04:13 - 01124352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll 2015-04-23 19:32 - 2015-02-24 04:32 - 00991552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys 2015-04-23 19:32 - 2015-02-20 19:49 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll 2015-04-23 19:03 - 2015-04-23 19:03 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MAPOO-Windows-8.1-Pro-(64-bit).dat 2015-04-23 19:03 - 2015-04-23 19:03 - 00000000 ____D () C:\RegBackup 2015-04-23 19:02 - 2015-04-30 13:42 - 00000572 _____ () C:\Users\Trevor\Desktop\Remove Ad.Adserverplus pop-up virus (Removal Guide).website 2015-04-23 19:02 - 2015-04-23 19:02 - 02685470 _____ (Thisisu) C:\Users\Trevor\Downloads\JRT.exe 2015-04-23 18:52 - 2015-04-30 16:00 - 00000696 _____ () C:\windows\setupact.log 2015-04-23 18:52 - 2015-04-23 18:52 - 00000000 _____ () C:\windows\setuperr.log 2015-04-23 18:51 - 2015-03-22 18:45 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 00769024 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-04-23 18:51 - 2015-03-22 18:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-04-23 18:51 - 2015-03-14 04:54 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-04-23 18:51 - 2015-03-13 21:56 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-04-23 18:51 - 2015-03-13 21:56 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-04-23 18:51 - 2015-03-13 21:51 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-04-23 18:51 - 2015-03-13 21:37 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-04-23 18:51 - 2015-03-13 21:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-04-23 18:51 - 2015-03-13 20:22 - 03678720 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-04-23 18:51 - 2015-03-13 20:12 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-04-23 18:51 - 2015-03-13 20:12 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-04-23 18:51 - 2015-03-13 20:09 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll 2015-04-23 18:51 - 2015-03-13 20:08 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll 2015-04-23 18:51 - 2015-03-13 20:08 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-04-23 18:51 - 2015-03-13 20:06 - 02373632 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-04-23 18:51 - 2015-03-13 20:06 - 00891392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-04-23 18:51 - 2015-03-13 20:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-04-23 18:51 - 2015-03-13 20:02 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-04-23 18:51 - 2015-03-13 19:59 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-04-23 18:51 - 2015-03-13 19:59 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-04-23 18:51 - 2015-03-13 00:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-04-23 18:51 - 2015-03-13 00:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-04-23 18:51 - 2015-03-13 00:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-04-23 18:51 - 2015-03-12 23:53 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-04-23 18:51 - 2015-03-12 23:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-04-23 18:51 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-04-23 18:51 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-04-23 18:51 - 2015-03-12 23:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-04-23 18:51 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-04-23 18:51 - 2015-03-12 23:17 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2015-04-23 18:51 - 2015-03-12 23:16 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-04-23 18:51 - 2015-03-12 23:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-04-23 18:51 - 2015-03-12 23:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-04-23 18:51 - 2015-03-12 23:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-04-23 18:51 - 2015-03-12 22:58 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll 2015-04-23 18:51 - 2015-03-12 22:50 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2015-04-23 18:51 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-04-23 18:51 - 2015-03-12 22:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-04-23 18:51 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-04-23 18:51 - 2015-03-12 22:37 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll 2015-04-23 18:51 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-04-23 18:51 - 2015-03-12 22:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-04-23 18:51 - 2015-03-12 22:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-04-23 18:51 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-04-23 18:51 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-04-23 18:51 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-04-23 18:51 - 2015-03-04 06:25 - 00377152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys 2015-04-23 18:51 - 2015-03-03 23:04 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll 2015-04-23 18:51 - 2015-03-03 22:19 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll 2015-04-23 18:51 - 2014-12-02 19:09 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-04-23 18:50 - 2015-04-30 16:00 - 01804196 _____ () C:\windows\WindowsUpdate.log 2015-04-23 18:39 - 2015-04-23 18:39 - 00000834 _____ () C:\windows\system32\.crusader 2015-04-23 18:37 - 2015-04-23 18:39 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-04-23 18:33 - 2015-04-23 19:03 - 00000589 _____ () C:\Users\Trevor\Desktop\Remove Adcash.com pop-up ads (Removal Guide).website 2015-04-23 18:32 - 2015-04-23 18:33 - 11028616 _____ (SurfRight B.V.) C:\Users\Trevor\Downloads\HitmanPro_x64.exe 2015-04-23 18:31 - 2015-04-30 13:48 - 00000000 ____D () C:\AdwCleaner 2015-04-23 18:31 - 2015-04-23 18:31 - 02224640 _____ () C:\Users\Trevor\Downloads\adwcleaner_4.202.exe 2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\Updater5 2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\GrandpaVCD 2015-04-22 09:04 - 2015-04-22 09:04 - 00000000 ____D () C:\Users\Trevor\Documents\Geoff Skeete History of Barbados CD Copy 2015-04-22 09:04 - 2008-10-09 13:45 - 00002234 _____ () C:\Users\Trevor\Documents\Stanford.txt 2015-04-22 09:04 - 2007-06-27 15:37 - 00000000 ____D () C:\Users\Trevor\Documents\My Received Files 2015-04-22 09:04 - 2005-12-30 09:25 - 00006134 _____ () C:\Users\Trevor\Documents\Congratulations.txt 2015-04-22 09:04 - 2005-12-11 17:21 - 00002941 _____ () C:\Users\Trevor\Documents\Silver Sands Development.txt 2015-04-22 09:04 - 2005-06-06 22:59 - 00001992 _____ () C:\Users\Trevor\Documents\Untitled.txt 2015-04-22 09:04 - 2004-10-08 08:23 - 00056832 _____ () C:\Users\Trevor\Documents\ABBAS ASSIGNMENT # 1.xls 2015-04-05 03:16 - 2015-04-23 18:05 - 00000000 ___SD () C:\windows\system32\GWX 2015-04-05 03:16 - 2015-04-05 03:16 - 00000000 ___SD () C:\windows\SysWOW64\GWX 2015-04-02 08:17 - 2015-04-02 08:17 - 41840320 _____ (Microsoft Corporation) C:\Users\Trevor\Downloads\Windows-KB890830-x64-V5.22.exe 2015-04-02 07:57 - 2015-04-02 07:57 - 05344528 _____ (Piriform Ltd) C:\Users\Trevor\Downloads\ccsetup504.exe 2015-04-02 07:55 - 2015-04-30 16:01 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-02 07:55 - 2015-04-23 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-04-02 07:55 - 2015-04-23 18:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-04-02 07:55 - 2015-04-02 07:55 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-04-02 07:55 - 2015-04-02 07:55 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-04-02 07:55 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-04-02 07:55 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-04-02 07:55 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-04-02 07:54 - 2015-04-02 07:55 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Trevor\Downloads\mbam-setup-2.1.4.1018.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-30 16:05 - 2014-05-08 23:06 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI 2015-04-30 16:01 - 2015-02-03 12:21 - 00004966 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MAPOO-Trevor mapoo 2015-04-30 16:01 - 2014-10-14 09:15 - 00000000 __RDO () C:\Users\Trevor\OneDrive 2015-04-30 16:01 - 2013-08-22 10:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-04-30 16:00 - 2013-08-22 11:20 - 00000000 ____D () C:\windows\CbsTemp 2015-04-30 15:14 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\sru 2015-04-30 14:14 - 2013-08-22 09:25 - 00262144 ___SH () C:\windows\system32\config\BBI 2015-04-30 14:13 - 2015-02-03 11:59 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Google 2015-04-26 20:55 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Packages 2015-04-26 06:11 - 2015-02-04 16:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-04-24 11:59 - 2014-10-20 00:49 - 00000000 ____D () C:\windows\system32\MRT 2015-04-24 05:53 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\rescache 2015-04-23 20:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppReadiness 2015-04-23 19:52 - 2015-03-04 17:29 - 00000000 ___SD () C:\windows\system32\CompatTel 2015-04-23 19:52 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\SysWOW64\setup 2015-04-23 19:52 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\setup 2015-04-23 19:41 - 2013-08-22 11:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel 2015-04-23 18:33 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor 2015-04-23 18:28 - 2015-02-04 16:04 - 00000990 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-04-23 18:28 - 2015-02-04 16:04 - 00000978 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-04-23 18:26 - 2013-08-22 11:43 - 00000000 ____D () C:\windows\DigitalLocker 2015-04-23 18:22 - 2015-02-03 11:59 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 __RSD () C:\windows\Media 2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\SysWOW64\Macromed 2015-04-23 18:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\PolicyDefinitions 2015-04-23 18:05 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\Sysprep 2015-04-23 18:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\registration 2015-04-23 18:04 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\AppCompat 2015-04-23 18:03 - 2015-02-10 12:24 - 00000000 __RHD () C:\MSOCache 2015-04-21 10:05 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\system32\NDF 2015-04-15 16:14 - 2014-12-07 21:48 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll 2015-04-08 07:30 - 2015-02-14 18:46 - 00000000 ____D () C:\ProgramData\HP 2015-04-04 05:44 - 2014-10-14 09:12 - 00000000 ____D () C:\Users\Trevor\AppData\Roaming\Adobe 2015-04-03 10:57 - 2015-02-15 12:17 - 00000000 ____D () C:\Users\Trevor\AppData\Local\Windows Live 2015-04-02 08:12 - 2014-05-08 23:55 - 00000000 ____D () C:\windows\Panther 2015-04-02 08:02 - 2013-08-22 11:36 - 00000000 ____D () C:\windows\Speech 2015-04-02 07:41 - 2014-10-14 09:12 - 00001449 _____ () C:\Users\Trevor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-04-01 11:16 - 2014-10-20 00:49 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-04-22 08:51 - 2015-04-22 08:52 - 0011728 _____ () C:\Users\Trevor\AppData\Local\Temp-log.txt 2014-05-08 22:58 - 2014-05-08 22:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-26 02:14 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top