Author Topic: virus (Read 1221 times)

erikiholloman · « **on:** April 27, 2016, 09:07:27 AM »

Dear Bro,

Kindly need your help! My computer was infected with virus.

attach below my hijackthis logfile.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 10:06:23 PM, on 27/4/2016

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.10240.16603)

Boot mode: Normal

Running processes:

C:\\Program Files (x86)\\Lenovo\\iMController\\PluginHost\\Lenovo.Modern.ImController.PluginHost.exe

C:\\Users\\chanka\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe

C:\\Program Files (x86)\\Garena Plus\\GarenaMessenger.exe

C:\\Program Files (x86)\\Lenovo\\Lenovo Photo Master\\PhotoMasterWorker.exe

C:\\Program Files (x86)\\Lenovo\\PowerDVD12\\PDVD12Serv.exe

C:\\Program Files (x86)\\Lenovo\\Power2Go\\CLMLSvc_P2G8.exe

C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguix.exe

C:\\Program Files (x86)\\AVG\\Av\\avgui.exe

C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe

C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe

C:\\Windows\\SysWOW64\\ctfmon.exe

C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

C:\\Program Files (x86)\\Thunder Network\\Thunder\\Program\\thunder.exe

c:\\program files (x86)\\common files\\thunder network\\tp\\ver1\\1.1.2.264_1111\\thunderplatform.exe

C:\\Program Files (x86)\\Thunder Network\\Thunder\\Program\\XLUEOPS.exe

C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

C:\\Users\\chanka\\Desktop\\HijackThis(1).exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE\'>http://lenovo15.msn.com/?pc=LCTE

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = about:blank

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = https://sg.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dsg%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AtD0C0BzztCyEyBzzzzyBtAyD0C0DtN0D0Tzu0StCyDyCyCtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0E0EyDyC0ByCtCtGyD0F0FtBtGzyyD0CyEtGtAyE0BtCtGtByDyBzyyD0Azyzz0AtAyCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtAzy0E0DyC0AtG0AyD0ByCtGyE0FyCyCtG0AtA0EtCtGtAtC0D0FyBtAyCzyyCzytDyD2QtN0A0LzuyE%26cr%3D1394391829%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage\'>https://sg.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dsg%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AtD0C0BzztCyEyBzzzzyBtAyD0C0DtN0D0Tzu0StCyDyCyCtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StD0E0EyDyC0ByCtCtGyD0F0FtBtGzyyD0CyEtGtAyE0BtCtGtByDyBzyyD0Azyzz0AtAyCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtAzy0E0DyC0AtG0AyD0ByCtGyE0FyCyCtG0AtA0EtCtGtAtC0D0FyBtAyCzyyCzytDyD2QtN0A0LzuyE%26cr%3D1394391829%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = %11%\\blank.htm

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=

O2 - BHO: VideoUrlSniffer - {00000ADA-7E0D-47C1-986C-F017D09C4304} - C:\\Users\\Public\\Thunder Network\\XMP5\\Addins\\VideoUrlSniffer.2.3.3.211.(699).dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O2 - BHO: Xunlei BHO Platform - {DE05CF4A-7B0A-4775-B5E5-396244938679} - C:\\Program Files (x86)\\Thunder Network\\Thunder\\Thunder BHO Platform\\np_tdieplat.dll

O4 - HKLM\\..\\Run: [CLMLServer_For_P2G8] \"C:\\Program Files (x86)\\Lenovo\\Power2Go\\CLMLSvc_P2G8.exe\"

O4 - HKLM\\..\\Run: [CLVirtualDrive] \"C:\\Program Files (x86)\\Lenovo\\Power2Go\\VirtualDrive.exe\" /R

O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun

O4 - HKLM\\..\\Run: [Intel(R) RealSense(TM) SDK info server] \"C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseInfo.exe\"

O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"

O4 - HKLM\\..\\Run: [AvgUi] \"C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguirnx.exe\" /lps=fmw

O4 - HKLM\\..\\Run: [AVG_UI] \"C:\\Program Files (x86)\\AVG\\Av\\avuirunnerx.exe\" C:\\Program Files (x86)\\AVG\\Av\\avgui.exe

O4 - HKLM\\..\\Run: [SDTray] \"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\"

O4 - HKCU\\..\\Run: [OneDrive] \"C:\\Users\\chanka\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background

O4 - HKCU\\..\\Run: [Chromium] \"c:\\users\\chanka\\appdata\\local\\chromium\\application\\chrome.exe\" --auto-launch-at-startup --profile-directory=\"Default\" --restore-last-session --restore-last-session

O4 - HKCU\\..\\Run: [GarenaPlus] \"C:\\Program Files (x86)\\Garena Plus\\GarenaMessenger.exe\" -autolaunch

O4 - HKCU\\..\\Run: [SpybotPostWindows10UpgradeReInstall] \"C:\\Program Files\\Common Files\\AV\\Spybot - Search and Destroy\\Test.exe\"

O9 - Extra button: (no name) - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\\Users\\Public\\Thunder Network\\XMP5\\V5.1.29.4510\\Program\\XmpIEToolMenu.htm (file missing)

O9 - Extra \'Tools\' menuitem:

- {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\\Users\\Public\\Thunder Network\\XMP5\\V5.1.29.4510\\Program\\XmpIEToolMenu.htm (file missing)

O9 - Extra button:

? - {24c1d00e-0b92-4379-880b-444fa2d740dd} - C:\\Users\\Public\\Thunder Network\\XMP5\\V5.1.29.4510\\Program\\XmpIEToolBar.htm (file missing)

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{4c1be958-c387-4f26-b97a-f11f8dc107d5}: NameServer = 82.163.142.7 95.211.158.134

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{84053b3e-252e-45f9-8a55-37975c3f5251}: NameServer = 82.163.142.7 95.211.158.134

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{acbc0327-2cda-47ba-9a95-86795bc36d8c}: NameServer = 82.163.142.7 95.211.158.134

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{b5187d8e-4321-463e-bb03-cff6ead0eb11}: NameServer = 82.163.142.7 95.211.158.134

O17 - HKLM\\System\\CS1\\Services\\Tcpip\\Parameters: NameServer = 82.163.142.7 95.211.158.134

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: NameServer = 82.163.142.7 95.211.158.134

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll

O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\\Windows\\SysWOW64\\tbauth.dll

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)

O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgamps.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgidsagent.exe

O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Framework\\Common\\avgsvca.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgwdsvcx.exe

O23 - Service: CCSDK - Lenovo - C:\\Program Files (x86)\\Lenovo\\CCSDK\\CCSDK.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\\Windows\\SysWow64\\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\\system32\\DiagSvcs\\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\\Windows\\system32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)

O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe

O23 - Service: FastbootService - Lenovo - C:\\Program Files (x86)\\Lenovo\\LenovoPortal\\FastBoot\\FbService.exe

O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)

O23 - Service: GDCAgent - Lenovo - C:\\Program Files (x86)\\Lenovo\\GDCAgentSetupRed\\GDCAgent.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorDataMgrSvc.exe

O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Bluetooth\\utilities\\ibtsiva.exe

O23 - Service: @%SystemRoot%\\system32\\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\\Windows\\system32\\IEEtwCollector.exe (file missing)

O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\\Windows\\system32\\igfxCUIService.exe (file missing)

O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - c:\\Program Files\\Lenovo\\ImController\\Service\\Lenovo.Modern.ImController.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: LenovoPortalService - Unknown owner - C:\\Program Files (x86)\\Lenovo\\LenovoPortal\\LenovoPortalService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\\Program Files\\Intel\\WiFi\\bin\\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\\System32\\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Intel(R) RealSense(TM) Depth Camera Manager Service (RealSenseDCM) - Intel(R) Corporation - C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseDCM.exe

O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe

O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDWSCSvc.exe

O23 - Service: @%SystemRoot%\\system32\\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\\Windows\\System32\\SensorDataService.exe (file missing)

O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\\Program Files (x86)\\Lenovo\\SHAREit\\Shareit.Service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe

O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)

O23 - Service: Update Agent (UpdateAgentService) - Unknown owner - C:\\Program Files\\update\\UpdateAgent.exe

O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)

O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)

O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Defender\\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\\Program Files (x86)\\Windows Defender\\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)

O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\\Program Files\\Intel\\WiFi\\bin\\ZeroConfigService.exe

--

End of file - 14191 bytes

guestolo · « **Reply #1 on:** April 27, 2016, 11:06:57 AM »

Do you know what virus you had/have?

Can you do the following please

Download the version of this tool for your operating system.

Farbar Recovery Scan Tool (64 bit)

Farbar Recovery Scan Tool (32 bit)

and save it to a folder on your computer\'s Desktop.

Double-click to run it. When the tool opens click Yes to disclaimer.

Press Scan button.

It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

The first time the tool is run, it makes also another log (Addition.txt).

Copy and paste it\'s contents also

erikiholloman · « **Reply #2 on:** May 02, 2016, 10:26:04 AM »

webs like advertisement will pop up when I surfing..

erikiholloman · « **Reply #3 on:** May 02, 2016, 10:31:35 AM »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-05-2016

Ran by chanka (administrator) on CHANKA (02-05-2016 23:28:35)

Running from C:\\Users\\chanka\\Desktop

Loaded Profiles: chanka (Available Profiles: chanka)

Platform: Windows 10 Home Single Language Version 1511 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/\'>http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\\Windows\\System32\\atiesrxx.exe

(Intel Corporation) C:\\Windows\\System32\\igfxCUIService.exe

(Intel(R) Corporation) C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe

(Intel Corporation) C:\\Program Files (x86)\\Intel\\Bluetooth\\utilities\\ibtsiva.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Framework\\Common\\avgsvca.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgwdsvcx.exe

(Microsoft Corporation) C:\\Program Files (x86)\\Skype\\Toolbars\\AutoUpdate\\SkypeC2CAutoUpdateSvc.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgidsagent.exe

(Microsoft Corporation) C:\\Program Files (x86)\\Skype\\Toolbars\\PNRSvc\\SkypeC2CPNRSvc.exe

(Lenovo) C:\\Program Files (x86)\\Lenovo\\LenovoPortal\\FastBoot\\FbService.exe

() C:\\Program Files\\update\\UpdateAgent.exe

(Intel(R) Corporation) C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseDCM.exe

(Intel Corporation) C:\\Windows\\SysWOW64\\IntelCpHeciSvc.exe

(Intel(R) Corporation) C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgcsrva.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgrsa.exe

(Lenovo) C:\\Program Files (x86)\\Lenovo\\CCSDK\\CCSDK.exe

(Lenovo) C:\\Program Files (x86)\\Lenovo\\GDCAgentSetupRed\\GDCAgent.exe

(Intel Corporation) C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorDataMgrSvc.exe

(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe

(Microsoft Corporation) C:\\Windows\\System32\\wlanext.exe

(Microsoft Corporation) C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe

(AMD) C:\\Windows\\System32\\atieclxx.exe

() C:\\Program Files (x86)\\Garena Plus\\ggdllhost.exe

(Intel Corporation) C:\\Windows\\System32\\igfxEM.exe

(Intel Corporation) C:\\Windows\\System32\\igfxHK.exe

() C:\\Windows\\System32\\igfxTray.exe

(Microsoft Corporation) C:\\Windows\\System32\\InputMethod\\CHS\\ChsIME.exe

(Lenovo) C:\\Program Files (x86)\\Lenovo\\CCSDK\\WinGather.exe

() C:\\Program Files (x86)\\Garena Plus\\ggdllhost.exe

(Realtek Semiconductor) C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe

(Realtek Semiconductor) C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe

(CyberLink Corp.) C:\\Program Files (x86)\\Lenovo\\PowerDVD12\\PDVD12Serv.exe

(Lenovo) C:\\Program Files\\Lenovo\\QuickOptimizer\\QuickOptimizerIcon.exe

(CyberLink Corp.) C:\\Program Files (x86)\\Lenovo\\Lenovo Photo Master\\PhotoMasterWorker.exe

() C:\\Program Files\\Lenovo\\LenovoUtility\\utility.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe

() C:\\Program Files (x86)\\Garena Plus\\GarenaMessenger.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPHelper.exe

(CyberLink) C:\\Program Files (x86)\\Lenovo\\Power2Go\\CLMLSvc_P2G8.exe

(Intel Corporation) C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseInfo.exe

(Oracle Corporation) C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguix.exe

(AVG Technologies CZ, s.r.o.) C:\\Program Files (x86)\\AVG\\Av\\avgui.exe

(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe

(Microsoft Corporation) C:\\Windows\\System32\\NetworkUXBroker.exe

(Microsoft Corporation) C:\\Windows\\System32\\SettingSyncHost.exe

(Intel Corporation) C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe

() C:\\Program Files (x86)\\Garena Plus\\bbtalk\\BBTalk.exe

(Microsoft Corporation) C:\\Windows\\System32\\InputMethod\\CHS\\ChsIME.exe

() C:\\Program Files (x86)\\AVG Web TuneUp\\WtuSystemSupport.exe

(AVG Secure Search) C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\vToolbarUpdater\\40.2.9\\ToolbarUpdater.exe

() C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\vToolbarUpdater\\40.2.9\\loggingserver.exe

() C:\\Program Files (x86)\\AVG Web TuneUp\\vprot.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

() C:\\Program Files\\WindowsApps\\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\\SkypeHost.exe

(深圳市迅雷网络技术有限公司) C:\\Program Files (x86)\\Thunder Network\\XMP\\V5.1.29.4510\\Bin\\XMP.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\\Run: [RtHDVCpl] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe [16403712 2015-08-06] (Realtek Semiconductor)

HKLM\\...\\Run: [RtHDVBg_Dolby] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe [1403136 2015-08-06] (Realtek Semiconductor)

HKLM\\...\\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe [1403136 2015-08-06] (Realtek Semiconductor)

HKLM\\...\\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe [1403136 2015-08-06] (Realtek Semiconductor)

HKLM\\...\\Run: [LenovoUtility] => C:\\Program Files\\Lenovo\\LenovoUtility\\utility.exe [791848 2015-09-27] ()

HKLM\\...\\Run: [IAStorIcon] => C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe [322472 2015-07-23] (Intel Corporation)

HKLM\\...\\Run: [SynTPEnh] => C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated)

HKLM-x32\\...\\Run: [CLMLServer_For_P2G8] => C:\\Program Files (x86)\\Lenovo\\Power2Go\\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink)

HKLM-x32\\...\\Run: [CLVirtualDrive] => C:\\Program Files (x86)\\Lenovo\\Power2Go\\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.)

HKLM-x32\\...\\Run: [StartCCC] => C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe [767176 2015-07-22] (Advanced Micro Devices, Inc.)

HKLM-x32\\...\\Run: [Intel(R) RealSense(TM) SDK info server] => C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseInfo.exe [21144 2015-07-09] (Intel Corporation)

HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [334896 2015-04-30] (Oracle Corporation)

HKLM-x32\\...\\Run: [AvgUi] => C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)

HKLM-x32\\...\\Run: [AVG_UI] => C:\\Program Files (x86)\\AVG\\Av\\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)

HKLM-x32\\...\\Run: [vProt] => C:\\Program Files (x86)\\AVG Web TuneUp\\vprot.exe [2885704 2016-05-02] ()

HKU\\S-1-5-21-588697207-2898605270-1819256574-1001\\...\\Run: [GarenaPlus] => C:\\Program Files (x86)\\Garena Plus\\GarenaMessenger.exe [9862184 2016-04-01] ()

HKU\\S-1-5-21-588697207-2898605270-1819256574-1001\\...\\Run: [SpybotPostWindows10UpgradeReInstall] => C:\\Program Files\\Common Files\\AV\\Spybot - Search and Destroy\\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

ShellIconOverlayIdentifiers: [.RBCShellExternal] -> {30C5E658-70B6-4570-A780-D362A5BE2049} => C:\\Users\\Public\\Video Legend\\RBC\\Addins\\RBCShellExternal64.dll [2015-12-07] (Shenzhen Video Legend Network Technology Co.,Ltd.)

ShellIconOverlayIdentifiers: [.XLKKDesktopIcon] -> {4DB0021B-1EC2-4C31-BD79-FEA2892EEB43} => C:\\Users\\Public\\Thunder Network\\KKVideo\\Addins\\KKVIconHandler64.dll No File

ShellIconOverlayIdentifiers: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\\Users\\Public\\Thunder Network\\KanKan\\reghelper\\xappex.1.1.1.85.(700).dll [2015-07-13] (深圳市迅雷网络技术有限公司)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0x2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000D0A

Tcpip\\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\\..\\Interfaces\\{4c1be958-c387-4f26-b97a-f11f8dc107d5}: [DhcpNameServer] 82.163.142.7

Tcpip\\..\\Interfaces\\{84053b3e-252e-45f9-8a55-37975c3f5251}: [DhcpNameServer] 82.163.142.7

Tcpip\\..\\Interfaces\\{acbc0327-2cda-47ba-9a95-86795bc36d8c}: [DhcpNameServer] 192.168.1.254

Tcpip\\..\\Interfaces\\{b5187d8e-4321-463e-bb03-cff6ead0eb11}: [DhcpNameServer] 82.163.142.7

Internet Explorer:

==================

HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = www.google.com

SearchScopes: HKLM -> DefaultScope {EED3CFEA-BF3C-43C2-B74D-2121B73A5E99} URL =

SearchScopes: HKU\\.DEFAULT -> DefaultScope {EED3CFEA-BF3C-43C2-B74D-2121B73A5E99} URL =

SearchScopes: HKU\\.DEFAULT -> {EED3CFEA-BF3C-43C2-B74D-2121B73A5E99} URL =

SearchScopes: HKU\\S-1-5-21-588697207-2898605270-1819256574-1001 -> DefaultScope {EED3CFEA-BF3C-43C2-B74D-2121B73A5E99} URL =

BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\\Program Files\\AVG Web TuneUp\\4.2.9.726\\AVG Web TuneUp.dll [2016-05-02] (AVG)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer x64\\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)

BHO-x32: VideoUrlSniffer Class -> {00000ADA-7E0D-47C1-986C-F017D09C4304} -> C:\\Users\\Public\\Thunder Network\\XMP5\\Addins\\VideoUrlSniffer.2.3.3.211.(699).dll [2014-12-16] (深圳市迅雷网络技术有限公司)

BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\\Program Files (x86)\\AVG Web TuneUp\\4.2.9.726\\AVG Web TuneUp.dll [2016-05-02] (AVG)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

BHO-x32: 迅雷下载支持组件 -> {DE05CF4A-7B0A-4775-B5E5-396244938679} -> C:\\Program Files (x86)\\Thunder Network\\Thunder\\Thunder BHO Platform\\np_tdieplat.dll [2014-08-01] (深圳市迅雷网络技术有限公司)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer x64\\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:

========

FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\\Users\\chanka\\VLC\\npvlc.dll [No File]

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\40.2.9\\\\npsitesafety.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\\Program Files (x86)\\Foxit Software\\Foxit Reader\\plugins\\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\\Program Files (x86)\\Foxit Software\\Foxit Reader\\plugins\\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\\Program Files (x86)\\Foxit Software\\Foxit Reader\\plugins\\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\\Program Files (x86)\\Foxit Software\\Foxit Reader\\plugins\\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @t.garena.com/garenatalk -> C:\\Program Files (x86)\\Garena Plus\\bbtalk\\plugins\\npPlugin\\npGarenaTalkPlugin.dll [2016-04-01] ( Garena)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\\Program Files (x86)\\Google\\Update\\1.3.29.5\\npGoogleUpdate3.dll [2016-03-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\\Program Files (x86)\\Google\\Update\\1.3.29.5\\npGoogleUpdate3.dll [2016-03-04] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @xunlei.com/DapCtrl -> C:\\Program Files (x86)\\Common Files\\Thunder Network\\KanKan\\npKKDapCtrl.dll [2015-05-28] (ShenZhen Thunder Networking Technologies Ltd.)

FF Plugin-x32: @xunlei.com/npaplayer -> C:\\Users\\Public\\Thunder Network\\APlayer\\codecs\\npaplayer.dll [2013-07-06] (ShenZhen Thunder Networking Technologies, LTD)

FF Plugin-x32: @xunlei.com/npxluser -> C:\\Program Files (x86)\\Common Files\\Thunder Network\\UserAgent\\npxluser2.0.2.3.dll [No File]

FF Plugin-x32: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\\Program Files (x86)\\Thunder Network\\Thunder\\Data\\npxunlei1.0.0.2.dll [2016-03-21] ( )

FF Plugin HKU\\S-1-5-21-588697207-2898605270-1819256574-1001: @xunlei.com/npxluser -> C:\\Program Files (x86)\\Common Files\\Thunder Network\\UserAgent\\npxluser2.0.2.3.dll [No File]

FF Plugin HKU\\S-1-5-21-588697207-2898605270-1819256574-1001: @xunlei.com/npxunlei;version=1.0.0.2 -> C:\\Program Files (x86)\\Thunder Network\\Thunder\\Data\\npxunlei1.0.0.2.dll [2016-03-21] ( )

Chrome:

=======

CHR HomePage: Default -> mysearch.avg.com/?rvt=1

CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com\'>https://mysearch.avg.com

CHR Profile: C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default

CHR Extension: (Google Slides) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-04]

CHR Extension: (Google Docs) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake [2016-03-04]

CHR Extension: (Google Drive) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]

CHR Extension: (YouTube) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]

CHR Extension: (AVG Secure Search) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\chfdnecihphmhljaaejmgoiahnihplgn [2016-05-02]

CHR Extension: (Google Sheets) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\felcaaldnbdncclmgdcncolpebgiejap [2016-03-04]

CHR Extension: (Google Docs Offline) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (Ace Stream Web Extension) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\mjbepbhonbojpoaenhckjocchgfiaofo [2016-04-02]

CHR Extension: (Chrome Web Store Payments) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]

CHR Extension: (Gmail) - C:\\Users\\chanka\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-04]

CHR HKLM-x32\\...\\Chrome\\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\\Program Files (x86)\\Skype\\Toolbars\\ChromeExtension\\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\\Program Files (x86)\\AVG\\Av\\avgamps.exe [638456 2016-04-06] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\\Program Files (x86)\\AVG\\Av\\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)

R2 avgsvc; C:\\Program Files (x86)\\AVG\\Framework\\Common\\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\\Program Files (x86)\\AVG\\Av\\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)

R2 c2cautoupdatesvc; C:\\Program Files (x86)\\Skype\\Toolbars\\AutoUpdate\\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)

R2 c2cpnrsvc; C:\\Program Files (x86)\\Skype\\Toolbars\\PNRSvc\\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)

R2 CCSDK; C:\\Program Files (x86)\\Lenovo\\CCSDK\\CCSDK.exe [650680 2015-07-30] (Lenovo)

R2 FastbootService; C:\\Program Files (x86)\\Lenovo\\LenovoPortal\\FastBoot\\FbService.exe [288768 2015-09-27] (Lenovo) [File not signed]

R2 GDCAgent; C:\\Program Files (x86)\\Lenovo\\GDCAgentSetupRed\\GDCAgent.exe [1155512 2015-07-30] (Lenovo)

R2 IAStorDataMgrSvc; C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorDataMgrSvc.exe [18856 2015-07-23] (Intel Corporation)

R2 ibtsiva; C:\\Program Files (x86)\\Intel\\Bluetooth\\utilities\\ibtsiva.exe [150256 2015-06-10] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\\Windows\\system32\\igfxCUIService.exe [350312 2015-08-19] (Intel Corporation)

S2 ImControllerService; c:\\Program Files\\Lenovo\\ImController\\Service\\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)

S2 LenovoPortalService; C:\\Program Files (x86)\\Lenovo\\LenovoPortal\\LenovoPortalService.exe [24312 2015-09-27] ()

S3 MyWiFiDHCPDNS; C:\\Program Files\\Intel\\WiFi\\bin\\PanDhcpDns.exe [268192 2015-06-12] ()

R2 RealSenseDCM; C:\\Program Files (x86)\\Common Files\\Intel\\RSDCM\\bin\\win32\\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Corporation)

S3 ShareItSvc; C:\\Program Files (x86)\\Lenovo\\SHAREit\\Shareit.Service.exe [31192 2016-02-02] (SHAREit Technologies Co.Ltd)

R2 UpdateAgentService; C:\\Program Files\\update\\UpdateAgent.exe [226216 2015-09-27] ()

R2 vToolbarUpdater40.2.9; C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\vToolbarUpdater\\40.2.9\\ToolbarUpdater.exe [1964616 2016-05-02] (AVG Secure Search)

S3 WdNisSvc; C:\\Program Files\\Windows Defender\\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\\Program Files\\Windows Defender\\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

R2 WtuSystemSupport; C:\\Program Files (x86)\\AVG Web TuneUp\\WtuSystemSupport.exe [1223752 2016-05-02] ()

S2 XLServicePlatform; C:\\Program Files (x86)\\Common Files\\Thunder Network\\ServicePlatform\\XLSP.dll [174448 2016-03-21] (ShenZhen Xunlei Networking Technologies,LTD)

S2 ZeroConfigService; C:\\Program Files\\Intel\\WiFi\\bin\\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\\Windows\\System32\\DRIVERS\\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\\Windows\\System32\\DRIVERS\\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\\Windows\\System32\\DRIVERS\\avgidsdrivera.sys [306976 2016-03-08] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\\Windows\\System32\\DRIVERS\\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\\Windows\\System32\\DRIVERS\\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\\Windows\\System32\\DRIVERS\\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\\Windows\\System32\\DRIVERS\\avgmfx64.sys [246560 2016-03-07] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\\Windows\\System32\\DRIVERS\\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)

R0 avguniva; C:\\Windows\\System32\\DRIVERS\\avguniva.sys [71456 2016-03-08] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\\Windows\\system32\\DRIVERS\\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)

R1 CLVirtualDrive; C:\\Windows\\system32\\DRIVERS\\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)

R0 Fastboot; C:\\Windows\\System32\\DRIVERS\\Fastboot.sys [67608 2015-09-27] (Windows (R) Win 7 DDK provider) [File not signed]

R0 FBFsmon; C:\\Windows\\System32\\DRIVERS\\FBFsmon.sys [39448 2015-09-27] (Windows (R) Win 7 DDK provider) [File not signed]

S3 GGSAFERDriver; C:\\Program Files (x86)\\Garena Plus\\Room\\safedrv.sys [27744 2016-04-27] ()

R3 gkernel; C:\\Users\\chanka\\AppData\\Local\\Temp\\gkernel.sys [50888 2016-04-27] ()

R3 ibtusb; C:\\Windows\\system32\\DRIVERS\\ibtusb.sys [263952 2016-04-27] (Intel Corporation)

R3 IntelDFUACPI; C:\\Windows\\System32\\drivers\\IntelDFUACPI.sys [36352 2015-07-09] (Intel(R) Corporation)

R3 IXCamera; C:\\Windows\\system32\\DRIVERS\\RealSenseDCM.sys [72704 2015-07-09] (Intel(R) Corporation)

R3 MEIx64; C:\\Windows\\System32\\drivers\\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)

R3 NETwNb64; C:\\Windows\\System32\\drivers\\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)

S3 NETwNe64; C:\\Windows\\System32\\drivers\\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)

R3 rt640x64; C:\\Windows\\System32\\drivers\\rt640x64.sys [895256 2015-06-23] (Realtek )

S3 RTSUER; C:\\Windows\\system32\\Drivers\\RtsUer.sys [419576 2016-03-04] (Realsil Semiconductor Corporation)

R3 SmbDrvI; C:\\Windows\\system32\\DRIVERS\\Smb_driver_Intel.sys [33960 2015-08-11] (Synaptics Incorporated)

S3 WdBoot; C:\\Windows\\system32\\drivers\\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\\Windows\\system32\\drivers\\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\\Windows\\System32\\Drivers\\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 wsvd; C:\\Windows\\system32\\DRIVERS\\wsvd.sys [102376 2012-06-14] (\"CyberLink)

S3 xhunter1; C:\\WINDOWS\\xhunter1.sys [36904 2016-05-02] (Wellbia.com Co., Ltd.)

R1 XLGuard; C:\\Windows\\System32\\drivers\\XLGuard.sys [28432 2016-01-19] (深圳市迅雷网络技术有限公司)

R2 XLWFP; C:\\Windows\\System32\\drivers\\xlwfp.sys [56080 2016-01-19] (深圳市迅雷网络技术有限公司)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-02 23:28 - 2016-05-02 23:29 - 00028668 _____ C:\\Users\\chanka\\Desktop\\FRST.txt

2016-05-02 23:28 - 2016-05-02 23:28 - 00000000 ____D C:\\FRST

2016-05-02 23:24 - 2016-05-02 23:28 - 02377216 _____ (Farbar) C:\\Users\\chanka\\Desktop\\FRST64.exe

2016-05-02 23:24 - 2016-05-02 23:24 - 01728000 _____ (Farbar) C:\\Users\\chanka\\Downloads\\FRST.exe

2016-05-02 20:58 - 2016-05-02 20:58 - 00000000 ____D C:\\Users\\chanka\\AppData\\Local\\AVG Web TuneUp

2016-05-02 20:58 - 2016-05-02 20:58 - 00000000 ____D C:\\Program Files (x86)\\Mozilla Firefox

2016-05-02 20:57 - 2016-05-02 20:58 - 00000000 ____D C:\\ProgramData\\AVG Web TuneUp

2016-05-02 20:57 - 2016-05-02 20:57 - 00000000 ____D C:\\ProgramData\\AVG Secure Search

2016-05-02 20:57 - 2016-05-02 20:57 - 00000000 ____D C:\\Program Files\\Common Files\\AVG Secure Search

2016-05-02 20:57 - 2016-05-02 20:57 - 00000000 ____D C:\\Program Files\\AVG Web TuneUp

2016-05-02 20:57 - 2016-05-02 20:57 - 00000000 ____D C:\\Program Files (x86)\\AVG Web TuneUp

2016-05-02 20:53 - 2016-05-02 20:53 - 00000000 ____D C:\\ProgramData\\Avg_Update_0516avz

2016-04-28 15:16 - 2016-04-27 23:42 - 00000000 ___DC C:\\WINDOWS\\Panther

2016-04-28 15:13 - 2016-04-28 15:13 - 00000000 ____D C:\\Windows.old

2016-04-28 15:11 - 2016-04-28 15:11 - 24602112 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mshtml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 22564328 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\shell32.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 22378496 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\edgehtml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 21124344 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\shell32.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 19340800 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mshtml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 18673664 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\edgehtml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 16985600 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.Xaml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 14252544 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wmp.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 13382656 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ieframe.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 13018624 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.UI.Xaml.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 12586496 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\wmp.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 12125184 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ieframe.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 11545600 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\twinui.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 09918976 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\twinui.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 08705672 _____ (Microsoft Corp.) C:\\WINDOWS\\system32\\Windows.Media.Protection.PlayReady.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 07979008 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mos.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 07836160 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Chakra.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 07533568 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mstscax.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 07474016 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ntoskrnl.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 07199232 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\BingMaps.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 06972416 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Data.Pdf.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 06952088 _____ (Microsoft Corp.) C:\\WINDOWS\\SysWOW64\\Windows.Media.Protection.PlayReady.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 06740992 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mstscax.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 06607080 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\windows.storage.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 06297088 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mos.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 05662208 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Chakra.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 05321728 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Data.Pdf.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 05242496 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\windows.storage.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 05202944 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\BingMaps.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 04894208 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\jscript9.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 04827136 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ExplorerFrame.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 04774912 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\actxprxy.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 04412928 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ExplorerFrame.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03994624 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SettingsHandlers_nt.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03671888 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\iertutil.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03671040 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\msi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03666432 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\jscript9.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03592704 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\win32kfull.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 03575296 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SystemSettingsThresholdAdminFlowUI.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03449168 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\WSService.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03428864 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Media.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03351040 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\msi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 03078144 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\esent.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02919320 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\iertutil.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02912256 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\CertEnroll.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02798080 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Media.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02773096 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\d3d11.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02755584 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wininet.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02722816 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\esent.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02656952 _____ C:\\WINDOWS\\system32\\CoreUIComponents.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02635776 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.Logon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02624512 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\InputService.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02604032 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\CertEnroll.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02581504 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MFMediaEngine.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02544264 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfcore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02403680 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\tcpip.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 02295808 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wlansvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02275328 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wuaueng.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02229760 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\wininet.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02193408 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\actxprxy.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02186864 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\d3d11.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02180136 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfcore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02158592 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\AppXDeploymentServer.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 02152280 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\ntfs.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 02061312 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\MFMediaEngine.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01997328 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\KernelBase.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01997152 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\dxgkrnl.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 01996288 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ActiveSyncProvider.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01946112 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\dwmcore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01944576 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\InputService.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01902592 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\msxml3.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01862008 _____ C:\\WINDOWS\\SysWOW64\\CoreUIComponents.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01847808 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\WMPDMC.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 01832448 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\AppXDeploymentExtensions.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01818696 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ntdll.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01799680 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.UI.Logon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01731584 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\urlmon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01714688 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SRHInproc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01707520 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ActiveSyncProvider.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01626624 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\dwmcore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01613664 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\diagtrack.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01588224 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\msxml3.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01575936 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Media.Speech.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01557768 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\KernelBase.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01542816 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ntdll.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01500672 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\urlmon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01497088 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\WMPDMC.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 01490432 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\UserDataService.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01444352 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\SRHInproc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01410560 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Web.Http.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01395712 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\UIAutomationCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01390080 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.Shell.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01388544 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\win32kbase.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 01388032 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\lsasrv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01322248 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ole32.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01318912 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wifinetworkmanager.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01317640 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\winload.efi

2016-04-28 15:11 - 2016-04-28 15:11 - 01297752 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\LicenseManager.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01239552 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Devices.Bluetooth.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01224704 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Unistore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01213440 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wwansvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01211904 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.Cred.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01173344 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\aeinv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01152864 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\ndis.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 01152328 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfasfsrcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01141504 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\winload.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 01139712 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\UIAutomationCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01139712 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\XblGameSave.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01131520 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Media.Audio.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01118208 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\localspl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01117184 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Media.Speech.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01105920 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Media.Audio.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01098240 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\dosvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01090048 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\RDXService.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01089888 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\http.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 01072128 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Web.Http.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01062480 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfmp4srcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01056256 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\JpMapControl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01054208 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\audiosrv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01052160 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MsSpellCheckingFacility.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 01030416 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\winresume.efi

2016-04-28 15:11 - 2016-04-28 15:11 - 01017032 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfsrcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00997376 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\schedsvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00990720 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SettingSyncCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00989536 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SecConfig.efi

2016-04-28 15:11 - 2016-04-28 15:11 - 00988160 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SharedStartModel.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00988160 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\NMAA.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00986976 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\LicenseManager.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00982016 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\AppxPackaging.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00980352 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfasfsrcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00970752 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\kerberos.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00965632 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SRH.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00958976 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\RemoteNaturalLanguage.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00957952 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\IKEEXT.DLL

2016-04-28 15:11 - 2016-04-28 15:11 - 00957608 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ole32.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00954368 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\bthport.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00949248 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Unistore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00948736 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\XblAuthManager.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00938496 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MapControlCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00938496 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ContactApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00915456 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\configurationclient.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00895080 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfsrcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00890368 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\AppxPackaging.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00888320 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Networking.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00882720 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfmp4srcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00881664 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.Input.Inking.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00874968 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\winresume.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00870912 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MPSSVC.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00870400 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\modernexecserver.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00859136 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.ApplicationModel.Store.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00854528 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Devices.Bluetooth.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00852480 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MapsStore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00848896 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wuapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00848896 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\samsrv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00848168 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfsvr.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00847360 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\netlogon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00841216 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\win32spl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00838144 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\uDWM.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00828928 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.AccountsControl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00821760 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\TokenBroker.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00821248 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\fvewiz.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00819648 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfmpeg2srcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00808800 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\WWAHost.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00800768 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\JpMapControl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00799744 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\SRH.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00794888 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfds.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00794112 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\BFE.DLL

2016-04-28 15:11 - 2016-04-28 15:11 - 00792064 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\kerberos.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00791744 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\generaltel.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00790528 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\EmailApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00787456 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Web.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00784896 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\NMAA.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00779384 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\taskschd.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00777728 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\MsSpellCheckingFacility.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00770640 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\iuilp.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00769536 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ContactApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00765952 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\fveapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00764928 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.UI.Cred.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00764928 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Chakradiag.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00755712 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\spoolsv.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00754176 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\SettingSyncCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00730344 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Internal.Shell.Broker.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00726528 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ChatApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00713824 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfmpeg2srcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00713728 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\netlogon.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00713568 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\invagent.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00712704 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\RemoteNaturalLanguage.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00711680 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\MapControlCore.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00709688 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfsvr.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00708608 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Security.Authentication.Web.Core.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00705536 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\wuapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00703840 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\WWAHost.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00700416 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\AppointmentApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00696664 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\NetSetupEngine.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00694784 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\WdiWiFi.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00688640 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.Networking.Connectivity.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00686976 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\dnsapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00686592 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ieproxy.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00685568 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\scapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00682496 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.UI.Input.Inking.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00676352 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\WSDApi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00673792 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Windows.UI.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00670928 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\mfds.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00652392 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\dxgi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00649728 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.ApplicationModel.Store.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00649216 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ngcsvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00641536 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\enterprisecsps.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00640472 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wer.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00638464 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Networking.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00638464 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\TokenBroker.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00630632 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\fontdrvhost.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00630272 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\PhoneProviders.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00628736 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MessagingDataModel2.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00625000 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\ClipSVC.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00617984 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\StorSvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00613376 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SettingSync.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00606720 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\wcmsvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00605440 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\cng.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00592384 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Web.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00591872 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SmsRouterSvc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00587776 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\bisrv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00585216 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.AccountsControl.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00576864 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\dxgmms2.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00575488 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\EmailApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00572272 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\taskschd.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00567808 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MCRecvSrc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00564224 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\WSDApi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00563552 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\acpi.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00558080 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MBMediaManager.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00556032 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\PsmServiceExtHost.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00555520 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\SyncController.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00552960 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\AppointmentApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00550912 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\StoreAgent.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00541304 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\fontdrvhost.exe

2016-04-28 15:11 - 2016-04-28 15:11 - 00540160 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\ChatApis.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00538736 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\wer.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00536256 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\AudioSes.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00535080 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\dnsapi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00534368 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\USBHUB3.SYS

2016-04-28 15:11 - 2016-04-28 15:11 - 00530432 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\Drivers\\nwifi.sys

2016-04-28 15:11 - 2016-04-28 15:11 - 00526336 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\FirewallAPI.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00523752 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\dxgi.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00521728 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Networking.Connectivity.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00517632 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\winspool.drv

2016-04-28 15:11 - 2016-04-28 15:11 - 00513888 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\devinv.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00503296 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\SettingSync.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00502104 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\NetSetupEngine.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00498688 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\tileobjserver.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00498448 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\MFCaptureEngine.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00498176 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\MessagingDataModel2.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00496128 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.Security.Authentication.Web.Core.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00493568 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\mfmkvsrcsnk.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00489984 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\Windows.UI.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00480256 _____ (Microsoft Corporation) C:\\WINDOWS\\SysWOW64\\MCRecvSrc.dll

2016-04-28 15:11 - 2016-04-28 15:11 - 00476728 _____ (Microsoft Corporation) C:\\WINDOWS\\system32\\msvproc.dll

2016-04-28 15:11 - 2016-04-28 15:1

TheTechGuide Forum

News:

Author Topic: virus (Read 1221 times)

erikiholloman

virus

guestolo

virus

erikiholloman

virus

erikiholloman

virus

erikiholloman

virus

guestolo

virus

erikiholloman

virus

erikiholloman

virus

guestolo

virus

erikiholloman

virus

guestolo

virus

guestolo

virus