Solved Am I infected?

learninmypc · Feb 22, 2018

018-02-13 12:19 - 2018-02-09 20:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 12:19 - 2018-02-09 20:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-13 12:19 - 2018-02-09 20:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-13 12:19 - 2018-02-09 20:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-13 12:19 - 2018-02-08 19:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-13 12:19 - 2018-02-01 19:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 12:18 - 2018-02-09 22:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-13 12:18 - 2018-02-09 22:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-13 12:18 - 2018-02-09 22:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-13 12:18 - 2018-02-09 22:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 12:18 - 2018-02-09 22:15 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-13 12:18 - 2018-02-09 22:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-13 12:18 - 2018-02-09 22:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-13 12:18 - 2018-02-09 22:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 12:18 - 2018-02-09 22:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-13 12:18 - 2018-02-09 22:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-13 12:18 - 2018-02-09 22:06 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-13 12:18 - 2018-02-09 22:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-13 12:18 - 2018-02-09 22:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-13 12:18 - 2018-02-09 21:22 - 001930224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-13 12:18 - 2018-02-09 21:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-13 12:18 - 2018-02-09 21:17 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-13 12:18 - 2018-02-09 21:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-13 12:18 - 2018-02-09 21:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 12:18 - 2018-02-09 21:07 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-13 12:18 - 2018-02-09 21:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-13 12:18 - 2018-02-09 20:50 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-13 12:18 - 2018-02-09 20:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-13 12:18 - 2018-02-09 20:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-13 12:18 - 2018-02-09 20:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-13 12:18 - 2018-02-09 20:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 12:18 - 2018-02-09 20:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-13 12:18 - 2018-02-09 20:45 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-13 12:18 - 2018-02-09 20:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-13 12:18 - 2018-02-09 20:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-13 12:18 - 2018-02-09 20:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-13 12:18 - 2018-02-09 20:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-13 12:18 - 2018-02-09 20:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-13 12:18 - 2018-02-09 20:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-13 12:18 - 2018-02-09 20:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-13 12:18 - 2018-02-09 20:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-13 12:18 - 2018-02-09 20:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-13 12:18 - 2018-02-09 20:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-13 12:18 - 2018-02-09 20:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-13 12:18 - 2018-02-09 20:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 12:18 - 2018-02-09 20:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-13 12:18 - 2018-02-09 20:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-13 12:18 - 2018-02-09 20:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-13 12:18 - 2018-02-09 20:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-13 12:18 - 2018-02-09 20:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-13 12:18 - 2018-02-09 20:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-13 12:18 - 2018-02-09 20:32 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-13 12:18 - 2018-02-09 20:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-13 12:18 - 2018-02-09 20:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-09 09:05 - 2018-02-09 09:05 - 000000000 ____D C:\Users\cyber\AppData\Local\MetaGeek,_LLC
2018-02-02 05:17 - 2018-01-17 10:47 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-02-02 05:17 - 2018-01-17 10:47 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-01-24 05:30 - 2018-01-24 05:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-24 05:30 - 2018-01-24 05:30 - 000000000 ____D C:\Program Files\iTunes
2018-01-24 05:30 - 2018-01-24 05:30 - 000000000 ____D C:\Program Files\iPod
2018-01-24 05:23 - 2018-01-24 05:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-24 05:23 - 2018-01-24 05:23 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-01-23 05:49 - 2018-01-23 05:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

learninmypc · Feb 22, 2018

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-22 19:15 - 2017-10-17 13:43 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA1DAFDB-EB48-4904-97A2-507C085DC2CF}
2018-02-22 18:09 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-22 17:13 - 2017-10-17 13:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-22 14:39 - 2017-10-17 13:43 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForcyber
2018-02-22 14:39 - 2017-01-03 19:20 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForcyber.job
2018-02-22 14:00 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-22 14:00 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-22 10:02 - 2017-01-03 21:01 - 000000000 ____D C:\Users\cyber\AppData\LocalLow\Mozilla
2018-02-22 08:31 - 2017-01-12 10:28 - 000000000 ____D C:\Users\cyber\Documents\New folder
2018-02-21 17:51 - 2017-10-17 13:41 - 001479180 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-21 17:44 - 2017-10-17 13:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-21 17:44 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-21 17:44 - 2017-01-04 05:41 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-02-21 17:43 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-02-21 17:43 - 2017-09-29 00:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-21 17:43 - 2009-07-13 19:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-21 06:53 - 2017-07-13 11:20 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2018-02-21 06:53 - 2010-02-22 18:38 - 000000000 ____D C:\ProgramData\Temp
2018-02-21 06:41 - 2017-06-19 06:54 - 000002089 _____ C:\Users\cyber\Desktop\FileHippo App Manager.lnk
2018-02-21 02:45 - 2017-02-04 22:48 - 000000000 ____D C:\Users\cyber\AppData\Roaming\vlc
2018-02-20 19:56 - 2017-11-30 14:58 - 000000000 ____D C:\AdwCleaner
2018-02-20 19:32 - 2017-01-03 19:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-20 17:59 - 2017-01-09 11:39 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-02-20 17:58 - 2017-02-24 16:47 - 000000000 ____D C:\Program Files\RogueKiller
2018-02-20 17:58 - 2017-01-04 05:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-02-20 10:03 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-20 05:16 - 2017-01-18 08:09 - 000000000 ____D C:\Users\cyber\AppData\Roaming\MPC-HC
2018-02-19 14:04 - 2018-01-09 11:45 - 000000000 ____D C:\Users\cyber\AppData\Local\PlaceholderTileLogoFolder
2018-02-18 19:19 - 2017-09-16 06:37 - 000000000 ____D C:\Users\cyber\Desktop\MY TUNES
2018-02-18 15:48 - 2017-10-17 13:18 - 000000000 ____D C:\Users\cyber\AppData\Local\Packages
2018-02-17 13:27 - 2017-01-04 08:56 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-02-17 08:46 - 2017-01-03 20:54 - 000000000 ____D C:\Users\cyber\AppData\Local\Google
2018-02-17 08:46 - 2017-01-03 20:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-15 10:25 - 2017-01-04 05:45 - 000000000 ____D C:\Users\cyber\Desktop\SECURITY
2018-02-15 04:51 - 2017-07-11 08:16 - 000000000 ____D C:\Users\cyber\Documents\My Filehippo Downloads
2018-02-14 20:02 - 2017-02-26 19:59 - 000000000 ____D C:\Users\cyber\AppData\Local\ElevatedDiagnostics
2018-02-14 19:45 - 2017-10-13 16:17 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-14 10:04 - 2017-10-13 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-14 10:00 - 2018-01-19 05:58 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-14 08:02 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-13 14:01 - 2017-07-18 10:48 - 000000000 ___RD C:\Users\cyber\3D Objects
2018-02-13 14:01 - 2017-01-04 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-13 13:59 - 2017-10-17 13:10 - 000303752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-13 12:36 - 2017-01-03 20:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-13 12:32 - 2017-10-11 08:22 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 12:32 - 2017-01-03 20:21 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 12:31 - 2017-09-29 05:41 - 001043352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-13 12:30 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-13 12:23 - 2017-09-29 05:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-09 18:27 - 2017-01-04 07:44 - 000000000 ____D C:\Users\cyber\AppData\Local\CrashDumps
2018-02-09 09:13 - 2017-01-05 09:49 - 000000000 ____D C:\Users\cyber\AppData\Roaming\Apple Computer
2018-02-09 09:12 - 2017-10-17 13:17 - 000000000 ____D C:\Users\cyber
2018-02-09 09:12 - 2017-07-21 05:19 - 000000000 ____D C:\Users\cyber\AppData\Local\Apple Inc
2018-02-08 10:48 - 2017-01-04 09:42 - 000000000 ____D C:\Users\cyber\dwhelper
2018-02-08 09:52 - 2017-12-03 07:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-08 09:52 - 2017-12-03 07:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-08 09:52 - 2017-07-03 05:28 - 000000000 ____D C:\Users\cyber\AppData\Local\FSDART
2018-02-08 09:07 - 2017-07-03 05:28 - 000000000 ____D C:\ProgramData\F-Secure
2018-02-08 05:57 - 2017-12-03 07:24 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-07 06:13 - 2017-05-17 04:15 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-02-06 08:54 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 08:54 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-05 18:49 - 2017-09-29 05:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 18:49 - 2017-09-29 05:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 08:46 - 2017-05-07 14:26 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-01-30 16:36 - 2017-10-17 13:43 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3403886051-827337895-3073139048-1000
2018-01-30 16:36 - 2017-01-04 20:30 - 000002365 _____ C:\Users\cyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 16:36 - 2017-01-04 20:30 - 000000000 ___RD C:\Users\cyber\OneDrive
2018-01-24 05:41 - 2017-01-03 19:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 05:23 - 2017-01-05 09:47 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-15 03:51

==================== End of FRST.txt ============================

Broni · Feb 22, 2018

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Broni · Feb 22, 2018

See if the popup is still there.

learninmypc · Feb 23, 2018

No pop up this morning but here is the scan result
Fix result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by cyber (23-02-2018 04:31:13) Run:2
Running from C:\Users\cyber\Desktop
Loaded Profiles: cyber (Available Profiles: cyber)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\MountPoints2: {f1ab480a-d22a-11e6-8840-d8d38578f2cc} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-02-22]

*****************

"HKU\S-1-5-21-3403886051-827337895-3073139048-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1ab480a-d22a-11e6-8840-d8d38578f2cc}" => removed successfully
HKLM\Software\Classes\CLSID\{f1ab480a-d22a-11e6-8840-d8d38578f2cc} => key not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk => moved successfully

==== End of Fixlog 04:31:17 ====

Broni · Feb 23, 2018

Good

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

11. Please, let me know, how your computer is doing.

learninmypc · Feb 23, 2018

Once again, I thank you very much. I just hope the pop up don't return. Have a great day

Broni · Feb 23, 2018

Way to go!!
Good luck and stay safe

learninmypc · Feb 23, 2018

Solved Am I infected?

learninmypc

Posts: 9,679 +724

learninmypc

Posts: 9,679 +724

Broni

Posts: 56,041 +516

Attachments

Broni

Posts: 56,041 +516

learninmypc

Posts: 9,679 +724

Broni

Posts: 56,041 +516

learninmypc

Posts: 9,679 +724

Broni

Posts: 56,041 +516

learninmypc

Posts: 9,679 +724

Similar threads

Latest posts