Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Crafty Virus [Solved]

virus malware spyware random uninstalls programs wont work

  • This topic is locked This topic is locked

#16
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Good to know.

 

Any changes since running the earlier tools?


  • 0

Advertisements


#17
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Check Disk Results:

 

Windows has checked the file system and found no problems

 

And no, no changes that I'm aware of.

 

One thing that I am worried about though is a virus being hidden in my windows update, because I have had that happen before. Not fun. I've been basically going around the update until I get a clean bill of cyber health from you. I've also been keeping off the internet on that computer.


Edited by Solice93, 15 November 2016 - 03:06 AM.

  • 0

#18
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

And no, no changes that I'm aware of.

 

Are you saying that the machine is still closing down by itself for no reason that you can see or, has that stopped?

 

 

a virus being hidden in my windows update

 

Can you expand on that. Was the computer attempting to update but being redirected somewhere it shouldn't or, was it some glitch or other with the updates.

 

Tell me when  you return.

Meanwhile please do this:

 

Please download Farbar Service Scanner and run.
 

  • Make sure the following options are checked:

     
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services
  • Press Scan
  • A log (FSS.txt) will be created in the same directory the tool is run.
  • Copy and paste the log back here.

 

When you return please post

  • Tell me the answers to the two questions I asked
  • FSS.txt

  • 0

#19
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Oh, no. The computer seems to be running fine. It acts slow on startup, but that has always been a thing. Once it loads its services and starts all of the normal processes, it's good to go.

 

As for the updates, I've heard of viruses embedding themselves in updates, and somehow getting elevated privileges once the computer restarts. I've had this happen to me before when I was updating my computer, it shuts off, comes back on, and boom, virus. 

 

Farbar Service Scanner Version: 27-01-2016
Ran by ExoSuitOne (administrator) on 15-11-2016 at 14:24:36
Running from "C:\Users\ExoSuitOne\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


  • 0

#20
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

It acts slow on startup, but that has always been a thing.


You might run a Defrag to see if that makes any difference.

I see that FSS says there was no internet connection. I take it that you were just disconnected while running the scan because you clearly have no difficulty posting here.

Otherwise everything seems fine, including Windows Updates.

Just to check let's run an online scan by a provider other than the one you have.

Please run a free on line scan with BitDefender Online Scanner

  • Click the green Start Scanner button
  • Click the green Scan Now button and wait a few seconds until a request appears from Bitdefender
  • Accept the plugin installation
  • Restart your browser in Administration mode if requested
  • Click the green Scan Now button again
  • Accept the eula agreement if asked
  • The scan should start. It will be relatively quick.
  • Click View report (note: this is not the green button - Free download  - just click on the words View report under the black button "Get QuickScan for your website")
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report aback here and tell me how your machine is now.

 
  • 0

#21
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I have been keeping my desktop quarantined from the internet as much as possible. I've been posting via my laptop. I've been transferring all of the necessary logs and programs back and forth on a flash drive. As soon as I get home, I will hook up my network connection and run that scan again. I'm at the local library right now, studying. I will be back home near 10:00 PM. I post sometime around 10:10 PM. I'll will also give you the log report for bit defender at that time as well as soon as it gets done.


Edited by Solice93, 15 November 2016 - 04:22 PM.

  • 0

#22
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

:thumbsup:


  • 0

#23
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

Farbar Service Scanner Version: 27-01-2016
Ran by ExoSuitOne (administrator) on 15-11-2016 at 22:08:50
Running from "C:\Users\ExoSuitOne\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

Will report back with online scanner data when I have it.


  • 0

#24
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

QuickScan 32-bit v0.9.9.152
---------------------------
Scan date:  Tue Nov 15 22:14:15 2016
Machine ID: C7BEDE0



No infection found.
-------------------



Processes
---------
(unsigned)  Sound Blaster Cinema 2                   3116    C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(unsigned)  usbmonitor                               2288    C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe

(verified)  f.lux                                    3056    C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
(verified)  Firefox                                  3160    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified)  Firefox                                  4012    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(verified)  Live Update 6 Application                3168    C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(verified)  NVIDIA Backend                           1960    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(verified)  Super Charger                            3108    C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe


Network activity
----------------
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 157.240.3.24
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.218.174
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.218.194
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.194.66
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 74.125.21.99
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 52.36.147.158
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 52.36.147.158



Autoruns and critical files
---------------------------
(verified)  Catalyst® Control Center                 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(unsigned)  Creative Updreg                          C:\Windows\Updreg.EXE
(verified)  f.lux                                    C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
(verified)  Killer Network Manager                   C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(verified)  Live Update 6 Application                C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\Bubbles.scr
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\userinit.exe
(verified)  MSI Start Command Center                 C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
(verified)  NVIDIA GeForce 3D Vision                 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
(unsigned)  Sound Blaster Cinema 2                   C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(verified)  Steam Client Bootstrapper                C:\Program Files (x86)\Steam\Steam.exe
(verified)  Super Charger                            C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe


Browser plugins
---------------
(verified)  Adobe Content Decryption Module for Fir  C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-eme-adobe\17\eme-adobe.dll
(verified)  Bitdefender QuickScan                    C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified)  gmpopenh264.dll                          C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
(verified)  Google Update                            C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
(verified)  Internet Explorer                        C:\Windows\SysWOW64\ieframe.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\mswsock.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
(verified)  NPSWF32_23_0_0_205.dll                   C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
(unsigned)  NVIDIA 3D Vision                         C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
(unsigned)  NVIDIA 3D VISION                         C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
(unsigned)  Shockwave for Director                   C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
(verified)  Silverlight Plug-In                      c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
(verified)  Unity Player                             C:\Users\ExoSuitOne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
(verified)  Widevine Content Decryption Module       C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\NapiNSP.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\pnrpnsp.dll
(verified)  Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll


Scan
----
MD5: 5b4bbac9467b8db6bc4a404cf1867fe0  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: 90e22d7cde08e07446d238a569bcab7c  C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: 37be5099f87d7ee0ffeb2c782d8ca182  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTAudEp.dll
MD5: 8429c1d07c35bf5eb67c0a73e58ef188  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTLoadRs.dll
MD5: a83f227728b12dffc109f0fbf7d90458  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\en-US\SBCinema2.resources.dll
MD5: c9612abf50b3fc7c9d9d041b648d0d74  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\HKDetect.dll
MD5: c763dcf9a417eb3b69ed783670060f9e  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\Interop.CTSndCr.dll
MD5: 67e0acc605b64401554cfcd0512e0f12  C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
MD5: 13198a7037aa4d68adbe91ef7ee8ee4e  C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
MD5: 3ee8ae0ecfe5d79de1737a855ad1e84c  C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
MD5: e1b44a75947137f4143308d566889837  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
MD5: f045df7af127dc4bcc53421850114e15  c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
MD5: ec4f2cb68dcf7e96516eb284003be8bb  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll
MD5: b9287eb7bcbfdcec2e8d4198fd266509  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll
MD5: dbb81fcc74c59490008ee59bffff5a6d  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll
MD5: f61b9ecb79cd20fc2e8fce87286cfe43  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll
MD5: e4110aa5c8a32b63de2c85e0bc297c54  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll
MD5: 00b548bf3eab7a6debce296ee5e877de  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll
MD5: 94e386a317faa200aa1dc270ce54e5fd  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll
MD5: e8ccecac4f06679b9d5e77333d216ee0  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll
MD5: 42153324a982f848d7a49bb7406125c2  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll
MD5: aad41d33906cfdb31681ce8276648481  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll
MD5: bc75b80a80802146e79c383c94542f06  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll
MD5: 1028042a84aefe816280f22a4517dc68  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll
MD5: b7e1023ebbf0e5018c58b5488c03a643  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll
MD5: 2f10f2255271b09d58af75f58476899c  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll
MD5: 65fe48962755451a1a5bab26e6fd978d  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll
MD5: a3eccd7f2f2c45d1553055593278645a  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll
MD5: c8f1a3b19e5103751202010805bce5c9  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll
MD5: e0aeba2d9d9ae584d6c1aa0f5929526b  C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll
MD5: 11053f6c879d92bcab8929f93ed726d5  C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MD5: bd30ea1b259469d88bd20d141104f951  C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: 7ede6d6996a716d0a365791969088268  C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: 29828efe671a5ab8ab875afbfc127499  C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
MD5: b8e61d5fefc9b73e5267ac3300a67841  C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: a84a8a708751e2cb1f2bb117e9b7f390  C:\Program Files (x86)\Mozilla Firefox\msvcp140.dll
MD5: c30076b6f6153b01fde54f9979f17e01  C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: 7cbb9d910df09c59a3dd8662cbca5859  C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: f159907942c205692901fcd1482060d7  C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: 437079ab6d5dce15b46c08f2c11e788d  C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MD5: d29570ddab71246db77539d91c2aa823  C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: 015b30309491a911e75748ad69c9e680  C:\Program Files (x86)\Mozilla Firefox\ucrtbase.dll
MD5: b7ebc19a5b23d0d32ff014e30be26061  C:\Program Files (x86)\Mozilla Firefox\vcruntime140.dll
MD5: 8e39fdd26021ed50160264e04a079b71  C:\Program Files (x86)\Mozilla Firefox\xul.dll
MD5: cbcc3a1e47a664cccbc7a25081c4d88b  C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: adce79260743c057ca89ac697aecbd67  C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
MD5: b83d1640ed91839bc001e35982f2ddc1  C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
MD5: 6eefc263a879f2743ad6ae88942ef2e9  C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
MD5: 6cce5bb9c8c2a8293df2d3b1897941a2  C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys
MD5: 37d896d2395ad8fe1180ddb221fa914a  C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
MD5: 54e39fa9d2d250e5239f4aff8bd8ec6d  C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
MD5: ba21611e07ffc6df2c7b02b68aa130e9  C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
MD5: 328be44ba194579206f8524701f7d661  C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
MD5: c859a41f3156daf993e09b42e029f8f9  C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
MD5: ec6f42987a38739fdc3c5ade9bd7f939  C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
MD5: c6f53f83784b9977465ac876ef251549  C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
MD5: f5ca50780a0970443620da9b000617bc  C:\Program Files (x86)\MSI\Live Update\Live Update.exe
MD5: 28dd3f7da8140346338aa890e6f58e5c  C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
MD5: 263015394a2cad3f49ddc12985e05c8e  C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
MD5: 23cf3da010497eb2bf39a5c5a57e437c  C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
MD5: 978c7f319dd5c79fafbd7d3b59743521  C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
MD5: 82aa999e46996b2ff57a57d77210d28d  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 7dd6dde45bc3910b772844ace461dc14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: 50e534163753c04a7ab1c01a682e38b0  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MD5: cda91a6e5cdec1e6f3a2e8abc43346ca  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
MD5: fa9bc0048ed46c5fb5c93eaffc97f63d  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
MD5: 133cdc1a82f08b22d619b8ac8ee46d09  C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MD5: c8ac55ccb8ab33713522b4caafac0f59  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
MD5: d2ce6ea0e9f641d7153462d40c6b4193  C:\Program Files (x86)\Steam\Steam.exe
MD5: d7253a1a7a49fa40ef0ba1955aafb346  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
MD5: d5c7c3ab9169fec697738c24fc1e359b  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
MD5: 2b3fa3cb022478de79721ca25612c5ef  C:\Program Files\Killer Networking\Network Manager\KillerService.exe
MD5: 021b2f75673188e8b46f03f3002d1aa0  C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
MD5: def76b479c3525952d0bd71e881e07b0  C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
MD5: af5be3694a76365874b8967331049f2c  C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
MD5: 77be9e1afce995652a1c4ff4c8a0f839  C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
MD5: 968eda6ea6e00dfae78586bfa6322b74  C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
MD5: 7cbb1d4d13dc62d7f529d87151fd3cd3  C:\Program Files\Windows Defender\MpSvc.dll
MD5: a9f3bfc9345f49614d5859ec95b9e994  C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 786b4a03d9fcf26775392fd68e2db69b  C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
MD5: 44a9229022a519ed45294a1934c05eec  C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
MD5: 24bf8ea123405c830f92cc084eeec13c  C:\Users\ExoSuitOne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: b8ff5528c19e81b85a800bfcf41f16d4  C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: b1c853e7285e224a69695be88ed31a2c  C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-eme-adobe\17\eme-adobe.dll
MD5: ac8327b0d820f6177ceefff995a76080  C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
MD5: 6f4c70c96fedc4e0a79c49d75fb31819  C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
MD5: b7a50025e0d3521e6aa4d2f047c95f61  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MD5: 9926f680501d0e9b8d8e291a6d9788d1  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5582ea5a2f2d3c2e0ad6f50cf49efec8\PresentationCore.ni.dll
MD5: 055d2999921013a2922019eb290596bd  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94ae4e1eb683acb3eba1e8b4290c7d0e\PresentationFramework.ni.dll
MD5: 9c5834969ad24681b5e83fe8db6a6ee3  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d715f0706e56d7a65af0fe35bf565013\PresentationFramework.Aero.ni.dll
MD5: bb60c72bf5c9c1f7e5ca0d5712de8e23  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c8b82d8b2e7e18c7caf27b8017c6c615\System.Configuration.ni.dll
MD5: d75434be7d95541861caeba1bbc601e0  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
MD5: 4f5a4742488ffd41e18f1eb5e70c3c9d  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
MD5: 747a623bc69ac725b9a165f369194d2d  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
MD5: 15e4e34f0e5b6ec149e78b48852182bb  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
MD5: c3203bd9f00e27cd3ebed85d5a09345b  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b307bd80b0707bfa6ea87eb69a8e15eb\WindowsBase.ni.dll
MD5: c4002b6b41975f057d98c439030cea07  C:\Windows\ehome\ehrecvr.exe
MD5: 9da3b83f80e205b6c601eee1312fd0a0  C:\Windows\explorer.exe
MD5: b4d73f04e9bc076f7cdac4327df636bb  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
MD5: c98a5b9d932430ad8eebd3ef73756ef7  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6  C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 660d597b7a78256734d7f3230b21b355  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
MD5: 1400c75ff021d6cface46ac41b60770e  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
MD5: 15cba881e10968e33b43d31be6097ba3  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
MD5: 09a116fb06c5e362ef8938d29cdab27b  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: f13ec8a783e0cb0d6dc26a3ca848b7b8  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
MD5: ff98ef5a50ea52fa115fe60b0f0a92b1  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 8280f12a51369ac436f2f9c210290067  C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MD5: bd460a85e005b5d22328f02944f476bc  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: ab4cd527befcc43ee441e6c50cce54c8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: 773212b2aaa24c1e31f10246b15b276c  C:\Windows\servicing\TrustedInstaller.exe
MD5: 153efcbd8d00dfa150d8b1a31c893c4b  C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
MD5: 27158f033276cb58f6831079a5266fce  C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 12f5b0af2a8f8ffab5c0c34aaf788f29  C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
MD5: 5a6a3544b9fd71a8267b05baee6c26c0  C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
MD5: f0cc89efa051e2937443fc400249084e  C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: c0511fcb70e5022e23b505beba0461e7  C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 23a1bfbf7fa153592195ddbc94d152f6  C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
MD5: 5ab38268acddfe14f140cd61e411086f  C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
MD5: a161cb356d29093fe3f17283cbd97f89  C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
MD5: 088bfc5bf2b7ace0349802e56ca78aa8  C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 2363eee139f1af13f6b82778fab1c812  C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
MD5: 208213035c9193f7fd7d1455958a5003  C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 8dedf6a335aa4c4ea2fba2a89b73fcb9  C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
MD5: fef9a58f005448a49e084659827737aa  C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 94aa2fede03f6b69b4ac1ca997a30671  C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
MD5: 2bebdec60da525e600d85d6ddd2cef7d  C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
MD5: a5e93d168b1b24e95c10664412f6bfcc  C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 6e0504efaf4859f5079f517e2a7ec2ae  C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: dfe63a6fd4dc661111362036253e51d8  C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: cabdf7c99c248e4c3f7c8913b71185de  C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
MD5: c1e5353a6857686cc82be28979459a82  C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: aa193db23ff6924301572b6eb5215c0f  C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
MD5: aef7c3b38022f9df390b82574192a1a4  C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
MD5: a220429ac3752f10be0a452404403a36  C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: d911e44dc158741e6c7db790c79792aa  C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 41e5461c148ac8655a12acff20997675  C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
MD5: 2a0df7e2ba1aee8de018903d6b3c371c  C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: 972e19a35bc9e20a6dfffc9509cd705e  C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
MD5: beca6760255cd050ff3754119d1af580  C:\Windows\System32\apisetschema.dll
MD5: 775c41c2f2ef3dd150a7444b95e631d0  C:\Windows\System32\Bubbles.scr
MD5: ad7b9c14083b52bc532fba5948342b98  C:\Windows\System32\cmd.exe
MD5: bec72ba50e703184ba0cf2dd06b707c8  C:\Windows\System32\cryptsvc.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63  C:\Windows\System32\dhcpcore.dll
MD5: 3da48ea028ad771c5b71727f0c3984e9  C:\Windows\System32\explorer.exe
MD5: 2b857fd18ba4b5be6409bd6ce79eb4bd  C:\Windows\System32\msiexec.exe
MD5: a88241c2a519afd2c99a40000f9113e6  C:\Windows\System32\mswsock.dll
MD5: fe48346938c1cdddf4e4097db9b99764  C:\Windows\System32\nlaapi.dll
MD5: 87ba3e79c594abcfb576ce20e557e301  C:\Windows\System32\ntdll.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720  C:\Windows\System32\pla.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8  C:\Windows\System32\provsvc.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd  C:\Windows\System32\SearchIndexer.exe
MD5: 4ae380f39a0032eab7dd953030b26d28  C:\Windows\System32\SessEnv.dll
MD5: 414da952a35bf5d50192e28263b40577  C:\Windows\System32\shsvcs.dll
MD5: 613bf4820361543956909043a265c6ac  C:\Windows\System32\tapisrv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223  C:\Windows\System32\userinit.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc  C:\Windows\System32\wcncsvc.dll
MD5: dde994e9159497d0d5ab2cdf66d1ead6  C:\Windows\System32\wdi.dll
MD5: 55c70654420dbf429604fd567e6f3cd3  C:\Windows\System32\WebClnt.dll
MD5: ead314f2142162ae4de91355580f6607  C:\Windows\System32\winhttp.dll
MD5: 1de9bd23afa36150586c732d876d9b74  C:\Windows\System32\WsmSvc.dll
MD5: 8ce35d76726dfc8c3848bb26b3c79a54  C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
MD5: 901b8e4c2ba406edca8b3a8dada4ad6e  C:\Windows\SysWOW64\advapi32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: e4bf71f72e211b12afc77cacee12628a  C:\Windows\SysWOW64\APOMngr.DLL
MD5: d5afc3a476925ce740b7079d9bd2d269  C:\Windows\SysWOW64\apphelp.dll
MD5: 53cbe17893292f129b3260a2c3514889  C:\Windows\SysWOW64\asycfilt.dll
MD5: 50b8937a81360d16a5c772302bd32cfe  C:\Windows\SysWOW64\AudioSes.dll
MD5: 6b98026761228f913e9fa3f974920a20  C:\Windows\SysWOW64\bcryptprimitives.dll
MD5: f436e847fa799ecd75ad8c313673f450  C:\Windows\SysWOW64\cfgmgr32.dll
MD5: fab1f423fac9f69024baa3f9cd3b7916  C:\Windows\SysWOW64\ChezSC32.DLL
MD5: bdbb29f1c23665a4721f79d9bff60fa6  C:\Windows\SysWOW64\CmdRtr.DLL
MD5: d1de1eafde97be41cf6585027ff3e732  C:\Windows\SysWOW64\comdlg32.dll
MD5: 60accb7e0462a6269c8e07ada5a651fb  C:\Windows\SysWOW64\credssp.dll
MD5: 60066cc1f3c451da041189c5db296ef3  C:\Windows\SysWOW64\crypt32.dll
MD5: d3018c01809d5d7dbdcef5f722b09e91  C:\Windows\SysWOW64\cryptbase.dll
MD5: 3608a16863d63d6267e44530712fc245  C:\Windows\SysWOW64\cryptnet.dll
MD5: b54fd1991e659fd61ef1d34ec27aaecd  C:\Windows\SysWOW64\cryptsp.dll
MD5: 14800bd31701a5047ac3145bb1e698ae  C:\Windows\SysWOW64\d2d1.dll
MD5: 6de66fe7c526637e74cd066461c7c871  C:\Windows\SysWOW64\d3d11.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6  C:\Windows\SysWOW64\d3d9.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8  C:\Windows\SysWOW64\dbghelp.dll
MD5: 449115f5cf9fc43355177a19e8df4636  C:\Windows\SysWOW64\dciman32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08  C:\Windows\SysWOW64\devobj.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7  C:\Windows\SysWOW64\dhcpcsvc6.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9  C:\Windows\SysWOW64\dnsapi.dll
MD5: 52213d271f6804aaa44f57aefd2b778a  C:\Windows\SysWOW64\dwmapi.dll
MD5: fdb73e2ffdee1f28d1af3b80e3f0fe99  C:\Windows\SysWOW64\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e  C:\Windows\SysWOW64\dxgi.dll
MD5: 65eed8b27b02573948434b583dacfb39  C:\Windows\SysWOW64\evr.dll
MD5: 6cb3e6b65b7a57797de86c98a307adf1  C:\Windows\SysWOW64\ExplorerFrame.dll
MD5: f0d0e883ebbdc7615dc9edea0ffb2817  C:\Windows\SysWOW64\FWPUCLNT.DLL
MD5: 59e1493ea47eb958a4125da4e9a71c34  C:\Windows\SysWOW64\gdi32.dll
MD5: fbe4e7975289230f84d9da2222448ac3  C:\Windows\SysWOW64\gpapi.dll
MD5: c38ebae98b5d2b4a5f9370fb4ee6fb4b  C:\Windows\SysWOW64\ieframe.dll
MD5: 570e0391bfc0ccfb6e1f63c35df0f47e  C:\Windows\SysWOW64\iertutil.dll
MD5: e7b9d5ff20ffdd4aae2ef1d1b8c27a37  C:\Windows\SysWOW64\imagehlp.dll
MD5: a6f09e5669d9a19035f6d942caa15882  C:\Windows\SysWOW64\imm32.dll
MD5: a90dc9abd65db1a8902f361103029952  C:\Windows\SysWOW64\IPHLPAPI.DLL
MD5: 9ffaa819b32476804ed0fed6dd245094  C:\Windows\SysWOW64\kernel32.dll
MD5: fef5b7e2cc88215e7d4789c13c1b5729  C:\Windows\SysWOW64\KernelBase.dll
MD5: a4c85f362ebb7815676f1cd9cfc5ba59  C:\Windows\SysWOW64\ksuser.dll
MD5: d5fee6bbf541655933c6c929505cece7  C:\Windows\SysWOW64\lpk.dll
MD5: 16d11d2ca3f2078f553e0c3a70a4f050  C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: e288bcb3e135dac497b49847ccdced00  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
MD5: 9211efe0c4141d1571d6c73c4d388e19  C:\Windows\SysWOW64\MBAPO232.dll
MD5: b049a75bd074fc465d2bce2bf5b15d75  C:\Windows\SysWOW64\mf.dll
MD5: 5342dcca8ea8ed193acaad14a5046982  C:\Windows\SysWOW64\mfplat.dll
MD5: 243974ec02f7ae49e4179c54624143ab  C:\Windows\SysWOW64\MMDevAPI.dll
MD5: 938f39b50bafe13d6f58c7790682c010  C:\Windows\SysWOW64\msasn1.dll
MD5: 7f8678c59f188528d60104e697c2361e  C:\Windows\SysWOW64\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d  C:\Windows\SysWOW64\mscoree.dll
MD5: 84b460bb65567ed42dd605fa044db370  C:\Windows\SysWOW64\msctf.dll
MD5: 3cc0ef43c256d0a28c908f36ad06963d  C:\Windows\SysWOW64\msmpeg2adec.dll
MD5: 7c135c38ec6586f7562cfbc184a514e2  C:\Windows\SysWOW64\msmpeg2vdec.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e  C:\Windows\SysWOW64\msvcrt.dll
MD5: a88241c2a519afd2c99a40000f9113e6  C:\Windows\SysWOW64\mswsock.dll
MD5: 29f32a8694d634649b8e84b5ec8f08b2  C:\Windows\SysWOW64\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f  C:\Windows\SysWOW64\netapi32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f  C:\Windows\SysWOW64\netutils.dll
MD5: fe48346938c1cdddf4e4097db9b99764  C:\Windows\SysWOW64\nlaapi.dll
MD5: 87ba3e79c594abcfb576ce20e557e301  C:\Windows\SysWOW64\ntdll.dll
MD5: e65c32e8cc509811400d5a647ab92cc1  C:\Windows\SysWOW64\nvd3dum.dll
MD5: 1ddf9d48a6aeb521306b02bdf48cf60a  C:\Windows\SysWOW64\nvwgf2um.dll
MD5: e518b37f8c82a4320732352e4da9bf41  C:\Windows\SysWOW64\ole32.dll
MD5: 61b2a783334b96d790fed4b9554e23cd  C:\Windows\SysWOW64\oleaut32.dll
MD5: 487f44b08efeaf5ad087878357b9403d  C:\Windows\SysWOW64\pdh.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a  C:\Windows\SysWOW64\propsys.dll
MD5: 0c906dfcc35d764ff80989ecc541dcc8  C:\Windows\SysWOW64\rpcrt4.dll
MD5: 5997d769cdb108390dcfaebf442bf816  C:\Windows\SysWOW64\RpcRtRemote.dll
MD5: 68ecca523ed760aafc03c5d587569859  C:\Windows\SysWOW64\samcli.dll
MD5: 795f356f6027fca3fd4ad5f3ccd904b7  C:\Windows\SysWOW64\samlib.dll
MD5: 65a5e27c2217d606e212b6088ccd6104  C:\Windows\SysWOW64\sechost.dll
MD5: 3d46e4bf61a20565347bbfbd7759f189  C:\Windows\SysWOW64\secur32.dll
MD5: 10fb16b50affda6d44588f3c445dc273  C:\Windows\SysWOW64\setupapi.dll
MD5: 7c66431e6293c4880f4dcbf55a8f68c2  C:\Windows\SysWOW64\shell32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71  C:\Windows\SysWOW64\shlwapi.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87  C:\Windows\SysWOW64\srvcli.dll
MD5: de71c18b03fbfff648f5dbb0c5477f0f  C:\Windows\SysWOW64\sspicli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6  C:\Windows\SysWOW64\sxs.dll
MD5: a8f96a50d37297f7c050ddee79aba0b2  C:\Windows\SysWOW64\urlmon.dll
MD5: 0fbc0e335b65ee5a0175631237817510  C:\Windows\SysWOW64\user32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b  C:\Windows\SysWOW64\userenv.dll
MD5: 3553707b119ad5aaf1f31bff5517a093  C:\Windows\SysWOW64\usp10.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a  C:\Windows\SysWOW64\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21  C:\Windows\SysWOW64\wbemcomn.dll
MD5: cb52def1b1e1b9950f29548f2f19115a  C:\Windows\SysWOW64\webio.dll
MD5: 525b93b761dccb2d33a58ed603178228  C:\Windows\SysWOW64\WindowsCodecs.dll
MD5: 62a6eb5771580cae445804389f3f7432  C:\Windows\SysWOW64\WindowsCodecsExt.dll
MD5: ead314f2142162ae4de91355580f6607  C:\Windows\SysWOW64\winhttp.dll
MD5: 42b01c859a89eea6237dbd9a290df857  C:\Windows\SysWOW64\wininet.dll
MD5: d5aefad57c08349a4393d987df7c715d  C:\Windows\SysWOW64\winmm.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8  C:\Windows\SysWOW64\winspool.drv
MD5: fd67683fba9b2c4bb551780bd8846f64  C:\Windows\SysWOW64\winsta.dll
MD5: caa96de8a89f16b555f4689253c5173d  C:\Windows\SysWOW64\wintrust.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202  C:\Windows\SysWOW64\wkscli.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152  C:\Windows\SysWOW64\Wldap32.dll
MD5: 43c9cf6825cea58f1815b7c3dbbb385c  C:\Windows\SysWOW64\Wpc.dll
MD5: 59ea5753ebdae42cf92fd5b6e7ae4d53  C:\Windows\SysWOW64\ws2_32.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968  C:\Windows\SysWOW64\wtsapi32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111  C:\Windows\SysWOW64\xmllite.dll
MD5: c419df63e0121d72411285780c2fc6cc  C:\Windows\Updreg.EXE
MD5: 2a617261b0de3b9ac1ee5f83cf1fd830  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
MD5: 58788565442368b0615ddaf1d452b843  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MD5: 885e18b2d0a445fb637850282530eb72  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
MD5: 44acf66ef55f76692da54fbd9537e73d  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23508_none_5c028c09a01213b0\GdiPlus.dll


No file uploaded.

Scan finished - communication took 1 sec
Total traffic - 0.01 MB sent, 0.87 KB recvd
Scanned 349 files and modules - 21 seconds

==============================================================================
 


  • 0

#25
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

So, little bit of an update. I decided to play some games and I noticed something peculiar: my mouse and keyboard started freezing up and acted like a button was being held down. No idea if that is just my computer acting weird or what, but it has NEVER done that before.


  • 0

Advertisements


#26
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

No infection found.

 

I think your machine is clean of malware.

 

The problems you are reporting appear to be technical in nature.

 

I am not an expert in that area. If you wish you can open a new topic in the Windows 7 forum and see if anyone has a solution.

 

We have a couple of last steps to perform and then you're all set.

To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

  • Remove disinfection tools
  • Purge System Restore
  • Reset System Settings

    Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.

       
  • Click Start > Control Panel > Add or Remove Programs
       
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

Hola users warning.

If you use the Hola VPN (Virtual Private Network) you should be aware that you might be compromised. See here.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!

 


  • 0

#27
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

# DelFix v1.013 - Logfile created 17/11/2016 at 01:43:14
# Updated 17/04/2016 by Xplode
# Username : ExoSuitOne - EXOSUITONE-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\ExoSuitOne\Desktop\Addition.txt
Deleted : C:\Users\ExoSuitOne\Desktop\AdwCleaner.exe
Deleted : C:\Users\ExoSuitOne\Desktop\Fixlog.txt
Deleted : C:\Users\ExoSuitOne\Desktop\FRST.txt
Deleted : C:\Users\ExoSuitOne\Desktop\FRST64.exe
Deleted : C:\Users\ExoSuitOne\Desktop\FSS.exe
Deleted : C:\Users\ExoSuitOne\Desktop\FSS.txt
Deleted : C:\Users\ExoSuitOne\Desktop\JRT.exe
Deleted : C:\Users\ExoSuitOne\Desktop\JRT.txt

~ Cleaning system restore ...

Deleted : RP #106 [JRT Pre-Junkware Removal | 11/14/2016 23:22:06]
Deleted : RP #107 [Windows Update | 11/16/2016 06:18:07]
Deleted : RP #108 [Windows Update | 11/16/2016 19:15:47]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########


  • 0

#28
Solice93

Solice93

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I just wanted to say, thank you for all of your help! I really appreciate the time you've given me.


  • 0

#29
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

You are very welcome. :happy:


  • 0

#30
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: virus, malware, spyware, random uninstalls, programs wont work

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP