Good to know.
Any changes since running the earlier tools?
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Good to know.
Any changes since running the earlier tools?
Check Disk Results:
Windows has checked the file system and found no problems
And no, no changes that I'm aware of.
One thing that I am worried about though is a virus being hidden in my windows update, because I have had that happen before. Not fun. I've been basically going around the update until I get a clean bill of cyber health from you. I've also been keeping off the internet on that computer.
Edited by Solice93, 15 November 2016 - 03:06 AM.
And no, no changes that I'm aware of.
Are you saying that the machine is still closing down by itself for no reason that you can see or, has that stopped?
a virus being hidden in my windows update
Can you expand on that. Was the computer attempting to update but being redirected somewhere it shouldn't or, was it some glitch or other with the updates.
Tell me when you return.
Meanwhile please do this:
Please download Farbar Service Scanner and run.
When you return please post
Oh, no. The computer seems to be running fine. It acts slow on startup, but that has always been a thing. Once it loads its services and starts all of the normal processes, it's good to go.
As for the updates, I've heard of viruses embedding themselves in updates, and somehow getting elevated privileges once the computer restarts. I've had this happen to me before when I was updating my computer, it shuts off, comes back on, and boom, virus.
Farbar Service Scanner Version: 27-01-2016
Ran by ExoSuitOne (administrator) on 15-11-2016 at 14:24:36
Running from "C:\Users\ExoSuitOne\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
It acts slow on startup, but that has always been a thing.
I have been keeping my desktop quarantined from the internet as much as possible. I've been posting via my laptop. I've been transferring all of the necessary logs and programs back and forth on a flash drive. As soon as I get home, I will hook up my network connection and run that scan again. I'm at the local library right now, studying. I will be back home near 10:00 PM. I post sometime around 10:10 PM. I'll will also give you the log report for bit defender at that time as well as soon as it gets done.
Edited by Solice93, 15 November 2016 - 04:22 PM.
Farbar Service Scanner Version: 27-01-2016
Ran by ExoSuitOne (administrator) on 15-11-2016 at 22:08:50
Running from "C:\Users\ExoSuitOne\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Will report back with online scanner data when I have it.
QuickScan 32-bit v0.9.9.152
---------------------------
Scan date: Tue Nov 15 22:14:15 2016
Machine ID: C7BEDE0
No infection found.
-------------------
Processes
---------
(unsigned) Sound Blaster Cinema 2 3116 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(unsigned) usbmonitor 2288 C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(verified) f.lux 3056 C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
(verified) Firefox 3160 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified) Firefox 4012 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(verified) Live Update 6 Application 3168 C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(verified) NVIDIA Backend 1960 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(verified) Super Charger 3108 C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
Network activity
----------------
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 157.240.3.24
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.218.174
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.218.194
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 80 (HTTP) --> 216.58.218.174
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 216.58.194.66
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 74.125.21.99
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 52.36.147.158
Process firefox.exe (3160) connected on port 443 (HTTP over SSL) --> 52.36.147.158
Autoruns and critical files
---------------------------
(verified) Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(unsigned) Creative Updreg C:\Windows\Updreg.EXE
(verified) f.lux C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
(verified) Killer Network Manager C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(verified) Live Update 6 Application C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(verified) Microsoft® Windows® Operating System C:\Windows\System32\Bubbles.scr
(verified) Microsoft® Windows® Operating System C:\Windows\System32\userinit.exe
(verified) MSI Start Command Center C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
(verified) NVIDIA GeForce 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
(unsigned) Sound Blaster Cinema 2 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(verified) Steam Client Bootstrapper C:\Program Files (x86)\Steam\Steam.exe
(verified) Super Charger C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
Browser plugins
---------------
(verified) Adobe Content Decryption Module for Fir C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-eme-adobe\17\eme-adobe.dll
(verified) Bitdefender QuickScan C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified) gmpopenh264.dll C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
(verified) Google Update C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
(verified) Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
(verified) NPSWF32_23_0_0_205.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
(unsigned) NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
(unsigned) NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
(unsigned) Shockwave for Director C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
(verified) Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
(verified) Unity Player C:\Users\ExoSuitOne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
(verified) Widevine Content Decryption Module C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\NapiNSP.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
Scan
----
MD5: 5b4bbac9467b8db6bc4a404cf1867fe0 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: 90e22d7cde08e07446d238a569bcab7c C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: 37be5099f87d7ee0ffeb2c782d8ca182 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTAudEp.dll
MD5: 8429c1d07c35bf5eb67c0a73e58ef188 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTLoadRs.dll
MD5: a83f227728b12dffc109f0fbf7d90458 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\en-US\SBCinema2.resources.dll
MD5: c9612abf50b3fc7c9d9d041b648d0d74 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\HKDetect.dll
MD5: c763dcf9a417eb3b69ed783670060f9e C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\Interop.CTSndCr.dll
MD5: 67e0acc605b64401554cfcd0512e0f12 C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
MD5: 13198a7037aa4d68adbe91ef7ee8ee4e C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
MD5: 3ee8ae0ecfe5d79de1737a855ad1e84c C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
MD5: e1b44a75947137f4143308d566889837 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
MD5: f045df7af127dc4bcc53421850114e15 c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
MD5: ec4f2cb68dcf7e96516eb284003be8bb C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll
MD5: b9287eb7bcbfdcec2e8d4198fd266509 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll
MD5: dbb81fcc74c59490008ee59bffff5a6d C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll
MD5: f61b9ecb79cd20fc2e8fce87286cfe43 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-processthreads-l1-1-1.dll
MD5: e4110aa5c8a32b63de2c85e0bc297c54 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-synch-l1-2-0.dll
MD5: 00b548bf3eab7a6debce296ee5e877de C:\Program Files (x86)\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll
MD5: 94e386a317faa200aa1dc270ce54e5fd C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll
MD5: e8ccecac4f06679b9d5e77333d216ee0 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll
MD5: 42153324a982f848d7a49bb7406125c2 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll
MD5: aad41d33906cfdb31681ce8276648481 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll
MD5: bc75b80a80802146e79c383c94542f06 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-locale-l1-1-0.dll
MD5: 1028042a84aefe816280f22a4517dc68 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll
MD5: b7e1023ebbf0e5018c58b5488c03a643 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll
MD5: 2f10f2255271b09d58af75f58476899c C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-runtime-l1-1-0.dll
MD5: 65fe48962755451a1a5bab26e6fd978d C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll
MD5: a3eccd7f2f2c45d1553055593278645a C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll
MD5: c8f1a3b19e5103751202010805bce5c9 C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-time-l1-1-0.dll
MD5: e0aeba2d9d9ae584d6c1aa0f5929526b C:\Program Files (x86)\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll
MD5: 11053f6c879d92bcab8929f93ed726d5 C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
MD5: bd30ea1b259469d88bd20d141104f951 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
MD5: 7ede6d6996a716d0a365791969088268 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
MD5: 29828efe671a5ab8ab875afbfc127499 C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
MD5: b8e61d5fefc9b73e5267ac3300a67841 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
MD5: a84a8a708751e2cb1f2bb117e9b7f390 C:\Program Files (x86)\Mozilla Firefox\msvcp140.dll
MD5: c30076b6f6153b01fde54f9979f17e01 C:\Program Files (x86)\Mozilla Firefox\nss3.dll
MD5: 7cbb9d910df09c59a3dd8662cbca5859 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
MD5: f159907942c205692901fcd1482060d7 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
MD5: 437079ab6d5dce15b46c08f2c11e788d C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
MD5: d29570ddab71246db77539d91c2aa823 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
MD5: 015b30309491a911e75748ad69c9e680 C:\Program Files (x86)\Mozilla Firefox\ucrtbase.dll
MD5: b7ebc19a5b23d0d32ff014e30be26061 C:\Program Files (x86)\Mozilla Firefox\vcruntime140.dll
MD5: 8e39fdd26021ed50160264e04a079b71 C:\Program Files (x86)\Mozilla Firefox\xul.dll
MD5: cbcc3a1e47a664cccbc7a25081c4d88b C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
MD5: adce79260743c057ca89ac697aecbd67 C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
MD5: b83d1640ed91839bc001e35982f2ddc1 C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
MD5: 6eefc263a879f2743ad6ae88942ef2e9 C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
MD5: 6cce5bb9c8c2a8293df2d3b1897941a2 C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys
MD5: 37d896d2395ad8fe1180ddb221fa914a C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
MD5: 54e39fa9d2d250e5239f4aff8bd8ec6d C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
MD5: ba21611e07ffc6df2c7b02b68aa130e9 C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
MD5: 328be44ba194579206f8524701f7d661 C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
MD5: c859a41f3156daf993e09b42e029f8f9 C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
MD5: ec6f42987a38739fdc3c5ade9bd7f939 C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
MD5: c6f53f83784b9977465ac876ef251549 C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
MD5: f5ca50780a0970443620da9b000617bc C:\Program Files (x86)\MSI\Live Update\Live Update.exe
MD5: 28dd3f7da8140346338aa890e6f58e5c C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
MD5: 263015394a2cad3f49ddc12985e05c8e C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
MD5: 23cf3da010497eb2bf39a5c5a57e437c C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys
MD5: 978c7f319dd5c79fafbd7d3b59743521 C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
MD5: 82aa999e46996b2ff57a57d77210d28d C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
MD5: 7dd6dde45bc3910b772844ace461dc14 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
MD5: 50e534163753c04a7ab1c01a682e38b0 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MD5: cda91a6e5cdec1e6f3a2e8abc43346ca C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
MD5: fa9bc0048ed46c5fb5c93eaffc97f63d C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
MD5: 133cdc1a82f08b22d619b8ac8ee46d09 C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MD5: c8ac55ccb8ab33713522b4caafac0f59 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
MD5: d2ce6ea0e9f641d7153462d40c6b4193 C:\Program Files (x86)\Steam\Steam.exe
MD5: d7253a1a7a49fa40ef0ba1955aafb346 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
MD5: d5c7c3ab9169fec697738c24fc1e359b C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
MD5: 2b3fa3cb022478de79721ca25612c5ef C:\Program Files\Killer Networking\Network Manager\KillerService.exe
MD5: 021b2f75673188e8b46f03f3002d1aa0 C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
MD5: def76b479c3525952d0bd71e881e07b0 C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
MD5: af5be3694a76365874b8967331049f2c C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
MD5: 77be9e1afce995652a1c4ff4c8a0f839 C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
MD5: 968eda6ea6e00dfae78586bfa6322b74 C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
MD5: 7cbb1d4d13dc62d7f529d87151fd3cd3 C:\Program Files\Windows Defender\MpSvc.dll
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 786b4a03d9fcf26775392fd68e2db69b C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
MD5: 44a9229022a519ed45294a1934c05eec C:\Users\ExoSuitOne\AppData\Local\FluxSoftware\Flux\flux.exe
MD5: 24bf8ea123405c830f92cc084eeec13c C:\Users\ExoSuitOne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
MD5: b8ff5528c19e81b85a800bfcf41f16d4 C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: b1c853e7285e224a69695be88ed31a2c C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-eme-adobe\17\eme-adobe.dll
MD5: ac8327b0d820f6177ceefff995a76080 C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-gmpopenh264\1.6\gmpopenh264.dll
MD5: 6f4c70c96fedc4e0a79c49d75fb31819 C:\Users\ExoSuitOne\AppData\Roaming\Mozilla\Firefox\Profiles\5yxperd9.default\gmp-widevinecdm\1.4.8.903\widevinecdm.dll
MD5: b7a50025e0d3521e6aa4d2f047c95f61 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MD5: 9926f680501d0e9b8d8e291a6d9788d1 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5582ea5a2f2d3c2e0ad6f50cf49efec8\PresentationCore.ni.dll
MD5: 055d2999921013a2922019eb290596bd C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94ae4e1eb683acb3eba1e8b4290c7d0e\PresentationFramework.ni.dll
MD5: 9c5834969ad24681b5e83fe8db6a6ee3 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d715f0706e56d7a65af0fe35bf565013\PresentationFramework.Aero.ni.dll
MD5: bb60c72bf5c9c1f7e5ca0d5712de8e23 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c8b82d8b2e7e18c7caf27b8017c6c615\System.Configuration.ni.dll
MD5: d75434be7d95541861caeba1bbc601e0 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6f4f738362752c5d3a2c9234d604784d\System.Drawing.ni.dll
MD5: 4f5a4742488ffd41e18f1eb5e70c3c9d C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c0f9cb97c68eb938bd0b36f7ee90e60f\System.Windows.Forms.ni.dll
MD5: 747a623bc69ac725b9a165f369194d2d C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ef4a32979d02a76972d22c8161778f10\System.Xml.ni.dll
MD5: 15e4e34f0e5b6ec149e78b48852182bb C:\Windows\assembly\NativeImages_v2.0.50727_32\System\67c97ffbe01458a63ecb518c7444c1f1\System.ni.dll
MD5: c3203bd9f00e27cd3ebed85d5a09345b C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b307bd80b0707bfa6ea87eb69a8e15eb\WindowsBase.ni.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehrecvr.exe
MD5: 9da3b83f80e205b6c601eee1312fd0a0 C:\Windows\explorer.exe
MD5: b4d73f04e9bc076f7cdac4327df636bb C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
MD5: c98a5b9d932430ad8eebd3ef73756ef7 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 660d597b7a78256734d7f3230b21b355 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
MD5: 1400c75ff021d6cface46ac41b60770e C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
MD5: 15cba881e10968e33b43d31be6097ba3 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
MD5: 09a116fb06c5e362ef8938d29cdab27b C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: f13ec8a783e0cb0d6dc26a3ca848b7b8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
MD5: ff98ef5a50ea52fa115fe60b0f0a92b1 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 8280f12a51369ac436f2f9c210290067 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MD5: bd460a85e005b5d22328f02944f476bc C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: ab4cd527befcc43ee441e6c50cce54c8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 153efcbd8d00dfa150d8b1a31c893c4b C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
MD5: 27158f033276cb58f6831079a5266fce C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 12f5b0af2a8f8ffab5c0c34aaf788f29 C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
MD5: 5a6a3544b9fd71a8267b05baee6c26c0 C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
MD5: f0cc89efa051e2937443fc400249084e C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: c0511fcb70e5022e23b505beba0461e7 C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 23a1bfbf7fa153592195ddbc94d152f6 C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
MD5: 5ab38268acddfe14f140cd61e411086f C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
MD5: a161cb356d29093fe3f17283cbd97f89 C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
MD5: 088bfc5bf2b7ace0349802e56ca78aa8 C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 2363eee139f1af13f6b82778fab1c812 C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
MD5: 208213035c9193f7fd7d1455958a5003 C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 8dedf6a335aa4c4ea2fba2a89b73fcb9 C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
MD5: fef9a58f005448a49e084659827737aa C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 94aa2fede03f6b69b4ac1ca997a30671 C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
MD5: 2bebdec60da525e600d85d6ddd2cef7d C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
MD5: a5e93d168b1b24e95c10664412f6bfcc C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 6e0504efaf4859f5079f517e2a7ec2ae C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: dfe63a6fd4dc661111362036253e51d8 C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: cabdf7c99c248e4c3f7c8913b71185de C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
MD5: c1e5353a6857686cc82be28979459a82 C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: aa193db23ff6924301572b6eb5215c0f C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
MD5: aef7c3b38022f9df390b82574192a1a4 C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
MD5: a220429ac3752f10be0a452404403a36 C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: d911e44dc158741e6c7db790c79792aa C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 41e5461c148ac8655a12acff20997675 C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
MD5: 2a0df7e2ba1aee8de018903d6b3c371c C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
MD5: 972e19a35bc9e20a6dfffc9509cd705e C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
MD5: beca6760255cd050ff3754119d1af580 C:\Windows\System32\apisetschema.dll
MD5: 775c41c2f2ef3dd150a7444b95e631d0 C:\Windows\System32\Bubbles.scr
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\System32\cmd.exe
MD5: bec72ba50e703184ba0cf2dd06b707c8 C:\Windows\System32\cryptsvc.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\System32\dhcpcore.dll
MD5: 3da48ea028ad771c5b71727f0c3984e9 C:\Windows\System32\explorer.exe
MD5: 2b857fd18ba4b5be6409bd6ce79eb4bd C:\Windows\System32\msiexec.exe
MD5: a88241c2a519afd2c99a40000f9113e6 C:\Windows\System32\mswsock.dll
MD5: fe48346938c1cdddf4e4097db9b99764 C:\Windows\System32\nlaapi.dll
MD5: 87ba3e79c594abcfb576ce20e557e301 C:\Windows\System32\ntdll.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\System32\pla.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\System32\provsvc.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\System32\SearchIndexer.exe
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\System32\SessEnv.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\Windows\System32\userinit.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: dde994e9159497d0d5ab2cdf66d1ead6 C:\Windows\System32\wdi.dll
MD5: 55c70654420dbf429604fd567e6f3cd3 C:\Windows\System32\WebClnt.dll
MD5: ead314f2142162ae4de91355580f6607 C:\Windows\System32\winhttp.dll
MD5: 1de9bd23afa36150586c732d876d9b74 C:\Windows\System32\WsmSvc.dll
MD5: 8ce35d76726dfc8c3848bb26b3c79a54 C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
MD5: 901b8e4c2ba406edca8b3a8dada4ad6e C:\Windows\SysWOW64\advapi32.dll
MD5: 6a13b4f3b3f575f1e24b877b9359aaba C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
MD5: 49aca548b2423f1c67898e6ac719a9a6 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
MD5: 2e33dfd10f28f86c3fc40ee123cc3904 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
MD5: 1c60e09ca1c3a045bc4d367f67c915b7 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
MD5: 60f4aefa103d421ea4a40e31409b4756 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
MD5: 6951562dc4625eefc6eacd52ad165866 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MD5: 007863e45f25aa47a4c30d0930bbfd85 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MD5: 589cbc4989f750e1da35625ab481cf43 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
MD5: 3be0d923aa45a4dbe091c2d84f0b4fe7 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
MD5: e4bf71f72e211b12afc77cacee12628a C:\Windows\SysWOW64\APOMngr.DLL
MD5: d5afc3a476925ce740b7079d9bd2d269 C:\Windows\SysWOW64\apphelp.dll
MD5: 53cbe17893292f129b3260a2c3514889 C:\Windows\SysWOW64\asycfilt.dll
MD5: 50b8937a81360d16a5c772302bd32cfe C:\Windows\SysWOW64\AudioSes.dll
MD5: 6b98026761228f913e9fa3f974920a20 C:\Windows\SysWOW64\bcryptprimitives.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\SysWOW64\cfgmgr32.dll
MD5: fab1f423fac9f69024baa3f9cd3b7916 C:\Windows\SysWOW64\ChezSC32.DLL
MD5: bdbb29f1c23665a4721f79d9bff60fa6 C:\Windows\SysWOW64\CmdRtr.DLL
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\SysWOW64\comdlg32.dll
MD5: 60accb7e0462a6269c8e07ada5a651fb C:\Windows\SysWOW64\credssp.dll
MD5: 60066cc1f3c451da041189c5db296ef3 C:\Windows\SysWOW64\crypt32.dll
MD5: d3018c01809d5d7dbdcef5f722b09e91 C:\Windows\SysWOW64\cryptbase.dll
MD5: 3608a16863d63d6267e44530712fc245 C:\Windows\SysWOW64\cryptnet.dll
MD5: b54fd1991e659fd61ef1d34ec27aaecd C:\Windows\SysWOW64\cryptsp.dll
MD5: 14800bd31701a5047ac3145bb1e698ae C:\Windows\SysWOW64\d2d1.dll
MD5: 6de66fe7c526637e74cd066461c7c871 C:\Windows\SysWOW64\d3d11.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\SysWOW64\d3d9.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\SysWOW64\dbghelp.dll
MD5: 449115f5cf9fc43355177a19e8df4636 C:\Windows\SysWOW64\dciman32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\SysWOW64\devobj.dll
MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\Windows\SysWOW64\dhcpcsvc6.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\SysWOW64\dnsapi.dll
MD5: 52213d271f6804aaa44f57aefd2b778a C:\Windows\SysWOW64\dwmapi.dll
MD5: fdb73e2ffdee1f28d1af3b80e3f0fe99 C:\Windows\SysWOW64\DWrite.dll
MD5: d4f264fe23f8953d840904418220c15e C:\Windows\SysWOW64\dxgi.dll
MD5: 65eed8b27b02573948434b583dacfb39 C:\Windows\SysWOW64\evr.dll
MD5: 6cb3e6b65b7a57797de86c98a307adf1 C:\Windows\SysWOW64\ExplorerFrame.dll
MD5: f0d0e883ebbdc7615dc9edea0ffb2817 C:\Windows\SysWOW64\FWPUCLNT.DLL
MD5: 59e1493ea47eb958a4125da4e9a71c34 C:\Windows\SysWOW64\gdi32.dll
MD5: fbe4e7975289230f84d9da2222448ac3 C:\Windows\SysWOW64\gpapi.dll
MD5: c38ebae98b5d2b4a5f9370fb4ee6fb4b C:\Windows\SysWOW64\ieframe.dll
MD5: 570e0391bfc0ccfb6e1f63c35df0f47e C:\Windows\SysWOW64\iertutil.dll
MD5: e7b9d5ff20ffdd4aae2ef1d1b8c27a37 C:\Windows\SysWOW64\imagehlp.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\SysWOW64\imm32.dll
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\SysWOW64\IPHLPAPI.DLL
MD5: 9ffaa819b32476804ed0fed6dd245094 C:\Windows\SysWOW64\kernel32.dll
MD5: fef5b7e2cc88215e7d4789c13c1b5729 C:\Windows\SysWOW64\KernelBase.dll
MD5: a4c85f362ebb7815676f1cd9cfc5ba59 C:\Windows\SysWOW64\ksuser.dll
MD5: d5fee6bbf541655933c6c929505cece7 C:\Windows\SysWOW64\lpk.dll
MD5: 16d11d2ca3f2078f553e0c3a70a4f050 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: e288bcb3e135dac497b49847ccdced00 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
MD5: 9211efe0c4141d1571d6c73c4d388e19 C:\Windows\SysWOW64\MBAPO232.dll
MD5: b049a75bd074fc465d2bce2bf5b15d75 C:\Windows\SysWOW64\mf.dll
MD5: 5342dcca8ea8ed193acaad14a5046982 C:\Windows\SysWOW64\mfplat.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\SysWOW64\MMDevAPI.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\SysWOW64\msasn1.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\SysWOW64\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SysWOW64\mscoree.dll
MD5: 84b460bb65567ed42dd605fa044db370 C:\Windows\SysWOW64\msctf.dll
MD5: 3cc0ef43c256d0a28c908f36ad06963d C:\Windows\SysWOW64\msmpeg2adec.dll
MD5: 7c135c38ec6586f7562cfbc184a514e2 C:\Windows\SysWOW64\msmpeg2vdec.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\SysWOW64\msvcrt.dll
MD5: a88241c2a519afd2c99a40000f9113e6 C:\Windows\SysWOW64\mswsock.dll
MD5: 29f32a8694d634649b8e84b5ec8f08b2 C:\Windows\SysWOW64\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\SysWOW64\netapi32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\SysWOW64\netutils.dll
MD5: fe48346938c1cdddf4e4097db9b99764 C:\Windows\SysWOW64\nlaapi.dll
MD5: 87ba3e79c594abcfb576ce20e557e301 C:\Windows\SysWOW64\ntdll.dll
MD5: e65c32e8cc509811400d5a647ab92cc1 C:\Windows\SysWOW64\nvd3dum.dll
MD5: 1ddf9d48a6aeb521306b02bdf48cf60a C:\Windows\SysWOW64\nvwgf2um.dll
MD5: e518b37f8c82a4320732352e4da9bf41 C:\Windows\SysWOW64\ole32.dll
MD5: 61b2a783334b96d790fed4b9554e23cd C:\Windows\SysWOW64\oleaut32.dll
MD5: 487f44b08efeaf5ad087878357b9403d C:\Windows\SysWOW64\pdh.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\SysWOW64\propsys.dll
MD5: 0c906dfcc35d764ff80989ecc541dcc8 C:\Windows\SysWOW64\rpcrt4.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\SysWOW64\RpcRtRemote.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\SysWOW64\samcli.dll
MD5: 795f356f6027fca3fd4ad5f3ccd904b7 C:\Windows\SysWOW64\samlib.dll
MD5: 65a5e27c2217d606e212b6088ccd6104 C:\Windows\SysWOW64\sechost.dll
MD5: 3d46e4bf61a20565347bbfbd7759f189 C:\Windows\SysWOW64\secur32.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\SysWOW64\setupapi.dll
MD5: 7c66431e6293c4880f4dcbf55a8f68c2 C:\Windows\SysWOW64\shell32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\SysWOW64\shlwapi.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\SysWOW64\srvcli.dll
MD5: de71c18b03fbfff648f5dbb0c5477f0f C:\Windows\SysWOW64\sspicli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\SysWOW64\sxs.dll
MD5: a8f96a50d37297f7c050ddee79aba0b2 C:\Windows\SysWOW64\urlmon.dll
MD5: 0fbc0e335b65ee5a0175631237817510 C:\Windows\SysWOW64\user32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\SysWOW64\userenv.dll
MD5: 3553707b119ad5aaf1f31bff5517a093 C:\Windows\SysWOW64\usp10.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\SysWOW64\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\SysWOW64\wbemcomn.dll
MD5: cb52def1b1e1b9950f29548f2f19115a C:\Windows\SysWOW64\webio.dll
MD5: 525b93b761dccb2d33a58ed603178228 C:\Windows\SysWOW64\WindowsCodecs.dll
MD5: 62a6eb5771580cae445804389f3f7432 C:\Windows\SysWOW64\WindowsCodecsExt.dll
MD5: ead314f2142162ae4de91355580f6607 C:\Windows\SysWOW64\winhttp.dll
MD5: 42b01c859a89eea6237dbd9a290df857 C:\Windows\SysWOW64\wininet.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\SysWOW64\winmm.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\SysWOW64\winspool.drv
MD5: fd67683fba9b2c4bb551780bd8846f64 C:\Windows\SysWOW64\winsta.dll
MD5: caa96de8a89f16b555f4689253c5173d C:\Windows\SysWOW64\wintrust.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\SysWOW64\wkscli.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\SysWOW64\Wldap32.dll
MD5: 43c9cf6825cea58f1815b7c3dbbb385c C:\Windows\SysWOW64\Wpc.dll
MD5: 59ea5753ebdae42cf92fd5b6e7ae4d53 C:\Windows\SysWOW64\ws2_32.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\SysWOW64\wtsapi32.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\SysWOW64\xmllite.dll
MD5: c419df63e0121d72411285780c2fc6cc C:\Windows\Updreg.EXE
MD5: 2a617261b0de3b9ac1ee5f83cf1fd830 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
MD5: 58788565442368b0615ddaf1d452b843 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MD5: 885e18b2d0a445fb637850282530eb72 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
MD5: 44acf66ef55f76692da54fbd9537e73d C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23508_none_5c028c09a01213b0\GdiPlus.dll
No file uploaded.
Scan finished - communication took 1 sec
Total traffic - 0.01 MB sent, 0.87 KB recvd
Scanned 349 files and modules - 21 seconds
==============================================================================
So, little bit of an update. I decided to play some games and I noticed something peculiar: my mouse and keyboard started freezing up and acted like a button was being held down. No idea if that is just my computer acting weird or what, but it has NEVER done that before.
No infection found.
I think your machine is clean of malware.
The problems you are reporting appear to be technical in nature.
I am not an expert in that area. If you wish you can open a new topic in the Windows 7 forum and see if anyone has a solution.
We have a couple of last steps to perform and then you're all set.
To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.
Put a check (tick) in the following boxes:
The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.
Any remaining tools may be deleted.
-------------------------------------------------------------------------------------------------------------------
A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------
Here are some things that I think are worth having a look at if you don't already know about them:
---------------------------------------------------------------------------------------------------------------------
It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.
----------------------------------------------------------------------------------------------------------------------
So many of us use Facebook nowadays. Go here for a guide to Facebook security.
-----------------------------------------------------------------------------------------------------------------------
Java warning
Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.
How to disable Java in your web browser and How to unplug Java from the browser
If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
--------------------------------------------------------------------------------------------------------------------
CryptoLocker Warning
There is a particularly nasty infection out there at the moment.
Go here for information about CryptoLocker Ransomeware
Download CryptoPrevent free for home use.
--------------------------------------------------------------------------------------------------------------------
Hola users warning.
If you use the Hola VPN (Virtual Private Network) you should be aware that you might be compromised. See here.
--------------------------------------------------------------------------------------------------------------------
To help protect your computer in the future:
If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.
* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.
Be aware of what emails you open and websites you visit.
Go here for some good advice about how to prevent infection.
A fun way to check your online safety literacy.
Quiz - getsafeonline
Have a safe and happy computing day!
# DelFix v1.013 - Logfile created 17/11/2016 at 01:43:14
# Updated 17/04/2016 by Xplode
# Username : ExoSuitOne - EXOSUITONE-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\ExoSuitOne\Desktop\Addition.txt
Deleted : C:\Users\ExoSuitOne\Desktop\AdwCleaner.exe
Deleted : C:\Users\ExoSuitOne\Desktop\Fixlog.txt
Deleted : C:\Users\ExoSuitOne\Desktop\FRST.txt
Deleted : C:\Users\ExoSuitOne\Desktop\FRST64.exe
Deleted : C:\Users\ExoSuitOne\Desktop\FSS.exe
Deleted : C:\Users\ExoSuitOne\Desktop\FSS.txt
Deleted : C:\Users\ExoSuitOne\Desktop\JRT.exe
Deleted : C:\Users\ExoSuitOne\Desktop\JRT.txt
~ Cleaning system restore ...
Deleted : RP #106 [JRT Pre-Junkware Removal | 11/14/2016 23:22:06]
Deleted : RP #107 [Windows Update | 11/16/2016 06:18:07]
Deleted : RP #108 [Windows Update | 11/16/2016 19:15:47]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########
I just wanted to say, thank you for all of your help! I really appreciate the time you've given me.
You are very welcome.
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.