DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.19104 BrowserJavaVersion: 11.40.2 Run by Administrator at 10:27:10 on 2017-05-21 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8154.6239 [GMT 2:00] . AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B} SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k Auhardwaregl C:\Windows\System32\svchost.exe -k utcsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Windows\system32\locator.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 TCP: Interfaces\{AB0801C9-0579-42DD-935D-4B2453D6B2CA} : DHCPNameServer = 212.200.191.166 212.200.190.166 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-SSODL: WebCheck - x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-SEH: - {F797446C-D3F2-11E6-AB72-64006A5CFC35} - x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level . ============= SERVICES / DRIVERS =============== . R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2017-5-17 77440] R1 netboostmaster;netboostmaster;C:\Windows\System32\drivers\netboostmaster.sys [2017-5-18 2894184] R1 netcontroller;netcontroller;C:\Windows\System32\drivers\netcontroller.sys [2016-1-21 59848] R2 AODDriver4.3;AODDriver4.3;C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616] R2 Auhardwaregl;Auhardwaregl;C:\Windows\System32\svchost.exe -k Auhardwaregl [2009-7-14 27136] R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2017-3-13 152672] R2 BstkDrv;BlueStacks Plus Hypervisor;C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2017-3-13 270904] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-26 105096] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-26 125064] R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136] R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2014-3-22 22768] R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MBAMChameleon.sys [2017-5-17 187320] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-5-17 4470736] R2 Uefochubsrv;Uefochubsrv;C:\Windows\System32\drivers\Uefochubsrv.sys [2017-5-17 196640] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-2-24 96256] R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2016-4-14 30264] R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\Windows\System32\drivers\dtliteusbbus.sys [2016-4-14 47672] R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2017-5-17 113592] R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2017-5-17 43968] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2017-5-17 251832] R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2017-5-17 84256] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-26 726160] S3 AVFSFilter;AVFSFilter;C:\Windows\System32\drivers\avfsfilter.sys [2012-9-7 13720] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 ggflt;SOMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2017-4-16 16088] S3 ggsomc;SOMC USB Flash Driver;C:\Windows\System32\drivers\ggsomc.sys [2017-4-16 30424] S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2017-5-19 55232] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-11-1 20992] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 tap0901_openvpn_accl;TAP-Win32 Adapter V9 for OpenVPN Accelerator;C:\Windows\System32\drivers\tap0901_openvpn_accl.sys [2016-11-10 37912] S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2015-2-26 122368] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816] S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\System32\drivers\gtkdrv.sys [2015-11-23 17568] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-11-2 1255736] S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2016-3-21 251392] S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-8-4 344064] S4 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-1-4 1465352] S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2017-3-13 428056] S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2017-3-13 406040] S4 BstHdPlusAndroidSvc;BlueStacks Plus Android Service;C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [2017-3-13 452632] S4 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe --> C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [?] S4 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-5-30 1467072] S4 EasyAntiCheat;EasyAntiCheat;C:\Windows\System32\EasyAntiCheat.exe --> C:\Windows\System32\EasyAntiCheat.exe [?] S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2017-3-2 3416584] S4 HnGSteamService;Heroes & Generals Steam Service;C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe --> C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [?] S4 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2017-2-27 419248] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 Origin Client Service;Origin Client Service;"C:\Program Files (x86)\Origin\OriginClientService.exe" --> C:\Program Files (x86)\Origin\OriginClientService.exe [?] S4 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe --> C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [?] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-9-20 324224] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] S4 XperiaCompanionService;Xperia Companion Service;C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2017-3-21 2205568] . =============== Created Last 30 ================ . 2017-05-21 08:16:13 12994104 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE3D0461-C7F4-4179-A325-43E1F0DDB2A3}\mpengine.dll 2017-05-20 22:21:53 12994104 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E74F6BF-E840-4470-BA4F-9756341343EE}\mpengine.dll 2017-05-20 21:49:44 49968 ----a-w- C:\Windows\System32\partizan.exe 2017-05-20 21:49:44 14984 ----a-w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys 2017-05-20 21:49:41 -------- d-----w- C:\Program Files (x86)\UnHackMe 2017-05-20 21:30:07 12994104 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A801D43D-EE03-493D-AADF-96DDAB516D72}\mpengine.dll 2017-05-20 20:56:55 -------- d-----w- C:\Registry Finder 2017-05-20 20:43:41 -------- d-----w- C:\pstools 2017-05-20 17:22:16 -------- d-----w- C:\Windows\System32\MpEngineStore 2017-05-19 20:36:50 -------- d-----w- C:\Users\Administrator\AppData\Local\ESET 2017-05-19 20:07:19 -------- d-----w- C:\Program Files\Attribute Changer 2017-05-19 19:50:51 -------- d-----w- C:\Users\Administrator\AppData\Local\GHISLER 2017-05-19 19:50:29 -------- d-----w- C:\Program Files\totalcmd 2017-05-19 19:31:51 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-05-19 19:10:52 -------- d-----w- C:\AdwCleaner 2017-05-19 18:19:39 55232 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys 2017-05-19 18:19:11 -------- d-----w- C:\Program Files\HitmanPro 2017-05-19 18:17:11 -------- d-----w- C:\ProgramData\HitmanPro 2017-05-19 17:57:18 -------- d-----w- C:\Users\Administrator\AppData\Local\temp 2017-05-19 17:32:34 -------- d-----w- C:\ComboFix 2017-05-19 17:03:24 98816 ----a-w- C:\Windows\sed.exe 2017-05-19 17:03:24 256000 ----a-w- C:\Windows\PEV.exe 2017-05-19 17:03:24 208896 ----a-w- C:\Windows\MBR.exe 2017-05-19 03:48:04 -------- d-----w- C:\found.000 2017-05-18 16:47:34 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2017-05-18 16:47:34 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2017-05-18 15:50:10 -------- d-----w- C:\Users\Administrator\AppData\Local\Disc_Soft_Ltd 2017-05-18 15:43:01 -------- d-----w- C:\Program Files\CCleaner 2017-05-18 03:20:26 -------- d-----w- C:\ProgramData\XLiPlatform 2017-05-18 03:18:48 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2017-05-18 03:18:48 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2017-05-18 03:18:47 1648128 ----a-w- C:\Windows\System32\DWrite.dll 2017-05-18 03:18:47 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll 2017-05-18 03:18:47 1180160 ----a-w- C:\Windows\System32\FntCache.dll 2017-05-18 03:17:16 2785072 ----a-w- C:\Windows\netboostmasterHelp.dll 2017-05-18 03:17:15 2894184 ----a-w- C:\Windows\System32\drivers\netboostmaster.sys 2017-05-18 03:15:56 647680 ----a-w- C:\Windows\System32\d3d10level9.dll 2017-05-18 03:15:56 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2017-05-18 03:15:54 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2017-05-18 03:15:53 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2017-05-18 03:15:48 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2017-05-18 03:15:48 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2017-05-18 03:15:46 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2017-05-18 03:15:46 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2017-05-18 03:09:06 -------- d-----w- C:\ProgramData\Cache 2017-05-17 19:32:38 -------- d-----w- C:\Users\Administrator\AppData\Local\Mega Limited 2017-05-17 19:28:21 -------- d-----w- C:\Users\Administrator\AppData\Local\CEF 2017-05-17 19:28:18 -------- d-----w- C:\Users\Administrator\AppData\Local\Steam 2017-05-17 15:52:56 187320 ----a-w- C:\Windows\System32\drivers\MBAMChameleon.sys 2017-05-17 15:52:40 113592 ----a-w- C:\Windows\System32\drivers\farflt.sys 2017-05-17 15:52:39 84256 ----a-w- C:\Windows\System32\drivers\mwac.sys 2017-05-17 15:52:32 43968 ----a-w- C:\Windows\System32\drivers\mbam.sys 2017-05-17 15:52:17 251832 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2017-05-17 15:51:58 77440 ----a-w- C:\Windows\System32\drivers\mbae64.sys 2017-05-17 15:51:44 -------- d-----w- C:\Program Files\Malwarebytes 2017-05-17 15:50:00 -------- d-----w- C:\Users\Administrator\AppData\Local\Opera Software 2017-05-17 15:43:18 454440 ----a-w- C:\Windows\SysWow64\Auhardwaregl.dll 2017-05-17 15:43:18 196640 ----a-w- C:\Windows\System32\drivers\Uefochubsrv.sys 2017-05-17 15:37:34 -------- d-----w- C:\Program Files\Common Files\JOS26Z5TB4 2017-05-17 15:36:47 -------- d-----w- C:\Users\Administrator\AppData\Local\Programs 2017-05-17 15:15:48 -------- d-----w- C:\Users\Administrator\AppData\Local\LogMeIn 2017-05-17 15:15:47 -------- d-----w- C:\Users\Administrator\AppData\Local\LogMeIn Hamachi 2017-04-29 18:47:21 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft Games 2017-04-28 06:38:15 -------- d-s---w- C:\Windows\SysWow64\{A24B87CE-67C9-49D1-B0A5-F06A1C73BC58} 2017-04-27 19:04:30 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi 2017-04-27 17:15:00 -------- d-s---w- C:\Windows\SysWow64\{D28A6CAB-8746-4CDE-9D38-C5395B6DEFCD} 2017-04-26 11:08:40 -------- d-s---w- C:\Windows\SysWow64\{FA70E676-D02E-4F59-967B-2091A253A5FF} . ==================== Find3M ==================== . 2017-05-20 21:49:47 2 --shatr- C:\Windows\winstart.bat 2017-04-19 15:44:41 382504 --s---w- C:\Windows\SysWow64\EasyAntiCheat.exe 2017-04-16 20:48:15 30424 ----a-w- C:\Windows\System32\drivers\ggsomc.sys 2017-04-16 20:48:15 16088 ----a-w- C:\Windows\System32\drivers\ggflt.sys 2017-04-07 22:06:58 532136 ------w- C:\Windows\System32\MpSigStub.exe 2017-03-26 18:33:36 28344 --s---w- C:\Windows\SysWow64\aspnet_counters.dll 2017-03-26 18:33:36 19104 --s---w- C:\Windows\SysWow64\msvcr110_clr0400.dll 2017-03-26 18:33:36 19104 --s---w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2017-03-26 18:33:36 19104 --s---w- C:\Windows\SysWow64\msvcp110_clr0400.dll 2017-03-26 18:29:16 30400 ----a-w- C:\Windows\System32\aspnet_counters.dll 2017-03-26 18:29:16 19112 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll 2017-03-26 18:29:16 19112 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2017-03-26 18:29:16 19112 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll 2017-03-02 11:26:12 34720 ---ha-w- C:\Windows\System32\drivers\hamachi.sys . ============= FINISH: 10:30:34.79 ===============