Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware or WinX corruption?


  • This topic is locked This topic is locked
18 replies to this topic

#1 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 15 November 2015 - 12:56 PM

Malware or Win X Glitches.

 

 

This first started a few months ago activity and changes to my system that I really could find no definate cause for.  Mostly blamed it on Win X changing things now I am not so shure.

 

 

First thing I noticed was Win X Email app basically took over everything email related.

 

As I understood it the App was supposed to act as a mediator of sorst between email clients.

 

That is what it did for the first 2 weeks and then it just flat took over.

 

 

First I noticed it took over any web site email link, you clicked on it and only the app would open, no list of other email clients View other thread http://www.bleepingcomputer.com/forums/t/596285/win-10-email-app/

 

 

I have run FRST,SFC scannow, minitoolbox, and nod32. Logs are available will post when/if you want them. NOTE: FRST did not create a fixit log. Guess it did not find anything it did not like.  I run WinDefender;MBAM and SAS resident none of them made a peep.

 

However MBAM rootkit scan shows it is disabled in the log but is checked to run in all settings

 

 

Nod32 logs show a number of Crypto RSA files with hash numbers that I really saw no reason for. I really have little on this machine and I have received no ransome email.

 

All of my documents, pictuers are still there and viewable.

 

 

How ever I thnk I may have found what got encrypted. Nods log shows that events can't be opened. Shows repeated errors.  I can open the logs and view with event viewer but there are no current logs not since 11-12-2016.  I  assume this will coenside with the encryption dates.

 

 

While WinX updates have changed some settings the last update I do not suspect, the timeing is all wrong.  Most problems started before the last update installed.

 

 

Thank you for looking.

 

I will wait to post the logs until you ask. I know yall are real busy over there.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


BC AdBot (Login to Remove)

 


#2 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 19 November 2015 - 12:10 PM

I thught about it awhile and decided I better actually post the logs so that when it gets to my turn they actually have something to check. My bad.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 PM

Posted 20 November 2015 - 01:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/596436 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:44 PM

Posted 25 November 2015 - 12:30 PM

Greetings dannyboy950 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I would llike to see a fresh FRST report

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 25 November 2015 - 02:06 PM

Bleeping computer keeps timeing out on me before my post is completed my logs may be to big.

I will try later with one log per post.

 

Thank you for helping.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:44 PM

Posted 25 November 2015 - 02:20 PM

OK, if you need to simply attach the file.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 25 November 2015 - 03:10 PM

This will be the FRST log the other 2 may fit.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-11-2015

 

Ran by dannyboy (administrator) on DANNYWINDOW8 (24-11-2015 23:30:12)

 

Running from C:\Users\dannyboy\Downloads

 

Loaded Profiles: dannyboy (Available Profiles: daniel & dannyboy & linda)

 

Platform: Windows 10 Home (X64) Language: English (United States)

 

Internet Explorer Version 11 (Default browser: IE)

 

Boot Mode: Normal

 

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

 

==================== Processes (Whitelisted) =================

 

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

 

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

 

(AMD) C:\Windows\System32\atiesrxx.exe

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

 

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

 

() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe

 

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

 

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

 

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

 

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

 

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

 

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

 

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

 

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

 

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe

 

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

 

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

 

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

 

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

 

(AMD) C:\Windows\System32\atieclxx.exe

 

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

 

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

 

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe

 

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

 

(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

 

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

 

(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe

 

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

 

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

 

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

 

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe\HxMail.exe

 

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe

 

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

 

 

 

==================== Registry (Whitelisted) ===========================

 

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

 

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-13] (Realtek Semiconductor)

 

HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2015-09-30] (Eastman Kodak Company)

 

HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe

 

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)

 

HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)

 

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\Run: [WiTS] => C:\Program Files\Windows Inspection Tool Set\wits.exe [5307252 2011-10-30] (Ashok P. Nadkarni)

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-20] (SUPERAntiSpyware)

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10518528 2015-10-13] (SecureMix LLC)

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\RunOnce: [Uninstall C:\Users\dannyboy\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\dannyboy\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-10-17]

 

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

 

 

==================== Internet (Whitelisted) ====================

 

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

Tcpip\..\Interfaces\{8e02059e-ec13-441b-afd6-cd70c258610a}: [DhcpNameServer] 209.18.47.61 209.18.47.62

 

Tcpip\..\Interfaces\{f7754e80-95bb-452b-8976-bf973dcfe0e8}: [DhcpNameServer] 192.168.1.254

 

 

Internet Explorer:

 

==================

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1

 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)

 

DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1439256067314

 

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)

 

 

Edge:

 

======

 

Edge HomeButtonPage: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> hxxp://www.bleepingcomputer.com/forums

 

 

FireFox:

 

========

 

FF ProfilePath: C:\Users\dannyboy\AppData\Roaming\Mozilla\Firefox\Profiles\qelm9f0o.default

 

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)

 

 

==================== Services (Whitelisted) ========================

 

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

 

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-09-25] () [File not signed]

 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]

 

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)

 

R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [8902144 2015-10-13] (SecureMix LLC)

 

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)

 

S2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)

 

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)

 

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

 

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

 

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)

 

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-07-13] (Realtek Semiconductor)

 

S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

 

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

 

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)

 

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-04] (Microsoft Corporation)

 

S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-09-04] (Microsoft Corporation)

 

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

 

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

 

 

===================== Drivers (Whitelisted) ==========================

 

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)

 

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)

 

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-07-30] (ESET)

 

S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-07-30] (ESET)

 

R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-07-30] (ESET)

 

R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-07-30] (ESET)

 

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()

 

R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)

 

R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)

 

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

 

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-24] (Malwarebytes)

 

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

 

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)

 

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

 

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-10-15] (Realtek Semiconductor Corp.)

 

R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4738672 2015-11-23] (Realtek Semiconductor Corporation                           )

 

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

 

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

 

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)

 

S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)

 

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

 

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

 

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

 

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

 

S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

 

R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

 

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

 

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

 

==================== Three Months Created files and folders ========

 

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

 

2015-11-24 23:27 - 2015-11-24 23:27 - 00016148 _____ C:\WINDOWS\system32\DANNYWINDOW8_dannyboy_HistoryPrediction.bin

 

2015-11-23 17:30 - 2015-11-23 17:31 - 00000000 ____D C:\WINDOWS\LastGood

 

2015-11-23 17:25 - 2015-11-23 17:25 - 00000000 ____D C:\Program Files (x86)\HP

 

2015-11-18 18:42 - 2015-11-18 18:42 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\ESET

 

2015-11-16 06:39 - 2015-11-16 06:39 - 00000499 _____ C:\Users\dannyboy\Downloads\Appsdiagnostic10.diagcab

 

2015-11-15 11:50 - 2015-11-15 11:50 - 00020154 _____ C:\Users\dannyboy\Downloads\virusmaybe.odt

 

2015-11-15 09:54 - 2015-11-15 09:54 - 00000000 ____D C:\Users\dannyboy\AppData\Local\GlassWire

 

2015-11-15 09:53 - 2015-11-15 09:53 - 00001977 _____ C:\Users\dannyboy\Desktop\GlassWire.lnk

 

2015-11-15 09:53 - 2015-11-15 09:53 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire

 

2015-11-15 09:52 - 2015-11-15 09:53 - 00000000 ____D C:\Program Files (x86)\GlassWire

 

2015-11-15 09:52 - 2015-11-15 09:52 - 00000000 ____D C:\ProgramData\GlassWire

 

2015-11-15 09:52 - 2015-05-28 22:30 - 00008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat

 

2015-11-15 09:52 - 2015-05-28 22:15 - 00033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys

 

2015-11-15 09:48 - 2015-11-15 09:50 - 21872216 _____ (SecureMix LLC) C:\Users\dannyboy\Downloads\GlassWireSetup.exe

 

2015-11-15 07:44 - 2015-11-19 11:09 - 00004521 _____ C:\Users\dannyboy\Desktop\MTB.zip

 

2015-11-14 11:02 - 2015-11-14 11:02 - 00000000 ____D C:\Users\dannyboy\AppData\Local\ESET

 

2015-11-14 09:44 - 2015-11-14 09:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

 

2015-11-14 09:44 - 2015-11-14 09:44 - 00000000 ____D C:\ProgramData\ESET

 

2015-11-14 09:44 - 2015-11-14 09:44 - 00000000 ____D C:\Program Files\ESET

 

2015-11-14 09:35 - 2015-11-14 09:35 - 02838216 _____ (ESET) C:\Users\dannyboy\Downloads\eset_nod32_antivirus_live_installer.exe

 

2015-11-14 06:31 - 2015-11-14 06:31 - 00022843 _____ C:\Users\dannyboy\Desktop\MTB.txt

 

2015-11-14 06:28 - 2015-11-14 06:29 - 00891392 _____ (Farbar) C:\Users\dannyboy\Downloads\MiniToolBox (1).exe

 

2015-11-14 05:55 - 2015-11-14 05:55 - 00724232 _____ C:\Users\dannyboy\Downloads\cbslog.odt

 

2015-11-13 19:38 - 2015-11-24 23:29 - 00000000 ____D C:\Users\dannyboy\Downloads\FRST-OlderVersion

 

2015-11-13 14:27 - 2015-11-13 14:27 - 00038964 _____ C:\Users\dannyboy\Downloads\CUsersJVARNERAppDataLocalTempDMS19757d.tif

 

2015-11-13 08:07 - 2015-11-13 08:07 - 00000782 _____ C:\Users\dannyboy\Downloads\thanks to synsative.txt

 

2015-11-12 15:09 - 2015-11-12 15:09 - 00002240 _____ C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

 

2015-11-12 15:03 - 2015-11-12 15:03 - 00002159 _____ C:\Users\Public\Desktop\Get CleanPrint.lnk

 

2015-11-12 14:59 - 2015-11-12 14:59 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\KODAK AiO Home Center867402864

 

2015-11-12 14:56 - 2015-11-12 14:58 - 10464648 _____ (Eastman Kodak Company) C:\Users\dannyboy\Downloads\aio_install (1).exe

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00001950 _____ C:\Users\Public\Desktop\PrintProjects.lnk

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00000000 ____D C:\Users\Default\AppData\Roaming\Temp

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center262703819

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Temp

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center262703819

 

2015-11-12 14:46 - 2015-11-12 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects

 

2015-11-12 14:45 - 2015-11-12 14:45 - 00000000 ____D C:\ProgramData\PrintProjects

 

2015-11-12 14:45 - 2015-11-12 14:45 - 00000000 ____D C:\Program Files (x86)\PrintProjects

 

2015-11-10 21:54 - 2015-11-04 23:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

 

2015-11-10 21:54 - 2015-11-04 23:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

 

2015-11-10 21:54 - 2015-11-04 22:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

 

2015-11-10 21:54 - 2015-11-04 22:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

 

2015-11-10 21:54 - 2015-11-04 22:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

 

2015-11-10 21:54 - 2015-11-04 22:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

 

2015-11-10 21:54 - 2015-11-04 22:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

 

2015-11-10 21:54 - 2015-11-04 22:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

 

2015-11-10 21:54 - 2015-11-04 21:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

 

2015-11-10 21:54 - 2015-11-04 21:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

 

2015-11-10 21:54 - 2015-11-04 21:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

 

2015-11-10 21:54 - 2015-11-04 21:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

 

2015-11-10 21:54 - 2015-11-04 21:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

 

2015-11-10 21:54 - 2015-11-04 21:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

 

2015-11-10 21:53 - 2015-11-04 23:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

 

2015-11-10 21:53 - 2015-11-04 23:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

 

2015-11-10 21:53 - 2015-11-04 22:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

 

2015-11-10 21:53 - 2015-11-04 22:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

 

2015-11-10 21:53 - 2015-11-04 22:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

 

2015-11-10 21:53 - 2015-11-04 22:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

 

2015-11-10 21:53 - 2015-11-04 21:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

 

2015-11-10 21:53 - 2015-11-04 21:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

 

2015-11-10 21:53 - 2015-11-04 21:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

 

2015-11-10 21:53 - 2015-11-04 21:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

 

2015-11-10 21:53 - 2015-11-04 21:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

 

2015-11-10 21:53 - 2015-11-04 21:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

 

2015-11-10 21:52 - 2015-11-04 23:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

 

2015-11-10 21:52 - 2015-11-04 23:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

 

2015-11-10 21:52 - 2015-11-04 22:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

 

2015-11-10 21:52 - 2015-11-04 22:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

 

2015-11-10 21:52 - 2015-11-04 22:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

 

2015-11-10 21:52 - 2015-11-04 22:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll

 

2015-11-10 21:52 - 2015-11-04 22:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

 

2015-11-10 21:52 - 2015-11-04 22:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

 

2015-11-10 21:52 - 2015-11-04 22:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

 

2015-11-10 21:52 - 2015-11-04 21:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

 

2015-11-10 21:52 - 2015-11-04 21:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

 

2015-11-10 21:52 - 2015-11-04 21:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

 

2015-11-10 21:52 - 2015-11-04 21:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

 

2015-11-10 21:51 - 2015-11-04 23:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

 

2015-11-10 21:51 - 2015-11-04 23:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

 

2015-11-10 21:51 - 2015-11-04 22:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

 

2015-11-10 21:51 - 2015-11-04 22:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

 

2015-11-10 21:51 - 2015-11-04 22:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

 

2015-11-10 21:51 - 2015-11-04 22:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

 

2015-11-10 21:51 - 2015-11-04 22:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

 

2015-11-10 21:51 - 2015-11-04 22:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

 

2015-11-10 21:51 - 2015-11-04 22:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

 

2015-11-10 21:51 - 2015-11-04 22:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

 

2015-11-10 21:51 - 2015-11-04 21:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

 

2015-11-10 21:51 - 2015-11-04 21:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

 

2015-11-10 21:51 - 2015-11-04 21:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

 

2015-11-10 21:51 - 2015-11-04 21:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

 

2015-11-10 14:01 - 2015-11-10 14:01 - 00015245 _____ C:\Users\dannyboy\Downloads\paronia.odt

 

2015-11-05 11:54 - 2015-11-05 11:54 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\KODAK AiO Home Center1691362503

 

2015-11-04 19:36 - 2015-11-04 19:36 - 00015637 _____ C:\Users\dannyboy\Downloads\insurancecommissoner.odt

 

2015-11-03 18:52 - 2015-11-03 19:22 - 00017647 _____ C:\Users\dannyboy\Documents\FRST.txt

 

2015-11-03 18:51 - 2015-11-03 19:23 - 00028996 _____ C:\Users\dannyboy\Documents\Addition.txt

 

2015-11-03 17:29 - 2015-11-03 17:31 - 00032631 _____ C:\Users\dannyboy\Downloads\Addition.txt

 

2015-11-03 17:25 - 2015-11-24 23:30 - 00013636 _____ C:\Users\dannyboy\Downloads\FRST.txt

 

2015-11-03 17:25 - 2015-11-24 23:30 - 00000000 ____D C:\FRST

 

2015-11-03 17:07 - 2015-11-24 23:29 - 02348544 _____ (Farbar) C:\Users\dannyboy\Downloads\FRST64.exe

 

2015-10-27 17:09 - 2015-10-27 17:09 - 00087812 _____ C:\Users\dannyboy\Documents\DANNYWINDOW8partitions.txt

 

2015-10-25 07:37 - 2015-10-25 07:37 - 00000844 _____ C:\Users\Public\Desktop\Speccy.lnk

 

2015-10-25 07:37 - 2015-10-25 07:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

 

2015-10-25 07:37 - 2015-10-25 07:37 - 00000000 ____D C:\Program Files\Speccy

 

2015-10-22 07:05 - 2015-10-22 07:05 - 00013476 _____ C:\Users\dannyboy\Downloads\thanks to synsative.odt

 

2015-10-21 19:53 - 2015-10-05 21:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

 

2015-10-21 19:53 - 2015-10-05 20:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

 

2015-10-21 19:52 - 2015-09-24 22:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

 

2015-10-21 19:52 - 2015-09-24 21:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

 

2015-10-21 19:52 - 2015-09-24 21:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

 

2015-10-21 19:52 - 2015-09-24 21:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

 

2015-10-21 19:52 - 2015-09-24 21:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

 

2015-10-21 19:52 - 2015-09-24 20:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

 

2015-10-21 19:52 - 2015-09-17 00:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

 

2015-10-21 19:52 - 2015-09-17 00:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

 

2015-10-21 19:52 - 2015-09-17 00:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

 

2015-10-21 19:52 - 2015-09-17 00:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

 

2015-10-21 19:52 - 2015-09-17 00:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

 

2015-10-21 19:52 - 2015-09-16 23:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

 

2015-10-21 19:52 - 2015-09-16 23:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

 

2015-10-21 19:52 - 2015-09-16 23:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

 

2015-10-21 19:52 - 2015-09-16 23:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

 

2015-10-21 19:52 - 2015-09-16 23:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

 

2015-10-21 19:51 - 2015-09-24 21:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

 

2015-10-21 19:51 - 2015-09-24 21:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

 

2015-10-21 19:51 - 2015-09-24 20:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

 

2015-10-21 19:51 - 2015-09-17 00:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

 

2015-10-21 19:51 - 2015-09-17 00:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll

 

2015-10-21 19:51 - 2015-09-17 00:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

 

2015-10-21 19:51 - 2015-09-17 00:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

 

2015-10-21 19:51 - 2015-09-17 00:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

 

2015-10-21 19:51 - 2015-09-17 00:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

 

2015-10-21 19:51 - 2015-09-17 00:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

 

2015-10-21 19:51 - 2015-09-16 23:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

 

2015-10-21 19:51 - 2015-09-16 23:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

 

2015-10-21 19:51 - 2015-09-16 23:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

 

2015-10-21 19:51 - 2015-09-16 23:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

 

2015-10-21 19:50 - 2015-09-24 21:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

 

2015-10-21 19:50 - 2015-09-24 21:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

 

2015-10-21 19:50 - 2015-09-24 20:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

 

2015-10-21 19:50 - 2015-09-24 20:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

 

2015-10-21 19:50 - 2015-09-24 20:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

 

2015-10-21 19:50 - 2015-09-24 20:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

 

2015-10-21 19:50 - 2015-09-17 00:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

 

2015-10-21 19:50 - 2015-09-17 00:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

 

2015-10-21 19:50 - 2015-09-17 00:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

 

2015-10-21 19:50 - 2015-09-17 00:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

 

2015-10-21 19:50 - 2015-09-17 00:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

 

2015-10-21 19:50 - 2015-09-17 00:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

 

2015-10-21 19:50 - 2015-09-16 23:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

 

2015-10-21 19:50 - 2015-09-16 23:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

 

2015-10-21 19:50 - 2015-09-16 23:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

 

2015-10-21 19:50 - 2015-09-16 23:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

 

2015-10-21 19:50 - 2015-09-16 23:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

 

2015-10-21 19:50 - 2015-09-16 23:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

 

2015-10-21 19:50 - 2015-09-16 23:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

 

2015-10-21 19:50 - 2015-09-16 23:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

 

2015-10-21 19:50 - 2015-09-16 23:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll

 

2015-10-21 19:50 - 2015-09-16 23:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

 

2015-10-21 19:50 - 2015-09-16 23:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

 

2015-10-21 19:50 - 2015-09-16 23:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

 

2015-10-21 19:50 - 2015-09-16 23:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll

 

2015-10-21 19:49 - 2015-09-30 22:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

 

2015-10-21 19:49 - 2015-09-30 22:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

 

2015-10-21 19:49 - 2015-09-24 21:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

 

2015-10-21 19:49 - 2015-09-24 20:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

 

2015-10-21 19:49 - 2015-09-24 20:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

 

2015-10-21 19:49 - 2015-09-24 20:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

 

2015-10-21 19:49 - 2015-09-17 00:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

 

2015-10-21 19:49 - 2015-09-17 00:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys

 

2015-10-21 19:49 - 2015-09-17 00:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll

 

2015-10-21 19:49 - 2015-09-17 00:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll

 

2015-10-21 19:49 - 2015-09-17 00:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll

 

2015-10-21 19:49 - 2015-09-17 00:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

 

2015-10-21 19:49 - 2015-09-17 00:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

 

2015-10-21 19:49 - 2015-09-17 00:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

 

2015-10-21 19:49 - 2015-09-17 00:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

 

2015-10-21 19:49 - 2015-09-16 23:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

 

2015-10-21 19:49 - 2015-09-16 23:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

 

2015-10-21 19:49 - 2015-09-16 23:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

 

2015-10-21 19:49 - 2015-09-16 23:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

 

2015-10-21 19:49 - 2015-09-16 23:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

 

2015-10-21 19:49 - 2015-09-16 23:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

 

2015-10-21 19:49 - 2015-09-16 23:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

 

2015-10-21 19:49 - 2015-09-16 23:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

 

2015-10-21 19:49 - 2015-09-16 23:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

 

2015-10-21 19:49 - 2015-09-16 23:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

 

2015-10-21 19:49 - 2015-09-16 23:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

 

2015-10-21 19:49 - 2015-09-16 23:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

 

2015-10-21 19:48 - 2015-09-30 22:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

 

2015-10-21 19:48 - 2015-09-30 22:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

 

2015-10-21 19:48 - 2015-09-24 22:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

 

2015-10-21 19:48 - 2015-09-24 21:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

 

2015-10-21 19:48 - 2015-09-24 21:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

 

2015-10-21 19:48 - 2015-09-24 21:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

 

2015-10-21 19:48 - 2015-09-24 21:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

 

2015-10-21 19:48 - 2015-09-24 20:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

 

2015-10-21 19:48 - 2015-09-24 20:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

 

2015-10-21 19:48 - 2015-09-24 20:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

 

2015-10-21 19:48 - 2015-09-24 20:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

 

2015-10-21 19:48 - 2015-09-17 00:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

 

2015-10-21 19:48 - 2015-09-17 00:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

 

2015-10-21 19:48 - 2015-09-17 00:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

 

2015-10-21 19:48 - 2015-09-17 00:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll

 

2015-10-21 19:48 - 2015-09-17 00:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

 

2015-10-21 19:48 - 2015-09-17 00:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll

 

2015-10-21 19:48 - 2015-09-16 23:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

 

2015-10-21 19:48 - 2015-09-16 23:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

 

2015-10-21 19:48 - 2015-09-16 23:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

 

2015-10-21 19:48 - 2015-09-16 23:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

 

2015-10-21 19:48 - 2015-09-16 23:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

 

2015-10-21 19:48 - 2015-09-16 23:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

 

2015-10-21 19:48 - 2015-09-16 23:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

 

2015-10-21 19:48 - 2015-09-16 23:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

 

2015-10-21 19:48 - 2015-09-16 23:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

 

2015-10-21 19:48 - 2015-09-16 23:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

 

2015-10-21 19:48 - 2015-09-16 23:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

 

2015-10-21 19:48 - 2015-09-16 23:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

 

2015-10-21 19:47 - 2015-09-24 20:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

 

2015-10-21 19:47 - 2015-09-24 20:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

 

2015-10-21 19:47 - 2015-09-24 20:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

 

2015-10-21 19:47 - 2015-09-17 00:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

 

2015-10-21 19:47 - 2015-09-17 00:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

 

2015-10-21 19:47 - 2015-09-17 00:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

 

2015-10-21 19:47 - 2015-09-17 00:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

 

2015-10-21 19:47 - 2015-09-17 00:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys

 

2015-10-21 19:47 - 2015-09-17 00:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll

 

2015-10-21 19:47 - 2015-09-17 00:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

 

2015-10-21 19:47 - 2015-09-17 00:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

 

2015-10-21 19:47 - 2015-09-17 00:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

 

2015-10-21 19:47 - 2015-09-17 00:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

 

2015-10-21 19:47 - 2015-09-16 23:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

 

2015-10-21 19:47 - 2015-09-16 23:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

 

2015-10-21 19:47 - 2015-09-16 23:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll

 

2015-10-21 19:47 - 2015-09-16 23:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

 

2015-10-21 19:47 - 2015-09-16 23:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

 

2015-10-21 19:47 - 2015-09-16 23:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

 

2015-10-21 19:47 - 2015-09-16 23:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

 

2015-10-21 19:47 - 2015-09-16 23:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

 

2015-10-21 19:47 - 2015-09-16 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

 

2015-10-21 19:47 - 2015-09-16 23:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll

 

2015-10-21 19:47 - 2015-09-16 23:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll

 

2015-10-21 19:47 - 2015-09-16 23:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

 

2015-10-21 19:47 - 2015-09-16 23:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

 

2015-10-21 19:47 - 2015-09-16 23:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

 

2015-10-21 19:47 - 2015-09-16 23:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

 

2015-10-21 19:46 - 2015-10-10 01:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

 

2015-10-21 19:46 - 2015-09-30 21:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

 

2015-10-21 19:46 - 2015-09-24 20:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

 

2015-10-21 19:46 - 2015-09-24 20:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

 

2015-10-21 19:46 - 2015-09-24 20:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

 

2015-10-21 19:46 - 2015-09-17 00:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

 

2015-10-21 19:46 - 2015-09-17 00:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

 

2015-10-21 19:46 - 2015-09-17 00:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

 

2015-10-21 19:46 - 2015-09-17 00:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll

 

2015-10-21 19:46 - 2015-09-17 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

 

2015-10-21 19:46 - 2015-09-17 00:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

 

2015-10-21 19:46 - 2015-09-17 00:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll

 

2015-10-21 19:46 - 2015-09-17 00:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll

 

2015-10-21 19:46 - 2015-09-16 23:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

 

2015-10-21 19:46 - 2015-09-16 23:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll

 

2015-10-21 19:46 - 2015-09-16 23:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

 

2015-10-21 19:46 - 2015-09-16 23:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll

 

2015-10-21 19:46 - 2015-09-16 23:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll

 

2015-10-21 19:46 - 2015-09-16 23:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll

 

2015-10-21 19:46 - 2015-09-16 23:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll

 

2015-10-21 19:46 - 2015-09-16 23:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys

 

2015-10-21 19:46 - 2015-09-16 23:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys

 

2015-10-21 19:46 - 2015-09-16 23:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll

 

2015-10-21 19:46 - 2015-09-16 23:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll

 

2015-10-21 19:46 - 2015-09-16 23:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

 

2015-10-21 19:46 - 2015-09-16 23:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

 

2015-10-21 19:46 - 2015-09-16 23:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll

 

2015-10-21 19:46 - 2015-09-16 23:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

 

2015-10-21 19:46 - 2015-09-16 23:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll

 

2015-10-21 19:45 - 2015-09-24 20:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

 

2015-10-21 19:45 - 2015-09-18 23:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll

 

2015-10-21 19:45 - 2015-09-17 00:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

 

2015-10-21 19:45 - 2015-09-17 00:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll

 

2015-10-21 19:45 - 2015-09-17 00:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe

 

2015-10-21 19:45 - 2015-09-17 00:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

 

2015-10-21 19:45 - 2015-09-17 00:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

 

2015-10-21 19:45 - 2015-09-16 23:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll

 

2015-10-21 19:45 - 2015-09-16 23:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll

 

2015-10-21 19:45 - 2015-09-16 23:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll

 

2015-10-21 19:45 - 2015-09-16 23:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll

 

2015-10-21 19:44 - 2015-09-24 21:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

 

2015-10-21 19:44 - 2015-09-24 21:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

 

2015-10-21 19:44 - 2015-09-24 21:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

 

2015-10-21 19:44 - 2015-09-24 20:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

 

2015-10-21 19:44 - 2015-09-24 20:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

 

2015-10-21 19:44 - 2015-09-24 20:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

 

2015-10-21 19:44 - 2015-09-17 00:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

 

2015-10-21 19:44 - 2015-09-17 00:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

 

2015-10-21 19:44 - 2015-09-17 00:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

 

2015-10-21 19:44 - 2015-09-17 00:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

 

2015-10-21 19:44 - 2015-09-17 00:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

 

2015-10-21 19:44 - 2015-09-17 00:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

 

2015-10-21 19:44 - 2015-09-17 00:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll

 

2015-10-21 19:44 - 2015-09-17 00:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll

 

2015-10-21 19:44 - 2015-09-17 00:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

 

2015-10-21 19:44 - 2015-09-17 00:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

 

2015-10-21 19:44 - 2015-09-16 23:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

 

2015-10-21 19:44 - 2015-09-16 23:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll

 

2015-10-21 19:44 - 2015-09-16 23:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll

 

2015-10-21 19:44 - 2015-09-16 23:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

 

2015-10-21 19:44 - 2015-09-16 23:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll

 

2015-10-21 19:44 - 2015-09-16 23:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

 

2015-10-21 19:44 - 2015-09-16 23:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

 

2015-10-21 19:44 - 2015-09-16 23:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll

 

2015-10-21 19:44 - 2015-09-16 23:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

 

2015-10-21 19:44 - 2015-09-16 23:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll

 

2015-10-21 19:44 - 2015-09-16 23:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll

 

2015-10-21 19:44 - 2015-09-16 23:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

 

2015-10-21 19:44 - 2015-09-16 23:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

 

2015-10-21 19:44 - 2015-09-16 23:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

 

2015-10-21 19:44 - 2015-09-16 23:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

 

2015-10-21 19:44 - 2015-09-16 23:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll

 

2015-10-21 19:44 - 2015-09-16 23:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

 

2015-10-21 19:43 - 2015-09-17 00:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

 

2015-10-21 19:43 - 2015-09-17 00:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

 

2015-10-21 19:43 - 2015-09-17 00:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

 

2015-10-21 19:43 - 2015-09-16 23:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

 

2015-10-21 19:43 - 2015-09-16 23:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

 

2015-10-21 19:43 - 2015-09-16 23:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

 

2015-10-21 19:43 - 2015-09-16 23:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll

 

2015-10-21 19:43 - 2015-09-16 23:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll

 

2015-10-21 19:43 - 2015-09-16 23:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

 

2015-10-21 18:03 - 2015-10-21 18:03 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-DANNYWINDOW8-Windows-10-Home-(64-bit).dat

 

2015-10-21 18:03 - 2015-10-21 18:03 - 00000000 ____D C:\RegBackup

 

2015-10-21 16:23 - 2015-10-21 17:57 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

 

2015-10-21 12:49 - 2015-10-21 12:49 - 00016196 _____ C:\Users\dannyboy\Downloads\winupdate.odt

 

2015-10-20 15:41 - 2015-10-20 15:41 - 00000000 ____D C:\Users\dannyboy\Documents\Ashampoo Burning Studio FREE

 

2015-10-20 06:55 - 2015-10-20 06:55 - 00000000 ____D C:\Users\dannyboy\AppData\Local\niemiro

 

2015-10-20 06:54 - 2015-10-20 06:54 - 04650624 _____ C:\Users\dannyboy\Documents\windows errors.nfo

 

2015-10-20 04:30 - 2015-10-20 04:30 - 00000000 _____ C:\WINDOWS\system32\log

 

2015-10-19 22:12 - 2015-10-19 22:19 - 00000074 _____ C:\Users\dannyboy\Documents\fix.bat

 

2015-10-19 22:07 - 2015-10-19 22:27 - 00000066 _____ C:\Users\dannyboy\Documents\allfiles.txt

 

2015-10-17 18:21 - 2015-10-17 18:21 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk

 

2015-10-17 18:19 - 2015-10-17 18:20 - 05490752 _____ (Secunia) C:\Users\dannyboy\Downloads\PSISetup.exe

 

2015-10-17 11:36 - 2015-10-17 11:37 - 03226845 _____ C:\Users\dannyboy\Downloads\Snort_2_9_7_6_Installer.exe

 

2015-10-17 11:10 - 2015-10-17 02:04 - 01884160 _____ C:\Users\dannyboy\Documents\community-rules.tar (1)

 

2015-10-17 11:09 - 2015-10-17 02:04 - 01884160 _____ C:\Users\dannyboy\Downloads\community-rules.tar (1)

 

2015-10-17 11:08 - 2015-10-17 11:08 - 00264419 _____ C:\Users\dannyboy\Downloads\community-rules.tar (1).tar

 

2015-10-17 06:46 - 2015-10-17 06:46 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Aviator

 

2015-10-16 19:08 - 2015-10-16 19:08 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Secunia PSI

 

2015-10-16 19:08 - 2015-10-16 19:08 - 00000000 ____D C:\Program Files (x86)\Secunia

 

2015-10-16 17:38 - 2015-10-16 17:38 - 00264420 _____ C:\Users\dannyboy\Downloads\community-rules.tar.tar

 

2015-10-16 10:57 - 2015-10-16 10:57 - 00011934 _____ C:\Users\dannyboy\Downloads\wire shark tutorial.odt

 

2015-10-15 18:55 - 2015-10-17 13:57 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Wireshark

 

2015-10-15 14:21 - 2015-10-15 14:21 - 09898752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 08009376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 07482080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00245248 _____ C:\WINDOWS\system32\clinfo.exe

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00169152 _____ C:\WINDOWS\system32\ativce03.dat

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00143088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00137728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00123904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00111640 _____ C:\WINDOWS\system32\hsa-thunk64.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00111128 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00103432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

 

2015-10-15 14:13 - 2015-10-15 14:13 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll

 

2015-10-15 14:12 - 2015-10-15 14:13 - 08979792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 30762496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 25310216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 10191288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 08866472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap

 

2015-10-15 14:12 - 2015-10-15 14:12 - 01213224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00452616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00343048 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00201216 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00170504 _____ C:\WINDOWS\system32\atieah64.exe

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00165400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00154120 _____ C:\WINDOWS\SysWOW64\atieah32.exe

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00152072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00130104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00113920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00097816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00091144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00089560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00085512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00082720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00079880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00079880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00059920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe

 

2015-10-15 14:12 - 2015-10-15 14:12 - 00038424 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll

 

2015-10-15 14:11 - 2015-10-15 14:12 - 00071192 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 47795712 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 15725592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 14310928 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 09191344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 07575696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 01256472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 01196072 _____ C:\WINDOWS\system32\amdocl_as64.exe

 

2015-10-15 14:11 - 2015-10-15 14:11 - 01072152 _____ C:\WINDOWS\system32\amdocl_ld64.exe

 

2015-10-15 14:11 - 2015-10-15 14:11 - 01005584 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00936960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00936960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00807464 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00660912 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00660912 _____ C:\WINDOWS\system32\atiapfxx.blb

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00377352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00089552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00082720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00075272 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00068120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00064536 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00060944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00057872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll

 

2015-10-15 14:11 - 2015-10-15 14:11 - 00052248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll

 

2015-10-15 14:10 - 2015-10-15 14:11 - 27546120 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 39723544 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 22327320 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 06487560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 05077016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00833798 _____ C:\WINDOWS\system32\amdicdxx.dat

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00472872 _____ C:\WINDOWS\system32\amdmiracast.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00307936 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00213528 _____ C:\WINDOWS\system32\amdgfxinfo64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00198680 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00167456 _____ C:\WINDOWS\system32\amde31a.dat

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00153496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00143384 _____ C:\WINDOWS\system32\amdhdl64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00138416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00132120 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00117640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00110352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00060928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll

 

2015-10-15 14:10 - 2015-10-15 14:10 - 00048152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll

 

2015-10-15 00:37 - 2015-10-15 00:37 - 00164444 _____ C:\Users\dannyboy\Documents\perfmon.zip

 

2015-10-15 00:35 - 2015-10-15 00:32 - 03041404 _____ C:\Users\dannyboy\Documents\perfmon.html

 

2015-10-14 16:40 - 2015-10-14 16:40 - 00582231 _____ C:\Users\dannyboy\Documents\logfilesoct.zip

 

2015-10-14 15:42 - 2015-10-14 15:42 - 00971475 _____ C:\Users\dannyboy\Documents\SysnativeFileCollectionApp.zip

 

2015-10-14 15:35 - 2015-10-14 15:42 - 00000000 ____D C:\Users\dannyboy\Documents\SysnativeFileCollectionApp

 

2015-10-14 15:34 - 2015-10-14 15:35 - 00158720 _____ (Sysnative) C:\Users\dannyboy\Documents\SysnativeBSODCollectionApp.exe

 

2015-10-14 13:47 - 2015-10-14 13:47 - 07409664 _____ C:\Users\dannyboy\Documents\logfilesoct.evtx

 

2015-10-14 12:42 - 2015-10-14 12:42 - 00017190 _____ C:\Users\dannyboy\Downloads\post copy.odt

 

2015-10-14 08:12 - 2015-10-15 18:48 - 00000000 ____D C:\Program Files (x86)\WinPcap

 

2015-10-14 08:12 - 2015-10-14 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap

 

2015-10-14 07:58 - 2015-10-14 07:59 - 02788077 _____ C:\Users\dannyboy\Downloads\Snort_2_9_5_Installer.exe

 

2015-10-13 15:02 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-3QU96.tmp

 

2015-10-10 17:34 - 2015-11-24 18:34 - 00000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9fc4a3f1-4e71-48e3-a503-c593c50fb5cc.job

 

2015-10-10 17:34 - 2015-11-23 02:00 - 00000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d9975a45-fbea-40f6-88cf-2fe7321bc58f.job

 

2015-10-10 17:34 - 2015-10-10 17:34 - 00003782 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task d9975a45-fbea-40f6-88cf-2fe7321bc58f

 

2015-10-10 17:34 - 2015-10-10 17:34 - 00003700 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 9fc4a3f1-4e71-48e3-a503-c593c50fb5cc

 

2015-10-10 17:34 - 2015-10-10 17:34 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\SUPERAntiSpyware.com

 

2015-10-10 17:33 - 2015-10-10 17:33 - 00001856 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk

 

2015-10-10 17:33 - 2015-10-10 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

 

2015-10-10 17:32 - 2015-10-21 16:22 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

 

2015-10-10 17:32 - 2015-10-10 17:32 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com

 

2015-10-10 17:26 - 2015-10-10 17:28 - 23662320 _____ (SUPERAntiSpyware) C:\Users\dannyboy\Downloads\SUPERAntiSpywarePro.exe

 

2015-10-10 12:27 - 2015-10-10 12:27 - 00015340 _____ C:\Users\dannyboy\Downloads\state attourney general.odt

 

2015-10-08 11:58 - 2015-10-08 11:58 - 02172800 _____ (Kaspersky Lab) C:\Users\dannyboy\Downloads\kss15.0.0.740en_es_fr_pt_8648.exe

 

2015-10-08 11:58 - 2015-10-08 11:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

 

2015-10-07 19:39 - 2015-10-07 19:39 - 00002503 _____ C:\Users\Public\Desktop\WiTS.lnk

 

2015-10-07 19:39 - 2015-10-07 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Inspection Tool Set

 

2015-10-07 19:37 - 2015-10-07 19:38 - 02918987 _____ (Ashok P. Nadkarni) C:\Users\dannyboy\Downloads\setup-wits-3.0.25(64 bit) (1).exe

 

2015-10-07 15:07 - 2015-10-07 15:07 - 00000000 ____D C:\Program Files (x86)\PersonalAccountingSoftware

 

2015-10-07 11:01 - 2015-10-07 13:38 - 00013482 _____ C:\Users\dannyboy\Downloads\cristus july.ods

 

2015-10-06 10:31 - 2015-10-06 11:36 - 00013361 _____ C:\Users\dannyboy\Downloads\windows firewall.odt

 

2015-10-05 14:38 - 2015-10-07 15:07 - 00002889 _____ C:\Users\dannyboy\Desktop\PersonalAccountingSoftware.lnk

 

2015-10-05 14:38 - 2015-10-07 15:07 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PersonalAccountingSoftware

 

2015-10-05 14:38 - 2015-10-05 15:23 - 00000000 ____D C:\Users\dannyboy\AppData\Local\PersonalAccountingSoftware

 

2015-10-05 14:36 - 2015-10-05 14:36 - 00935936 _____ C:\Users\dannyboy\Downloads\personalaccountingsoftware.msi

 

2015-10-03 18:30 - 2015-11-23 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

 

2015-10-03 18:30 - 2015-10-03 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

 

2015-10-03 18:30 - 2015-10-03 18:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit

 

2015-10-03 18:28 - 2015-10-03 18:28 - 02865192 _____ (Malwarebytes ) C:\Users\dannyboy\Downloads\mbae-setup-1.07.1.1015.exe

 

2015-10-01 13:44 - 2015-10-01 13:44 - 00000000 ____D C:\WINDOWS\system32\kodak

 

2015-10-01 13:35 - 2015-10-01 13:35 - 00000000 ____D C:\WINDOWS\SysWOW64\spool

 

2015-10-01 13:24 - 2015-10-01 13:24 - 00004604 _____ C:\Users\dannyboy\AppData\Local\installer.log

 

2015-09-30 18:56 - 2015-11-12 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

 

2015-09-30 18:52 - 2015-09-30 18:53 - 00000000 ____D C:\WINDOWS\SysWOW64\kodak

 

2015-09-29 09:18 - 2015-09-29 09:28 - 00011632 _____ C:\Users\dannyboy\Documents\network.odt

 

2015-09-27 12:35 - 2015-09-27 12:35 - 00016148 _____ C:\WINDOWS\system32\DANNYWINDOW8_daniel_HistoryPrediction.bin

 

2015-09-27 04:12 - 2015-09-27 04:13 - 06066814 _____ C:\Users\dannyboy\Downloads\dict-en.zip

 

2015-09-26 20:13 - 2015-09-26 20:13 - 00220261 _____ C:\Users\dannyboy\Downloads\familybudget.zip

 

2015-09-26 20:10 - 2015-09-26 20:10 - 00018614 _____ C:\Users\dannyboy\Downloads\budget.zip

 

2015-09-26 20:06 - 2015-09-26 20:06 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\OpenOffice

 

2015-09-26 20:05 - 2015-09-26 20:05 - 00001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk

 

2015-09-26 20:05 - 2015-09-26 20:05 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1

 

2015-09-26 20:02 - 2015-09-26 20:03 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

 

2015-09-26 20:00 - 2015-09-26 20:00 - 00000000 ____D C:\Users\dannyboy\Desktop\OpenOffice 4.1.1 (en-US) Installation Files

 

2015-09-26 19:18 - 2015-09-26 19:59 - 140852175 _____ C:\Users\dannyboy\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe

 

2015-09-25 15:24 - 2015-09-30 18:41 - 10464648 _____ (Eastman Kodak Company) C:\Users\dannyboy\Downloads\aio_install.exe

 

2015-09-25 01:09 - 2015-10-17 19:45 - 00680600 _____ (Sysinternals - www.sysinternals.com) C:\Users\dannyboy\Downloads\autoruns.exe

 

2015-09-24 15:17 - 2015-09-24 15:17 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Ashampoo

 

2015-09-24 09:07 - 2015-09-24 09:07 - 00000000 ____D C:\Users\dannyboy\AppData\Local\ashampoo

 

2015-09-24 09:06 - 2015-09-24 09:06 - 00001383 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk

 

2015-09-24 09:06 - 2015-09-24 09:06 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url

 

2015-09-24 09:06 - 2015-09-24 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo

 

2015-09-24 09:05 - 2015-09-24 09:07 - 00000000 ____D C:\ProgramData\Ashampoo

 

2015-09-24 09:05 - 2015-09-24 09:05 - 00000000 ____D C:\Program Files (x86)\Ashampoo

 

2015-09-24 08:18 - 2015-09-24 08:22 - 00000090 _____ C:\ProgramData\Temp.log

 

2015-09-24 07:04 - 2015-09-24 09:04 - 32830656 _____ (Ashampoo GmbH & Co. KG ) C:\Users\dannyboy\Downloads\ashampoo_burning_studio_free_1.14.5_sm.exe

 

2015-09-23 14:23 - 2015-09-23 14:23 - 00982456 _____ (CyberLink) C:\Users\dannyboy\Downloads\CyberLink_Win10_Compatibility_Advisor.exe

 

2015-09-23 13:26 - 2015-09-23 13:26 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Power2Go

 

2015-09-23 13:10 - 2015-09-24 08:22 - 00000000 _____ C:\WINDOWS\lgfwup.ini

 

2015-09-23 13:09 - 2001-08-29 20:00 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb

 

2015-09-23 13:09 - 1998-07-21 23:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb6stkit.dll

 

2015-09-23 13:09 - 1998-07-21 23:00 - 00102160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6KO.DLL

 

2015-09-23 13:09 - 1998-06-23 23:00 - 00115016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX

 

2015-09-23 13:03 - 2015-09-23 13:03 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\CyberLink

 

2015-09-23 13:00 - 2015-09-24 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite

 

2015-09-23 12:56 - 2015-09-24 08:22 - 00000000 ____D C:\ProgramData\CLSK

 

2015-09-21 15:45 - 2015-09-21 15:45 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\KODAK AiO Home Center1764656221

 

2015-09-21 15:44 - 2015-09-21 15:44 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Temp

 

2015-09-21 15:40 - 2015-11-12 15:16 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Eastman_Kodak_Company

 

2015-09-21 10:40 - 2015-10-14 08:11 - 00915128 _____ (Riverbed Technology, Inc.) C:\Users\dannyboy\Downloads\WinPcap_4_1_3 (1).exe

 

2015-09-21 10:40 - 2015-09-21 10:40 - 00915128 _____ (Riverbed Technology, Inc.) C:\Users\dannyboy\Downloads\WinPcap_4_1_3.exe

 

2015-09-21 10:31 - 2015-10-15 18:44 - 29857792 _____ (Wireshark development team) C:\Users\dannyboy\Downloads\Wireshark-win64-1.12.7.exe

 

2015-09-18 08:25 - 2015-09-18 08:25 - 00000000 ____D C:\Users\dannyboy\Libreoffice

 

2015-09-18 08:12 - 2015-09-18 08:12 - 00020873 _____ C:\Users\dannyboy\Downloads\personal-budget-usd.zip

 

2015-09-18 07:44 - 2015-09-18 07:44 - 00000000 ____D C:\Users\dannyboy\AppData\Local\SpreadsheetTools

 

2015-09-18 07:39 - 2015-09-18 07:40 - 02209280 _____ C:\Users\dannyboy\Downloads\FREE LEDGER.msi

 

2015-09-18 07:20 - 2015-09-18 07:20 - 00040448 _____ C:\Users\dannyboy\Downloads\month_personal_accounting_spreadsheet.xls

 

2015-09-17 21:46 - 2015-09-17 21:47 - 00030078 _____ C:\WINDOWS\SysWOW64\MTB.txt

 

2015-09-17 21:44 - 2015-09-17 21:46 - 00891392 _____ (Farbar) C:\Users\dannyboy\Downloads\MiniToolBox.exe

 

2015-09-17 12:22 - 2015-09-17 12:22 - 00012924 _____ C:\Users\dannyboy\Documents\sample text.odt

 

2015-09-16 16:45 - 2015-09-16 16:45 - 04205817 _____ (ShareX Team ) C:\Users\dannyboy\Downloads\ShareX-10.2.0-setup.exe

 

2015-09-16 09:14 - 2015-09-16 09:14 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Apple

 

2015-09-13 17:15 - 2015-09-13 17:34 - 220966912 _____ C:\Users\dannyboy\Downloads\LibreOffice_5.0.1_Win_x86.msi

 

2015-09-13 10:05 - 2015-09-13 10:05 - 00009833 _____ C:\Users\dannyboy\Documents\librescreen.odt

 

2015-09-13 08:04 - 2015-10-09 12:26 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Comms

 

2015-09-12 16:35 - 2015-11-24 21:57 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3D422776-D756-4B06-9792-B39290594195}

 

2015-09-12 15:22 - 2015-09-12 15:22 - 00000074 _____ C:\witslognow

 

2015-09-12 15:13 - 2015-11-06 07:42 - 00000000 ____D C:\Program Files\Windows Inspection Tool Set

 

2015-09-12 15:11 - 2015-09-12 15:11 - 02918987 _____ (Ashok P. Nadkarni) C:\Users\dannyboy\Downloads\setup-wits-3.0.25(64 bit).exe

 

2015-09-12 13:57 - 2015-09-12 13:57 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Eastman Kodak Company

 

2015-09-12 13:23 - 2015-09-12 14:34 - 00000000 ____D C:\Program Files (x86)\Adobe

 

2015-09-12 13:22 - 2015-09-12 13:52 - 00000000 ____D C:\ProgramData\Adobe

 

2015-09-12 13:15 - 2015-09-12 13:46 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Adobe

 

2015-09-11 17:27 - 2015-09-11 17:27 - 01549613 _____ C:\Users\dannyboy\Downloads\wscc.zip

 

2015-09-11 14:11 - 2015-09-11 14:12 - 09528934 _____ C:\Users\dannyboy\Downloads\LibreOffice_4.4.5_Win_x86 (1).msi.ufq34uy.partial

 

2015-09-11 14:05 - 2015-09-11 14:05 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\LibreOffice

 

2015-09-11 13:29 - 2015-09-11 13:53 - 224563200 _____ C:\Users\dannyboy\Downloads\LibreOffice_4.4.5_Win_x86.msi

 

2015-09-11 09:23 - 2015-10-16 23:00 - 00007605 _____ C:\Users\dannyboy\AppData\Local\resmon.resmoncfg

 

2015-09-10 22:01 - 2015-11-23 17:35 - 00008407 _____ C:\WINDOWS\SysWOW64\RealtekWLAN.log

 

2015-09-10 07:12 - 2015-10-26 23:06 - 00003274 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordannyboy

 

2015-09-10 07:12 - 2015-10-26 23:06 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordannyboy.job

 

2015-09-10 07:11 - 2015-09-10 07:12 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Hewlett-Packard

 

2015-09-10 07:11 - 2015-09-10 07:11 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Hewlett-Packard

 

2015-09-10 07:05 - 2015-09-10 07:05 - 00002307 _____ C:\Users\dannyboy\Desktop\HP Support Assistant.lnk

 

2015-09-10 07:02 - 2015-09-10 07:02 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\hpqLog

 

2015-09-10 07:01 - 2015-09-10 07:01 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}

 

2015-09-10 06:53 - 2015-09-10 06:54 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\dannyboy\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe

 

2015-09-10 06:23 - 2015-09-10 06:23 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk

 

2015-09-10 06:23 - 2015-09-10 06:23 - 00002200 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk

 

2015-09-10 06:23 - 2015-09-10 06:23 - 00000000 ____D C:\Program Files (x86)\Belarc

 

2015-09-10 06:17 - 2015-09-10 06:22 - 04139808 _____ C:\Users\dannyboy\Downloads\advisorinstaller.exe

 

2015-09-09 16:21 - 2015-09-09 16:28 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Mozilla

 

2015-09-09 16:21 - 2015-09-09 16:22 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Mozilla

 

2015-09-09 16:12 - 2015-09-09 16:12 - 00242752 _____ C:\Users\dannyboy\Downloads\Firefox Setup Stub 40.0.3.exe

 

2015-09-09 15:30 - 2015-09-09 15:30 - 00000000 ____D C:\Users\dannyboy\AppData\Local\NetworkTiles

 

2015-09-09 13:56 - 2015-09-09 13:56 - 00016148 _____ C:\WINDOWS\system32\DANNYWINDOW8_linda_HistoryPrediction.bin

 

2015-09-09 13:46 - 2015-09-09 13:46 - 00000000 ____D C:\Users\linda\AppData\Local\pinger.com

 

2015-09-09 09:14 - 2015-09-09 09:14 - 00000000 ____D C:\Users\linda\AppData\Local\Apple

 

2015-09-08 19:48 - 2015-09-08 19:48 - 00000000 ____D C:\Users\linda\AppData\Local\NetworkTiles

 

2015-09-08 19:38 - 2015-09-08 19:43 - 00000000 ____D C:\Users\linda\AppData\Local\Comms

 

2015-09-08 18:00 - 2015-09-08 18:00 - 00000000 ____D C:\Users\linda\AppData\Roaming\Macromedia

 

2015-09-08 17:47 - 2015-09-08 18:00 - 00000000 ____D C:\Users\linda\AppData\Local\MicrosoftEdge

 

2015-09-08 17:45 - 2015-09-09 13:56 - 00000000 ___RD C:\Users\linda\OneDrive

 

2015-09-08 17:45 - 2015-09-08 17:45 - 00002384 _____ C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

 

2015-09-08 17:44 - 2015-09-09 02:49 - 00000000 ____D C:\Users\linda\Documents\Youcam

 

2015-09-08 17:44 - 2015-09-08 17:44 - 00000000 ____D C:\Users\linda\AppData\Local\CyberLink

 

2015-09-08 17:42 - 2015-09-08 17:42 - 00000000 ____D C:\Users\linda\AppData\Local\Publishers

 

2015-09-08 17:40 - 2015-09-08 18:05 - 00000000 ____D C:\Users\linda\AppData\Local\Packages

 

2015-09-08 17:40 - 2015-09-08 17:40 - 00000000 ____D C:\Users\linda\AppData\Roaming\Synaptics

 

2015-09-08 17:40 - 2015-09-08 17:40 - 00000000 ____D C:\Users\linda\AppData\Roaming\Adobe

 

2015-09-08 17:40 - 2015-09-08 17:40 - 00000000 ____D C:\Users\linda\AppData\Local\VirtualStore

 

2015-09-08 17:40 - 2015-09-08 17:40 - 00000000 ____D C:\Users\linda\AppData\Local\TileDataLayer

 

2015-09-08 17:39 - 2015-09-08 17:45 - 00000000 ____D C:\Users\linda

 

2015-09-08 17:39 - 2015-09-08 17:40 - 00000000 ___RD C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

 

2015-09-08 17:39 - 2015-09-08 17:39 - 00000020 ___SH C:\Users\linda\ntuser.ini

 

2015-09-08 17:39 - 2015-09-03 23:23 - 00000000 ____D C:\Users\linda\Documents\hp.system.package.metadata

 

2015-09-08 17:39 - 2015-07-10 05:04 - 00000000 __RSD C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

 

2015-09-08 17:39 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

 

2015-09-08 17:39 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

 

2015-09-08 17:39 - 2015-07-10 05:04 - 00000000 ____D C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

 

2015-09-08 15:50 - 2015-08-26 23:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

 

2015-09-08 15:50 - 2015-08-26 23:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

 

2015-09-08 15:50 - 2015-08-26 23:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

 

2015-09-08 15:50 - 2015-08-26 23:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

 

2015-09-08 15:50 - 2015-08-26 23:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

 

2015-09-08 15:50 - 2015-08-26 23:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll

 

2015-09-08 15:50 - 2015-08-26 23:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll

 

2015-09-08 15:50 - 2015-08-26 23:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

 

2015-09-08 15:50 - 2015-08-26 23:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

 

2015-09-08 15:50 - 2015-08-26 23:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

 

2015-09-08 15:50 - 2015-08-26 23:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

 

2015-09-08 15:50 - 2015-08-26 23:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

 

2015-09-08 15:50 - 2015-08-26 23:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll

 

2015-09-08 15:50 - 2015-08-26 23:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

 

2015-09-08 15:24 - 2015-09-08 15:24 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Macromedia

 

2015-09-08 15:19 - 2015-11-18 09:40 - 00002393 _____ C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

 

2015-09-08 15:19 - 2015-11-18 09:40 - 00000000 ___RD C:\Users\dannyboy\OneDrive

 

2015-09-08 15:16 - 2015-09-18 20:16 - 00000000 ____D C:\Users\dannyboy\Documents\Youcam

 

2015-09-08 15:16 - 2015-09-08 15:23 - 00000000 ____D C:\Users\dannyboy\AppData\Local\MicrosoftEdge

 

2015-09-08 15:16 - 2015-09-08 15:16 - 00000000 ____D C:\Users\dannyboy\AppData\Local\CyberLink

 

2015-09-08 15:13 - 2015-09-08 15:13 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Publishers

 

2015-09-08 15:11 - 2015-09-08 15:11 - 00000000 ____D C:\Users\dannyboy\AppData\Local\VirtualStore

 

2015-09-08 15:10 - 2015-10-21 18:19 - 00000000 ____D C:\Users\dannyboy\AppData\Local\Packages

 

2015-09-08 15:10 - 2015-09-08 15:10 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Synaptics

 

2015-09-08 15:10 - 2015-09-08 15:10 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Adobe

 

2015-09-08 15:10 - 2015-09-08 15:10 - 00000000 ____D C:\Users\dannyboy\AppData\Local\TileDataLayer

 

2015-09-08 15:09 - 2015-11-23 17:42 - 00000000 ____D C:\Users\dannyboy

 

2015-09-08 15:09 - 2015-09-08 15:10 - 00000000 ___RD C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

 

2015-09-08 15:09 - 2015-09-08 15:09 - 00000020 ___SH C:\Users\dannyboy\ntuser.ini

 

2015-09-08 15:09 - 2015-09-03 23:23 - 00000000 ____D C:\Users\dannyboy\Documents\hp.system.package.metadata

 

2015-09-08 15:09 - 2015-07-10 05:04 - 00000000 __RSD C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

 

2015-09-08 15:09 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

 

2015-09-08 15:09 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

 

2015-09-08 15:09 - 2015-07-10 05:04 - 00000000 ____D C:\Users\dannyboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

 

2015-09-07 20:47 - 2015-09-07 20:47 - 00015404 _____ C:\Users\daniel\Desktop\MTB.txt

 

2015-09-07 20:39 - 2015-09-07 20:46 - 00891392 _____ (Farbar) C:\Users\daniel\Desktop\MiniToolBox.exe

 

2015-09-07 20:03 - 2015-09-07 20:03 - 00001051 _____ C:\malwarebyts scan.txt

 

2015-09-07 17:34 - 2015-09-07 17:34 - 00004298 _____ C:\WINDOWS\System32\Tasks\AviatorUpdateTask

 

2015-09-07 17:34 - 2015-09-07 17:34 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aviator.lnk

 

2015-09-07 17:34 - 2015-09-07 17:34 - 00002326 _____ C:\Users\Public\Desktop\Aviator.lnk

 

2015-09-07 17:34 - 2015-09-07 17:34 - 00000000 ____D C:\Users\daniel\AppData\Local\Aviator

 

2015-09-07 17:34 - 2015-09-07 17:34 - 00000000 ____D C:\Program Files (x86)\Whitehat

 

2015-09-07 17:32 - 2015-09-07 17:32 - 00000000 ____D C:\Users\daniel\AppData\Local\Downloaded Installations

 

2015-09-07 17:20 - 2015-09-07 17:31 - 63675312 _____ (WhiteHat Security, Inc.) C:\Users\daniel\Downloads\AviatorSetup.exe

 

2015-09-06 14:03 - 2015-11-23 17:29 - 04738672 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys

 

2015-09-06 14:03 - 2015-09-10 22:00 - 04619520 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\SET1DD1.tmp

 

2015-09-06 14:03 - 2015-09-06 14:03 - 04527872 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\SETED65.tmp

 

2015-09-06 12:16 - 2015-09-06 12:16 - 00000000 ____D C:\ProgramData\Visan

 

2015-09-06 12:12 - 2015-09-06 12:16 - 00000000 ____D C:\Users\daniel\AppData\Local\Eastman_Kodak_Company

 

2015-09-06 12:03 - 2015-09-06 12:03 - 00000000 ____D C:\Users\daniel\AppData\Local\Eastman Kodak Company

 

2015-09-06 11:44 - 2015-09-30 18:50 - 00000000 ____D C:\Program Files (x86)\Kodak

 

2015-09-06 11:38 - 2015-09-06 11:38 - 00000000 ____D C:\Users\daniel\AppData\Roaming\Temp

 

2015-09-06 11:35 - 2015-09-06 11:37 - 10464648 _____ (Eastman Kodak Company) C:\Users\daniel\Downloads\aio_install.exe

 

2015-09-06 11:30 - 2015-11-22 13:31 - 00000000 ____D C:\ProgramData\Kodak

 

2015-09-06 11:30 - 2015-09-06 11:30 - 00141312 _____ (Eastman Kodak Company) C:\WINDOWS\system32\EKIJCOINST09.dll

 

2015-09-05 12:07 - 2015-09-05 12:07 - 00000017 _____ C:\Users\daniel\AppData\Local\resmon.resmoncfg

 

2015-09-05 09:14 - 2015-09-05 09:16 - 04402436 _____ C:\Users\daniel\Downloads\everesthome220.zip

 

2015-09-04 19:08 - 2015-09-04 19:09 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\daniel\Downloads\HPSupportSolutionsFramework-12.0.30.81 (1).exe

 

2015-09-04 13:27 - 2015-09-04 13:27 - 00011070 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip

 

2015-09-04 13:26 - 2015-07-13 01:34 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

 

2015-09-04 13:26 - 2015-07-13 01:34 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

 

2015-09-04 13:26 - 2015-07-13 01:34 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

 

2015-09-04 13:26 - 2015-07-13 01:34 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

 

2015-09-04 13:25 - 2015-07-13 01:34 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

 

2015-09-04 13:25 - 2015-07-13 01:34 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

 

2015-09-04 13:25 - 2015-07-13 01:34 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

 

2015-09-04 13:25 - 2015-07-13 01:34 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

 

2015-09-04 13:25 - 2015-07-13 01:34 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

 

2015-09-04 13:25 - 2015-07-13 01:34 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

 

2015-09-04 13:25 - 2015-07-13 01:34 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

 

2015-09-04 13:24 - 2015-07-13 01:34 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

 

2015-09-04 13:24 - 2015-07-13 01:34 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

 

2015-09-04 13:24 - 2015-07-13 01:34 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

 

2015-09-04 13:24 - 2015-07-13 01:34 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll

 

2015-09-04 13:23 - 2015-07-13 01:34 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

 

2015-09-04 12:12 - 2015-09-04 12:13 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\daniel\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe

 

2015-09-04 09:56 - 2015-10-15 14:21 - 00310528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys

 

2015-09-04 09:47 - 2015-09-04 09:47 - 00091904 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll

 

2015-09-04 09:34 - 2015-09-04 09:33 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

 

2015-09-04 06:38 - 2015-09-04 06:43 - 00000000 ____D C:\Users\daniel\AppData\Local\MicrosoftEdge

 

2015-09-04 05:51 - 2015-09-04 05:51 - 00000000 ____D C:\Users\daniel\AppData\Local\NetworkTiles

 

2015-09-04 04:31 - 2015-09-04 04:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

 

2015-09-04 02:44 - 2015-09-04 02:44 - 00002387 _____ C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

 

2015-09-04 02:40 - 2015-09-04 02:40 - 00000000 ____D C:\ProgramData\Microsoft OneDrive

 

2015-09-04 02:36 - 2015-09-04 02:36 - 00000000 ____D C:\Users\daniel\AppData\Local\Publishers

 

2015-09-04 02:33 - 2015-09-04 07:32 - 00000000 ____D C:\Users\daniel\AppData\Local\Comms

 

2015-09-04 02:32 - 2015-09-04 02:32 - 00000000 ____D C:\Users\daniel\AppData\Local\TileDataLayer

 

2015-09-04 02:31 - 2015-09-04 02:31 - 00000020 ___SH C:\Users\daniel\ntuser.ini

 

2015-09-04 01:58 - 2015-09-04 02:31 - 00000000 ___DC C:\WINDOWS\Panther

 

2015-09-04 01:58 - 2015-09-03 23:08 - 00000000 __SHD C:\Recovery

 

2015-09-04 01:43 - 2015-09-04 01:43 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll

 

2015-09-04 01:43 - 2015-09-04 01:43 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02446336 _____ C:\WINDOWS\system32\InputService.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll

 

2015-09-04 01:42 - 2015-09-04 01:42 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList

 

2015-09-04 01:31 - 2015-09-04 01:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff

 

2015-09-04 01:25 - 2015-09-04 01:25 - 00000000 ____D C:\Program Files\Reference Assemblies

 

2015-09-04 01:25 - 2015-09-04 01:25 - 00000000 ____D C:\Program Files\MSBuild

 

2015-09-04 01:25 - 2015-09-04 01:25 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

 

2015-09-04 01:25 - 2015-09-04 01:25 - 00000000 ____D C:\Program Files (x86)\MSBuild

 

2015-09-04 01:25 - 2015-09-04 01:25 - 00000000 ____D C:\inetpub

 

2015-09-04 01:24 - 2015-06-17 20:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

 

2015-09-04 01:24 - 2015-06-17 20:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

 

2015-09-04 01:24 - 2015-06-17 20:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

 

2015-09-04 01:24 - 2015-05-29 23:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

 

2015-09-04 01:24 - 2015-05-29 23:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

 

2015-09-04 01:24 - 2015-05-29 23:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

 

2015-09-03 23:37 - 2015-09-03 23:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

 

2015-09-03 23:28 - 2015-07-10 04:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

 

2015-09-03 23:23 - 2015-09-03 23:23 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata

 

2015-09-03 23:23 - 2015-09-03 23:23 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata

 

2015-09-03 23:22 - 2015-09-03 23:22 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

 

2015-09-03 23:14 - 2015-09-03 23:14 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

 

2015-09-03 23:11 - 2015-09-28 06:58 - 00000000 ____D C:\Users\daniel

 

2015-09-03 23:11 - 2015-09-04 02:32 - 00000000 ___RD C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

 

2015-09-03 23:11 - 2015-07-10 05:04 - 00000000 __RSD C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

 

2015-09-03 23:11 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

 

2015-09-03 23:11 - 2015-07-10 05:04 - 00000000 ___RD C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

 

2015-09-03 23:11 - 2015-07-10 05:04 - 00000000 ____D C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

 

2015-09-03 23:08 - 2015-11-22 13:38 - 00903454 _____ C:\WINDOWS\system32\PerfStringBackup.INI

 

2015-09-03 23:08 - 2015-09-03 23:13 - 00011587 _____ C:\WINDOWS\iis.log

 

2015-09-03 23:08 - 2015-09-03 23:08 - 00925184 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

 

2015-09-03 23:05 - 2015-09-03 23:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf

 

2015-09-03 23:05 - 2015-09-03 23:05 - 00000000 ____D C:\Program Files\Synaptics

 

2015-09-03 23:04 - 2015-11-22 12:27 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

 

2015-09-03 23:04 - 2015-09-04 13:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

 

2015-09-03 23:04 - 2015-09-03 23:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

 

2015-09-03 23:04 - 2015-09-03 23:04 - 00000000 ____D C:\Program Files\Realtek

 

2015-09-03 23:04 - 2015-09-03 23:04 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

 

2015-09-03 23:04 - 2015-09-03 23:04 - 00000000 ____D C:\Program Files\AMD

 

2015-09-03 23:04 - 2015-09-03 23:04 - 00000000 _____ C:\WINDOWS\ativpsrm.bin

 

2015-09-03 23:03 - 2015-10-15 14:21 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

 

2015-09-03 23:00 - 2015-09-03 23:01 - 00035749 _____ C:\WINDOWS\system32\NetSetupMig.log

 

2015-09-03 22:59 - 2015-11-22 09:19 - 00024172 _____ C:\WINDOWS\PFRO.log

 

2015-09-03 21:56 - 2015-09-03 23:38 - 00006629 _____ C:\WINDOWS\comsetup.log

 

2015-09-03 21:54 - 2015-09-03 23:40 - 00009528 _____ C:\WINDOWS\diagwrn.xml

 

2015-09-03 21:54 - 2015-09-03 23:40 - 00009528 _____ C:\WINDOWS\diagerr.xml

 

2015-09-02 17:18 - 2015-09-02 17:18 - 00000000 ____H C:\Users\daniel\BITEEDE.tmp

 

2015-09-02 16:48 - 2015-09-02 16:48 - 00000000 ____D C:\Program Files (x86)\Cisco

 

2015-09-02 16:47 - 2015-11-23 17:29 - 01148160 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll

 

2015-09-02 16:47 - 2013-04-01 23:19 - 00574464 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\SETF660.tmp

 

2015-09-02 16:37 - 2015-11-01 17:37 - 00003314 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDANNYWINDOW8$

 

2015-09-02 16:37 - 2015-11-01 17:37 - 00000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDANNYWINDOW8$.job

 

2015-09-02 16:25 - 2015-09-02 16:25 - 00000000 ____D C:\Users\daniel\AppData\Local\GWX

 

2015-09-02 15:49 - 2015-09-02 15:49 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk

 

2015-09-02 15:49 - 2015-09-02 15:49 - 00002507 _____ C:\Users\Public\Desktop\Safari.lnk

 

2015-09-02 15:48 - 2015-09-02 15:49 - 00000000 ____D C:\Program Files (x86)\Safari

 

2015-09-02 15:48 - 2015-09-02 15:48 - 00000000 ____D C:\ProgramData\Apple Computer

 

2015-09-02 15:47 - 2015-09-02 15:47 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

 

2015-09-02 15:47 - 2015-09-02 15:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple

 

2015-09-02 15:47 - 2015-09-02 15:47 - 00000000 ____D C:\Users\daniel\AppData\Local\Apple

 

2015-09-02 15:47 - 2015-09-02 15:47 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

 

2015-09-02 15:39 - 2015-09-02 15:45 - 38494576 _____ (Apple Inc.) C:\Users\daniel\Downloads\SafariSetup.exe

 

2015-09-02 15:26 - 2015-09-02 15:26 - 00000000 ____D C:\Users\daniel\AppData\Roaming\Opera Software

 

2015-09-02 15:26 - 2015-09-02 15:26 - 00000000 ____D C:\Users\daniel\AppData\Local\Opera Software

 

2015-09-02 15:25 - 2015-11-19 16:34 - 00003948 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441229050

 

2015-09-02 15:24 - 2015-11-19 16:34 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

 

2015-09-02 15:24 - 2015-09-02 15:24 - 00001154 _____ C:\Users\Public\Desktop\Opera.lnk

 

2015-09-02 15:18 - 2015-11-19 16:34 - 00000000 ____D C:\Program Files (x86)\Opera

 

2015-09-02 15:17 - 2015-09-02 15:17 - 00703384 _____ (Opera Software) C:\Users\daniel\Downloads\Opera_NI_stable.exe

 

2015-09-02 08:08 - 2015-11-11 02:12 - 00000000 ____D C:\WINDOWS\system32\MRT

 

2015-09-02 08:08 - 2015-11-11 01:57 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

 

2015-09-01 15:41 - 2014-07-09 22:08 - 00321536 ____N (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll

 

2015-09-01 13:04 - 2015-07-05 04:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

 

2015-09-01 12:42 - 2015-05-25 07:23 - 00036864 ____N (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll

 

2015-09-01 07:55 - 2015-09-01 07:55 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\7EB20BC9.sys

 

 

==================== Three Months Modified files and folders ========

 

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

 

2015-11-24 23:23 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\sru

 

2015-11-24 16:31 - 2015-08-10 15:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

 

2015-11-24 09:21 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\AppReadiness

 

2015-11-23 17:35 - 2014-12-24 06:18 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log

 

2015-11-23 17:29 - 2014-03-31 19:07 - 00000000 ____D C:\SWSetup

 

2015-11-22 13:33 - 2015-07-10 06:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

 

2015-11-22 13:30 - 2015-07-10 06:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

 

2015-11-22 12:27 - 2015-07-10 03:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI

 

2015-11-16 04:30 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\NDF

 

2015-11-14 09:49 - 2015-07-10 05:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP

 

2015-11-14 09:02 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\rescache

 

2015-11-12 15:30 - 2015-07-10 06:20 - 00024417 _____ C:\WINDOWS\setupact.log

 

2015-11-11 13:48 - 2015-07-10 05:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

 

2015-11-11 02:26 - 2015-07-10 04:55 - 00000000 ____D C:\WINDOWS\CbsTemp

 

2015-11-03 12:20 - 2015-07-10 05:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

 

2015-11-03 12:20 - 2015-07-10 05:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

 

 

==================== Files in the root of some directories =======

 

 

2015-10-01 13:24 - 2015-10-01 13:24 - 0004604 _____ () C:\Users\dannyboy\AppData\Local\installer.log

 

2015-09-11 09:23 - 2015-10-16 23:00 - 0007605 _____ () C:\Users\dannyboy\AppData\Local\resmon.resmoncfg

 

2015-09-24 08:18 - 2015-09-24 08:22 - 0000090 _____ () C:\ProgramData\Temp.log

 

 

Some files in TEMP:

 

====================

 

C:\Users\daniel\AppData\Local\Temp\ACLMInstaller.exe

 

C:\Users\daniel\AppData\Local\Temp\Extract.exe

 

C:\Users\daniel\AppData\Local\Temp\SP67148.exe

 

C:\Users\daniel\AppData\Local\Temp\SP67331.exe

 

C:\Users\daniel\AppData\Local\Temp\SP67334.exe

 

C:\Users\daniel\AppData\Local\Temp\SP69482.exe

 

C:\Users\daniel\AppData\Local\Temp\SP70869.exe

 

C:\Users\daniel\AppData\Local\Temp\SP71829.exe

 

 

 

==================== Bamital & volsnap =================

 

 

(There is no automatic fix for files that do not pass verification.)

 

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

 

C:\WINDOWS\system32\wininit.exe => File is digitally signed

 

C:\WINDOWS\explorer.exe => File is digitally signed

 

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

 

C:\WINDOWS\system32\svchost.exe => File is digitally signed

 

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

 

C:\WINDOWS\system32\services.exe => File is digitally signed

 

C:\WINDOWS\system32\User32.dll => File is digitally signed

 

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

 

C:\WINDOWS\system32\userinit.exe => File is digitally signed

 

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

 

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

 

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

 

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

 

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

 

 

LastRegBack: 2015-11-24 09:28

 

 

==================== End of FRST.txt ============================


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#8 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 25 November 2015 - 03:28 PM

I guess this will take awhile BC is timeing out. Error524

The problem is not at my end or the cloud server but at BC

Ray id 23afff9b9e4a1189.

 

Will try back this afternoon.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:44 PM

Posted 25 November 2015 - 04:49 PM

Please attach the logs.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#10 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 25 November 2015 - 06:08 PM

We will try again attaching logs
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-11-2015
Ran by dannyboy (2015-11-24 23:33:39)
Running from C:\Users\dannyboy\Downloads
Windows 10 Home (X64) (2015-09-04 08:30:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-782195896-258928022-3752220500-500 - Administrator - Disabled)
daniel (S-1-5-21-782195896-258928022-3752220500-1002 - Administrator - Enabled) => C:\Users\daniel
dannyboy (S-1-5-21-782195896-258928022-3752220500-1005 - Administrator - Enabled) => C:\Users\dannyboy
DefaultAccount (S-1-5-21-782195896-258928022-3752220500-503 - Limited - Disabled)
Guest (S-1-5-21-782195896-258928022-3752220500-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-782195896-258928022-3752220500-1004 - Limited - Enabled)
linda (S-1-5-21-782195896-258928022-3752220500-1006 - Limited - Enabled) => C:\Users\linda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.318.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.318.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company)
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Catalyst Install Manager (HKLM\...\{301D3AA1-5DCC-FCFD-622E-3C7CBA87C80F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Aviator (HKLM-x32\...\{B0E4AA1D-76A7-48B5-AAA1-D68BDBB1FF99}) (Version: 2.6 - WhiteHat Security, Inc.)
Belarc Advisor 8.5a (HKLM-x32\...\Belarc Advisor) (Version: 8.5.1.0 - Belarc Inc.)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET NOD32 Antivirus (HKLM\...\{60853F5E-E6F5-4A34-BBCD-C09D49BB5E64}) (Version: 9.0.318.0 - ESET, spol. s r.o.)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.32 - SecureMix LLC)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{2C0CCB21-5ED3-4417-93D2-CC6BEEB3C7CF}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.6.1 - Eastman Kodak Company)
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Suite (x32 Version: 10 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
PersonalAccountingSoftware (HKLM-x32\...\{51803283-5876-47A0-AC2A-754C7001F2E2}) (Version: 1.2 - personalaccountingsoftware.net)
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.62 - REALTEK Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1206 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Windows Inspection Tool Set 3.0.25 (64 bit) (HKLM\...\{1E21BF41-8253-4C6A-83F3-BDF92E5DC169}) (Version: 3.0.25 - Ashok P. Nadkarni)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-782195896-258928022-3752220500-1005_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\dannyboy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileCoAuth.exe (Microsoft Corporation)

==================== Restore Points =========================

07-11-2015 10:10:03 Scheduled Checkpoint
11-11-2015 01:56:17 Windows Update
19-11-2015 11:35:32 Scheduled Checkpoint
22-11-2015 09:05:46 HPSF Applying updates
23-11-2015 17:22:26 HPSF Applying updates

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4EA1C3DF-9C3B-41DE-8185-D652AD6540EC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {652AD89B-0798-43FB-BAD9-861F1CFB9322} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6D8A44D8-92FC-4615-8368-2B8226A282F0} - System32\Tasks\SUPERAntiSpyware Scheduled Task d9975a45-fbea-40f6-88cf-2fe7321bc58f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {74C96B58-CE51-4FB1-BD72-CB95CE266063} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {85FAEAA6-59DC-4C8E-96E4-D41CE2909A7B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-17] (Synaptics Incorporated)
Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8F80CA98-FE6E-4EDF-A81E-55CEC69CD053} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {9FA43EDA-861E-439B-8D8C-96C62BFAA1E7} - System32\Tasks\HPCeeScheduleFordannyboy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {A2E063A3-354F-42D6-9050-E9D9BFB70303} - System32\Tasks\AviatorUpdateTask => Wscript.exe "C:\Program Files (x86)\WhiteHat\Aviator\Update\BatchLauncher.vbs" "C:\Program Files (x86)\WhiteHat\Aviator\Update\AviatorAutoUpdate.exe"
Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ADB52394-409D-4EC8-A4BC-71BA133C5F4E} - System32\Tasks\SUPERAntiSpyware Scheduled Task 9fc4a3f1-4e71-48e3-a503-c593c50fb5cc => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {AF177AEA-3EEA-43B6-8799-97964096CC72} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {BD9015C0-10AF-4591-8B14-ACEAF66209BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C87F689D-2985-4B4F-8A09-F3D559C2E3CE} - System32\Tasks\Opera scheduled Autoupdate 1441229050 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {C8CFD579-D4CC-4EE8-894B-F8B1B5A96DC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {D4898C6A-8868-4AB5-9CDD-7B3F8F0B2CFF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D60685E8-7FF2-45E2-84E7-EC19E5472B4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)
Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F6D518C9-C0F8-4453-A36C-A8F4C6AD4AE3} - System32\Tasks\HPCeeScheduleForDANNYWINDOW8$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFordannyboy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDANNYWINDOW8$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 9fc4a3f1-4e71-48e3-a503-c593c50fb5cc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d9975a45-fbea-40f6-88cf-2fe7321bc58f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-04 01:42 - 2015-09-04 01:42 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-09-25 07:49 - 2013-09-25 07:49 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-25 07:48 - 2013-09-25 07:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-09-04 01:42 - 2015-09-04 01:42 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-21 19:51 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-21 19:51 - 2015-09-17 00:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-21 19:47 - 2015-09-16 23:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:59 - 2015-07-10 04:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-21 19:52 - 2015-09-16 23:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-21 19:44 - 2015-09-16 23:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-21 19:44 - 2015-09-16 23:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-21 19:51 - 2015-09-16 23:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 05:00 - 2015-07-10 07:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-10-13 08:56 - 2015-10-13 08:56 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:10894A2E

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-782195896-258928022-3752220500-1005\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Conime"
HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-782195896-258928022-3752220500-1005\...\StartupApproved\Run: => "WiTS"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D16A0F76-7CF6-48F7-BCE7-A3BC00E4ADB7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{91DDCA36-2391-42E9-BFB8-8DB98DCC17F6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B31CF3E5-DCFA-4A80-9DA5-9B6BD1B98389}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CC34FF24-9C87-4159-8560-0FC14D43D10F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{150FBC6F-7AB5-4063-A0FB-EAC794994B93}] => (Allow) LPort=1900
FirewallRules: [{AF3331A2-97B7-4313-AC3F-01DBA6B2C4FE}] => (Allow) LPort=2869
FirewallRules: [{8D444952-FDB7-4FA5-901C-2462C1A37F99}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{651D9C37-026A-4825-B24D-C4D884E59460}] => (Allow) LPort=5353
FirewallRules: [{B8D48680-1096-422D-8506-0EB706BBB47E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31E2060F-CB04-4743-BDCA-726528F62785}] => (Allow) LPort=9322
FirewallRules: [{F3A400CD-11F3-4DD2-BC1E-A37DE51698C8}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{4FB31853-0D3C-4CEE-BA9A-F26746DBC5BD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{9CD86D09-D91C-4E82-8E3E-25E76D024913}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{3EFBF106-554B-427A-B427-404B240B127D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{DB6F669F-5347-48D2-80CE-07EA9EE29775}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{31D33237-B4B6-46E3-BC18-298E66C41493}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{1FFB9CAB-B046-46E5-A102-3546B46E0603}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{424B0545-8924-4698-9E2D-8E9C24CAEB28}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{27B008C8-0EE1-4EA5-8CA5-7869CAFC7965}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{990007EA-395E-4995-B9DD-1DEB2B329360}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{A2EAB6D9-FA91-46A9-B484-A4A03CB481A8}] => (Allow) LPort=5353
FirewallRules: [{D59C23E6-D812-4410-BCB0-ECBBAF49ACFF}] => (Allow) LPort=9322
FirewallRules: [{DE1D8064-C76A-4C5C-88CB-A1623086F9AB}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{F48B4B3D-002D-4CC6-87FE-F1464F7D3FCD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{64BD5CDF-B93D-4D98-B7F4-C3751F5F81D4}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{44846DD5-A339-4DCC-BF03-038D8B8C1AD4}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{F7B46A63-5AF5-4C55-B07A-AE799D9241E9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{00FC2F3A-0D45-49D7-BE44-AB45F64338E3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{45990E6D-DC9F-421A-8B70-ABB5C09DFA93}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{631829B7-8C29-412A-8B98-8AB2AECC7D63}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{C337CE32-F2A8-4915-8B29-7BD693DF844D}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{B8B1D8C7-DC0C-4A5C-AB24-91B24EF27990}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{32229AE9-D9B1-4D7F-A2F9-2DDBEC52719C}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{61BD9AC6-AE7C-4D4B-985E-A04412860992}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2015 04:43:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.10240.16412, time stamp: 0x55b99d3f
Faulting module name: IEFRAME.dll, version: 11.0.10240.16590, time stamp: 0x563ad6aa
Exception code: 0xc0000005
Fault offset: 0x00000000001bfb9d
Faulting process id: 0x1284
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (11/24/2015 11:44:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.10240.16412, time stamp: 0x55b99d3f
Faulting module name: IEFRAME.dll, version: 11.0.10240.16590, time stamp: 0x563ad6aa
Exception code: 0xc0000005
Fault offset: 0x00000000001bfb9d
Faulting process id: 0x13bc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (11/24/2015 09:48:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.10240.16412, time stamp: 0x55b99d3f
Faulting module name: IEFRAME.dll, version: 11.0.10240.16590, time stamp: 0x563ad6aa
Exception code: 0xc0000005
Fault offset: 0x00000000001bfb9d
Faulting process id: 0xc34
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (11/24/2015 09:18:22 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (11/24/2015 09:15:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: dannywindow8)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/24/2015 03:58:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: dannywindow8)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/24/2015 03:58:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 112c

Start Time: 01d1269e5e763096

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Report Id: e39770ee-9291-11e5-8293-a02bb856a7a7

Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Error: (11/24/2015 03:56:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: dannywindow8)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (11/24/2015 03:46:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: dannywindow8)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/24/2015 03:45:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: dannywindow8)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (11/24/2015 08:50:46 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (11/24/2015 08:50:46 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (11/24/2015 06:24:42 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (11/24/2015 06:24:42 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

Error: (11/24/2015 09:15:20 AM) (Source: DCOM) (EventID: 10010) (User: dannywindow8)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/24/2015 09:15:20 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (11/24/2015 06:53:31 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/24/2015 06:53:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/24/2015 06:53:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/24/2015 06:53:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2015-09-07 21:48:01.086
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-07 21:48:01.033
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-07 21:41:14.640
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-07 21:41:14.570
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD E1-2100 APU with Radeon™ HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 7650.01 MB
Available physical RAM: 4831.22 MB
Total Virtual: 8866.01 MB
Available Virtual: 6184.39 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:444.29 GB) (Free:404.09 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.63 GB) (Free:1.93 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A9A16C4F)

Partition: GPT.

==================== End of Addition.txt ============================

Edited by Oh My!, 26 November 2015 - 09:39 AM.

HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#11 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 26 November 2015 - 09:51 AM

I apologise I must have hit the wrong button the other day and made a new post. Somebody moved it for me.

Thanks whoever moved it.

So Gary your logs are here or there or somewhere. lol

 

Thanks

Danny is my name.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:44 PM

Posted 26 November 2015 - 10:28 AM

Greetings and Happy Thanksgiving.

Sorry for the delay, I was not notified of your reply. Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
File: C:\Users\daniel\BITEEDE.tmp
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 26 November 2015 - 11:19 AM

Fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version:23-11-2015

 

Ran by dannyboy (2015-11-26 10:13:10) Run:1

 

Running from C:\Users\dannyboy\Desktop

 

Loaded Profiles: dannyboy (Available Profiles: daniel & dannyboy & linda)

 

Boot Mode: Normal

 

==============================================

 

 

fixlist content:

 

*****************

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmpHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmpHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmpHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmpHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmpHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-782195896-258928022-3752220500-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File

 

Task: {20BCB362-4740-445F-9946-7946FBB66E57} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

 

Task: {2DF4BE41-8E34-4317-8354-0E29E9826AA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

 

Task: {6AC9C75F-857E-4789-BB53-C1E9E0A47292} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

 

Task: {7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

 

Task: {8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

 

Task: {8BADA914-A453-4F6E-8819-7AB52DFC2236} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

 

Task: {A9F5A160-5DDE-4F39-810E-25CF464C784D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

 

Task: {BFC090C2-93CB-4A24-8289-85235FCAACAA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

 

Task: {E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

 

Task: {E74857E8-C568-45F4-810A-DCA1136F4F98} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

 

File: C:\Users\daniel\BITEEDE.tmp

 

*****************

 

 

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

 

"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

 

"HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

 

"HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully

 

"HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{20BCB362-4740-445F-9946-7946FBB66E57}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DF4BE41-8E34-4317-8354-0E29E9826AA2}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AC9C75F-857E-4789-BB53-C1E9E0A47292}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BADA914-A453-4F6E-8819-7AB52DFC2236}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F5A160-5DDE-4F39-810E-25CF464C784D}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFC090C2-93CB-4A24-8289-85235FCAACAA}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E74857E8-C568-45F4-810A-DCA1136F4F98}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98}" => key removed successfully

 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.

 

HKU\S-1-5-21-782195896-258928022-3752220500-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20BCB362-4740-445F-9946-7946FBB66E57} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF4BE41-8E34-4317-8354-0E29E9826AA2} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC9C75F-857E-4789-BB53-C1E9E0A47292} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2AFDAE-4F21-4576-89B2-F7FE5DB1F495} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BC113-4B8B-40F0-9F15-E3B8874FDB81} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BADA914-A453-4F6E-8819-7AB52DFC2236} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F5A160-5DDE-4F39-810E-25CF464C784D} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFC090C2-93CB-4A24-8289-85235FCAACAA} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7C600-A1C5-4EB9-A0F2-5CFCED1A88A9} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E74857E8-C568-45F4-810A-DCA1136F4F98} => key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.

 

 

========================= File: C:\Users\daniel\BITEEDE.tmp ========================

 

 

File not signed

 

MD5:

 

Creation and modification date: 2015-09-02 17:18 - 2015-09-02 17:18

 

Size: 0000000

 

Attributes: ---AH

 

Company Name:

 

Internal Name:

 

Original Name:

 

Product:

 

Description:

 

File Version:

 

Product Version:

 

Copyright:

 

 

====== End of File: ======

 

 

 

==== End of Fixlog 10:13:45 ====


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,430 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:44 PM

Posted 26 November 2015 - 11:25 AM

That looks good. I am not seeing any malware on your computer. I may be referring you to a different forum to address the Operating System but before doing so can you describe your current issues?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#15 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:07:44 PM

Posted 26 November 2015 - 12:35 PM

IE sometimes opens and closes on its own.  Win 10 has quit working like it used to work.  The win 10 email app has taken over all of my email clients even those that I chose not to list with it.  If I go to email from a link online the win 10 app takes over and will not send the email.  Unexplainable memory and cpu useage in task manager with no processes or services showing corresponding useage. Stuff like that.

 

So eliminateing malware leaves us with a system problem.  That is what I was afraid of.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users