Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RK log


  • This topic is locked This topic is locked
14 replies to this topic

#1 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 15 January 2016 - 04:22 PM

Should I delete


Report Details



Program
RogueKiller V11.0.7.0 [Jan 11 2016] (Free) by Adlice Software

Operating System
Windows 10 (10.0.10586) 64 bits version

User
Peter [Administrator]

Started in
Normal mode

Started from
Started from : C:\Users\Peter\Downloads\RogueKiller (5).exe

Mode
Date : 01/15/2016 15:53:34


Memory


Registry


Tasks


Filesystem


Hosts File


Antirootkit


Web Browsers


Disks









Registry
Detection

Name

Path

Key/Value

Data

Status


PUP SOFTWARE (X64) HKEY_LOCAL_MACHINE\Software Partner Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3b5fced6-9cec-4ab5-913b-226971ae77ce} DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ab704b77-d610-49aa-a866-3a6cbd4f8689} DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3b5fced6-9cec-4ab5-913b-226971ae77ce} DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found
PUM.Dns DNS (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ab704b77-d610-49aa-a866-3a6cbd4f8689} DhcpNameServer 167.206.245.135 167.206.245.136 ([-][X]) Found


Back to the top



©2010-2015 Adlice Software


Thank you
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 17 January 2016 - 10:34 AM


These are always the same two IP adresses, that Roguekiller lists, they belong to the same company.

Is the IP adress related to your Internet Provider?
http://www.ip-adress.com/whois/167.206.245.136

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 17 January 2016 - 06:02 PM

Hi thanks, yes that is mine, Cablevision or Optimum.

Edited by boopme, 17 January 2016 - 06:03 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 17 January 2016 - 06:22 PM

RogueKiller has some false Alarm(s)...

---

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 17 January 2016 - 07:05 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-01-2015
Ran by Peter (administrator) on BOOPMELAPPY (17-01-2016 18:58:47)
Running from C:\Users\Peter\Downloads
Loaded Profiles: Peter (Available Profiles: UpdatusUser & Peter)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.7.1041.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM\...\RunOnce: [WinSATRestorePower] => powercfg -setactive 381b4222-f694-41f0-9685-ff5bb260df2e
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 167.206.245.135 167.206.245.136
Tcpip\..\Interfaces\{3b5fced6-9cec-4ab5-913b-226971ae77ce}: [DhcpNameServer] 167.206.245.135 167.206.245.136
Tcpip\..\Interfaces\{ab704b77-d610-49aa-a866-3a6cbd4f8689}: [DhcpNameServer] 167.206.245.135 167.206.245.136

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1595921355-173663684-2867874930-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: The Amazon 1Button App for Internet Explorer -> {BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll [2015-09-17] (Amazon Inc.)
BHO-x32: The Amazon 1Button App for Internet Explorer -> {BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper.dll [2015-09-17] (Amazon Inc.)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [456000 2015-09-17] (Amazon Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-18] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-13] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-13] (ESET)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-12-21] (Toshiba Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2016-01-15] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 18:57 - 2016-01-17 18:57 - 02370560 _____ (Farbar) C:\Users\Peter\Downloads\FRST64.exe
2016-01-15 15:42 - 2016-01-15 15:42 - 20844104 _____ C:\Users\Peter\Downloads\RogueKiller (5).exe
2016-01-15 15:38 - 2016-01-15 15:40 - 00114688 _____ C:\Users\Peter\Downloads\RogueKiller (4).exe.ha3e0uu.partial
2016-01-14 14:23 - 2016-01-14 14:23 - 00150729 _____ C:\Users\Peter\Downloads\_4JI0NN94R.PDF
2016-01-12 19:19 - 2016-01-12 19:19 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-12 16:17 - 2016-01-12 16:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-12 15:56 - 2016-01-04 21:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 15:56 - 2016-01-04 21:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 15:56 - 2016-01-04 21:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 15:56 - 2016-01-04 21:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 15:56 - 2016-01-04 21:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 15:56 - 2016-01-04 21:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 15:56 - 2016-01-04 21:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 15:56 - 2016-01-04 21:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 15:56 - 2016-01-04 21:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 15:56 - 2016-01-04 21:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 15:56 - 2016-01-04 21:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 15:56 - 2016-01-04 21:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 15:56 - 2016-01-04 21:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 15:56 - 2016-01-04 21:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 15:56 - 2016-01-04 21:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 15:56 - 2016-01-04 21:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 15:56 - 2016-01-04 21:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 15:56 - 2016-01-04 21:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 15:56 - 2016-01-04 21:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 15:56 - 2016-01-04 21:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 15:56 - 2016-01-04 21:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 15:56 - 2016-01-04 21:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 15:56 - 2016-01-04 21:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 15:56 - 2016-01-04 21:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 15:56 - 2016-01-04 20:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 15:56 - 2016-01-04 20:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-12 15:56 - 2016-01-04 20:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 15:56 - 2016-01-04 20:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 15:56 - 2016-01-04 20:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 15:56 - 2016-01-04 20:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-01-12 15:56 - 2016-01-04 20:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 15:56 - 2016-01-04 20:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 15:56 - 2016-01-04 20:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 15:56 - 2016-01-04 20:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 15:56 - 2016-01-04 20:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 15:56 - 2016-01-04 20:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 15:56 - 2016-01-04 20:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-12 15:56 - 2016-01-04 20:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 15:56 - 2016-01-04 20:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 15:56 - 2016-01-04 20:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 15:56 - 2016-01-04 20:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 15:56 - 2016-01-04 20:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 15:56 - 2016-01-04 20:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 15:56 - 2016-01-04 20:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 15:56 - 2016-01-04 20:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 15:56 - 2016-01-04 20:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 15:56 - 2016-01-04 20:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 15:56 - 2016-01-04 20:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 15:56 - 2016-01-04 20:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 15:56 - 2016-01-04 20:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 15:56 - 2016-01-04 20:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 15:56 - 2016-01-04 20:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 15:56 - 2016-01-04 20:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 15:56 - 2016-01-04 20:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-12 15:56 - 2016-01-04 20:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 15:56 - 2016-01-04 20:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 15:56 - 2016-01-04 20:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 15:56 - 2016-01-04 20:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 15:56 - 2016-01-04 20:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 15:56 - 2016-01-04 20:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 15:56 - 2016-01-04 20:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 15:56 - 2016-01-04 20:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 15:56 - 2016-01-04 20:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 15:56 - 2016-01-04 20:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 15:56 - 2016-01-04 20:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 15:56 - 2016-01-04 20:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 15:56 - 2016-01-04 20:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 15:56 - 2016-01-04 20:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 15:56 - 2016-01-04 20:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 15:56 - 2016-01-04 20:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 15:56 - 2016-01-04 20:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 15:56 - 2016-01-04 20:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 15:56 - 2016-01-04 20:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 15:56 - 2016-01-04 20:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 15:56 - 2016-01-04 20:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 15:56 - 2016-01-04 20:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 15:56 - 2016-01-04 20:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 15:56 - 2016-01-04 20:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 11:04 - 2016-01-12 11:04 - 00002243 _____ C:\Users\Peter\Desktop\Tweaking.com - Windows Repair.lnk
2016-01-12 11:03 - 2016-01-12 11:04 - 00183462 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2016-01-12 11:03 - 2016-01-12 11:03 - 00003774 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-01-12 11:03 - 2016-01-12 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-01-12 11:03 - 2016-01-12 11:03 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-01-12 11:02 - 2016-01-12 11:03 - 21102632 _____ (Tweaking.com) C:\Users\Peter\Downloads\tweaking.com_windows_repair_aio_setup (2).exe
2016-01-12 11:00 - 2016-01-12 11:00 - 00000825 _____ C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk
2016-01-12 11:00 - 2016-01-12 11:00 - 00000099 _____ C:\WINDOWS\Reimage.ini
2016-01-12 10:59 - 2016-01-12 10:59 - 00772016 _____ (Reimage®) C:\Users\Peter\Downloads\ReimageRepair.exe
2016-01-12 10:56 - 2016-01-12 11:04 - 21102632 _____ (Tweaking.com) C:\Users\Peter\Downloads\tweaking.com_windows_repair_aio_setup (1).exe.0dr9xeh.partial
2016-01-12 10:39 - 2016-01-12 10:40 - 00000499 _____ C:\Users\Peter\Downloads\Appsdiagnostic10.diagcab
2016-01-12 10:33 - 2016-01-12 10:33 - 00891392 _____ (Farbar) C:\Users\Peter\Downloads\MiniToolBox (1).exe
2015-12-31 14:06 - 2015-12-08 22:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-30 21:33 - 2015-12-30 21:33 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\Peter\Downloads\procexp.exe
2015-12-30 21:30 - 2015-12-30 21:32 - 00000000 ____D C:\Users\Peter\Downloads\ProcessExplorer
2015-12-30 21:29 - 2015-12-30 21:29 - 01186640 _____ C:\Users\Peter\Downloads\ProcessExplorer.zip
2015-12-29 21:08 - 2015-12-29 21:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-28 21:28 - 2015-12-29 09:36 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-28 21:24 - 2015-12-28 21:24 - 00000000 ____D C:\Windows.old
2015-12-28 21:06 - 2015-12-28 21:06 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-28 21:06 - 2015-12-28 21:06 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-28 21:06 - 2015-12-28 21:06 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-28 21:06 - 2015-12-28 21:06 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-28 21:06 - 2015-12-28 21:06 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-28 21:06 - 2015-12-28 21:06 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-28 21:06 - 2015-12-28 21:06 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-28 21:06 - 2015-12-28 21:06 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-28 21:06 - 2015-12-28 21:06 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-28 21:06 - 2015-12-28 21:06 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-28 21:06 - 2015-12-28 21:06 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-28 21:06 - 2015-12-28 21:06 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-28 21:03 - 2015-12-28 21:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-28 21:00 - 2015-12-28 21:00 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-28 21:00 - 2015-12-28 21:00 - 00000000 ____D C:\Program Files\MSBuild
2015-12-28 21:00 - 2015-12-28 21:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-28 21:00 - 2015-12-28 21:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-28 21:00 - 2015-10-23 20:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-28 21:00 - 2015-10-23 20:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-28 21:00 - 2015-10-23 20:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-28 21:00 - 2015-10-23 20:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-28 21:00 - 2015-10-23 20:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-28 21:00 - 2015-10-23 20:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-28 19:10 - 2015-12-28 19:10 - 00000000 ____D C:\Users\Peter\AppData\Local\ActiveSync
2015-12-28 19:08 - 2015-12-28 19:08 - 00000020 ___SH C:\Users\Peter\ntuser.ini
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default\My Documents
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2015-12-28 18:58 - 2015-12-28 18:58 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2015-12-28 18:52 - 2016-01-17 09:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-28 18:52 - 2015-12-28 18:52 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-28 18:41 - 2015-12-28 18:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-28 18:38 - 2015-12-28 18:41 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-28 18:37 - 2016-01-17 09:41 - 00000000 ____D C:\Users\Peter
2015-12-28 18:37 - 2015-12-28 18:50 - 00000000 ____D C:\Users\UpdatusUser
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\UpdatusUser\My Documents
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Videos
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Pictures
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Music
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\Peter\My Documents
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\Peter\Documents\My Videos
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\Peter\Documents\My Pictures
2015-12-28 18:37 - 2015-12-28 18:37 - 00000000 _SHDL C:\Users\Peter\Documents\My Music
2015-12-28 18:34 - 2015-12-28 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-12-28 18:34 - 2015-12-28 18:34 - 00000000 ____D C:\WINDOWS\system32\NV
2015-12-28 18:34 - 2015-12-28 18:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-28 18:34 - 2015-07-13 12:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-28 18:34 - 2015-07-13 12:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-28 18:34 - 2015-07-13 12:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-28 18:34 - 2015-07-13 11:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-28 18:33 - 2015-12-28 18:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-28 18:33 - 2015-12-28 18:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-28 18:33 - 2015-12-28 18:33 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-28 18:33 - 2015-12-28 18:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-28 18:33 - 2015-12-28 18:33 - 00000000 ____D C:\Program Files\Intel
2015-12-28 18:33 - 2015-12-28 18:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-28 18:33 - 2015-10-18 12:19 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-28 18:33 - 2015-10-18 12:19 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-28 18:32 - 2015-12-28 18:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-28 18:32 - 2015-12-28 18:32 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-28 18:32 - 2015-12-28 18:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-28 18:32 - 2015-12-28 18:32 - 00000000 ____D C:\Program Files\Synaptics
2015-12-28 18:32 - 2015-12-28 18:32 - 00000000 ____D C:\Program Files\Realtek
2015-12-28 18:32 - 2015-10-30 02:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-28 18:29 - 2016-01-12 13:48 - 00189240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-28 17:45 - 2015-12-28 18:57 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-12-28 17:45 - 2015-12-28 18:57 - 00013338 _____ C:\WINDOWS\diagerr.xml
2015-12-22 20:54 - 2015-12-22 20:54 - 00000000 ____D C:\Program Files\Reason
2015-12-22 20:51 - 2015-12-22 20:52 - 02827152 _____ (Reason Company Software Inc.) C:\Users\Peter\Downloads\herdProtectScan_Portable.exe
2015-12-21 12:48 - 2015-12-21 12:48 - 00079632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtfltcoex.sys
2015-12-21 12:48 - 2015-12-21 12:48 - 00054424 _____ (Toshiba Corporation) C:\WINDOWS\system32\Drivers\Thotkey.sys
2015-12-20 18:43 - 2015-12-20 18:43 - 00001157 _____ C:\Users\Peter\Downloads\adServerESI (3).js

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 18:58 - 2015-09-30 19:23 - 00008299 _____ C:\Users\Peter\Downloads\FRST.txt
2016-01-17 18:57 - 2015-09-30 19:23 - 00000000 ____D C:\FRST
2016-01-17 16:08 - 2015-11-29 16:49 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A559658F-3A26-41AA-89E0-943DEDBD80EC}
2016-01-17 10:14 - 2015-10-26 13:15 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2016-01-17 09:45 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-17 09:45 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-17 09:45 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-17 09:45 - 2015-10-01 15:25 - 00814664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 09:41 - 2015-07-30 10:55 - 00000000 __SHD C:\Users\Peter\IntelGraphicsProfiles
2016-01-15 16:18 - 2015-10-26 13:00 - 00030848 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-12 23:15 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-12 23:15 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-12 16:20 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 16:19 - 2015-10-02 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-12 16:18 - 2015-10-02 18:58 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 13:48 - 2015-10-30 01:28 - 00000000 ____D C:\Windows
2016-01-12 13:39 - 2015-11-29 21:20 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-01-12 13:31 - 2015-11-25 22:08 - 00879220 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-12 10:40 - 2015-10-01 17:27 - 00000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2016-01-12 10:33 - 2015-08-11 11:05 - 00024282 _____ C:\Users\Peter\Downloads\MTB.txt
2016-01-06 22:28 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-02 20:40 - 2015-10-30 02:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-02 20:40 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 09:36 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-28 21:28 - 2015-10-30 02:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-28 21:06 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-28 21:06 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-28 21:06 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-28 21:06 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-28 21:06 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-28 21:06 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-28 19:27 - 2015-10-01 15:26 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-12-28 19:26 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-28 19:12 - 2015-10-01 15:31 - 00002374 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-28 19:12 - 2014-04-22 23:36 - 00000000 __RDO C:\Users\Peter\OneDrive
2015-12-28 19:09 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-28 19:09 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-28 19:09 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-28 19:09 - 2013-05-05 19:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-28 19:08 - 2015-10-01 15:24 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-28 18:59 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-28 18:56 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-28 18:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-28 18:53 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-28 18:52 - 2015-11-25 22:13 - 00002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-12-28 18:51 - 2015-10-30 02:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-28 18:41 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-28 18:41 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-28 18:41 - 2015-10-01 18:40 - 00000000 ____D C:\Users\Default.migrated
2015-12-28 18:40 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-28 18:39 - 2015-10-30 02:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-28 18:39 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-28 18:39 - 2015-10-01 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-12-28 18:36 - 2015-10-30 01:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-28 18:34 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-28 18:29 - 2015-10-30 04:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-28 17:45 - 2015-10-30 04:42 - 00000000 ___HD C:\$WINDOWS.~BT

Some files in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-08 20:18

==================== End of FRST.txt ============================


FRST was originally run on here on Sept 2015..do you want that Addition log?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 18 January 2016 - 06:53 AM

FRST was originally run on here on Sept 2015..do you want that Addition log?

Yes, please post it.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 18 January 2016 - 10:15 AM

Here....Thanks

Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-09-2015
Ran by Genesisok (2015-09-23 19:01:00)
Running from C:\Users\Genesisok\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-09-23 22:23:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-917618366-3063641527-3838225653-500 - Administrator - Disabled)
Genesisok (S-1-5-21-917618366-3063641527-3838225653-1000 - Administrator - Enabled) => C:\Users\Genesisok
Guest (S-1-5-21-917618366-3063641527-3838225653-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-09-2015 13:37:44 Windows Update
23-09-2015 15:23:38 Windows Update
23-09-2015 15:36:01 Installed NETGEAR WNDA3100v2 wireless USB 2.0 adapter
23-09-2015 15:36:44 Device Driver Package Install: NETGEAR Inc. Network Protocol
23-09-2015 16:47:54 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7F866799-4462-4E68-A583-ABD583865B23} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f640ca019c70.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-09-23 15:36 - 2011-12-14 17:53 - 00303360 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
2015-09-23 15:36 - 2011-12-14 10:22 - 00368640 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
2015-09-23 15:36 - 2011-12-14 17:55 - 08453376 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2015-09-23 15:36 - 2011-12-14 10:43 - 00278528 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2015-09-23 14:25 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Genesisok\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-09-23 14:25 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Genesisok\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-917618366-3063641527-3838225653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Genesisok\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9090624E-DCBE-4D3A-8A2B-5D102D48F8FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2015 06:28:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2015 01:59:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2015 01:40:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2015 03:36:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f162480f-849b-441f-ad81-98b26d0ce55e}

Error: (09/23/2015 03:21:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F050
Partial Pkey=HB8FQ
ACID=?
Detailed Error[?]

Error: (09/23/2015 03:19:17 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F050
Partial Pkey=HB8FQ
ACID=?
Detailed Error[?]

Error: (09/23/2015 03:16:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/23/2015 01:55:53 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/23/2015 01:45:46 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/23/2015 01:45:32 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (09/23/2015 01:39:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv.dll
Error Code: 21

Error: (09/23/2015 01:39:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv.dll
Error Code: 21

Error: (09/23/2015 01:39:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/23/2015 01:39:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/23/2015 01:39:01 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/23/2015 01:38:54 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/23/2015 01:38:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
spldr
Wanarpv6


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 37%
Total physical RAM: 3069.61 MB
Available physical RAM: 1914.73 MB
Total Virtual: 6137.51 MB
Available Virtual: 4794.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:135.91 GB) NTFS
Drive d: (WNDA3100v2) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 05F4F78D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 18 January 2016 - 10:23 AM

Hello,
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt
 
start
CreateRestorePoint:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1595921355-173663684-2867874930-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]
C:\Users\Peter\AppData\Local\Temp\dllnt_dump.dll
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.


***



Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 18 January 2016 - 12:58 PM

nable to paste logs, so thy are attached.

 

Attached Files


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 18 January 2016 - 01:14 PM

Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Open the scan log and copy and paste the content to your next reply.
 

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 18 January 2016 - 01:39 PM

Getting a signature file of JRT is corrupt.. will move to eSET


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 18 January 2016 - 02:50 PM

ESET is clean.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 18 January 2016 - 02:54 PM

It Appears That Your Pc Is Clean!


***


Clean up with delfix:
  • please download delfix to your desktop.
  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • delfix will now delete all found traces of our removal process

***


Delete the log files our tools created; they are located at your desktop or at the
"c:\users\{.......}\Downloads" folder.
Highlight them, and press the del or delete key on the keyboard.
You can browse to the location of the file or folder using either My Computer or Windows Explorer.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 boopme

boopme

    To Insanity and Beyond

  • Topic Starter

  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:50 PM

Posted 18 January 2016 - 03:14 PM

Thank you very much, greatly appreciate your time :)


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:50 AM

Posted 18 January 2016 - 03:38 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users