Jump to content

malwarebytes found malware but problems after


kifujin

Recommended Posts

Malwarebytes found a lot of malware twice but after quarantining the malware my computer started to slow up quite a bit and google earth is not working and sometimes notepad doesn't work well.  

 

I'm running windows 10 home (64-bit).

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by 93 (administrator) on PUGET-117561 (23-02-2016 07:18:58)
Running from C:\Users\93\Desktop
Loaded Profiles: 93 (Available Profiles: 93 & 4 & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\Run: [f.lux] => C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\Run: [sandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-02-12] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{dbb5ab4c-4765-46c1-8ced-39aa33d4c16e}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.pugetsystems.com/welcome.php?oid=117561
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-02] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-27]
FF Extension: Cookie Monster - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi [2016-01-27]
FF Extension: Redirect Remover - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi [2016-01-27]
FF Extension: FEBE - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-01-27]
FF Extension: Google Translator for Firefox - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\translator@zoli.bod.xpi [2016-01-27]
FF Extension: BetterPrivacy - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-02-01]
FF Extension: NoScript - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-15]
FF Extension: Ghostery - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\Extensions\firefox@ghostery.com.xpi [2016-01-27]
FF Extension: Flag Plus - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\Extensions\jid1-s7swGsO2vJBPMv@jetpack.xpi [2016-01-27]
FF Extension: uBlock Origin - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-15]
FF Extension: Flagfox - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-01-27]
FF Extension: Adblock Plus - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-27]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177288 2016-02-12] (Sandboxie Holdings, LLC)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [193672 2016-02-12] (Sandboxie Holdings, LLC)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\93\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\93\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 cpuz138; \??\C:\Users\93\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 GPU-Z; \??\C:\Users\93\AppData\Local\Temp\GPU-Z.sys [X]
S3 WinRing0_1_2_0; \??\C:\install\Extra\RealTemp\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 07:18 - 2016-02-23 07:19 - 00012695 _____ C:\Users\93\Desktop\FRST.txt
2016-02-23 07:18 - 2016-02-23 07:18 - 02371072 _____ (Farbar) C:\Users\93\Desktop\FRST64.exe
2016-02-23 07:18 - 2016-02-23 07:18 - 00000000 ____D C:\FRST
2016-02-20 07:53 - 2016-02-20 10:46 - 00000156 _____ C:\Users\4\Desktop\card.txt
2016-02-19 11:35 - 2016-02-19 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-02-15 08:49 - 2016-02-15 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 14:50 - 2016-02-11 14:50 - 00000208 _____ C:\Users\4\Desktop\cherry blossom festival date time.txt
2016-02-09 13:53 - 2016-01-28 22:57 - 04502352 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 13:53 - 2016-01-28 22:33 - 04064320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-09 13:53 - 2016-01-26 22:15 - 01557776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 13:53 - 2016-01-26 22:15 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 13:53 - 2016-01-26 22:01 - 07476064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 13:53 - 2016-01-26 22:01 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 13:53 - 2016-01-26 22:01 - 01819720 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 13:53 - 2016-01-26 21:59 - 00304752 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-02-09 13:53 - 2016-01-26 21:57 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-09 13:53 - 2016-01-26 21:57 - 01824264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-09 13:53 - 2016-01-26 21:57 - 00820704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-09 13:53 - 2016-01-26 21:56 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 13:53 - 2016-01-26 21:55 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-02-09 13:53 - 2016-01-26 21:55 - 00081112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2016-02-09 13:53 - 2016-01-26 21:54 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 13:53 - 2016-01-26 21:46 - 02606824 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-09 13:53 - 2016-01-26 21:46 - 01270072 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-09 13:53 - 2016-01-26 21:45 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 13:53 - 2016-01-26 21:45 - 06605544 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-02-09 13:53 - 2016-01-26 21:44 - 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 13:53 - 2016-01-26 21:44 - 00085320 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2016-02-09 13:53 - 2016-01-26 21:43 - 00359776 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 13:53 - 2016-01-26 21:37 - 01998176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-02-09 13:53 - 2016-01-26 21:37 - 00576352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-02-09 13:53 - 2016-01-26 21:21 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 13:53 - 2016-01-26 21:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-02-09 13:53 - 2016-01-26 21:13 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-02-09 13:53 - 2016-01-26 21:12 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-09 13:53 - 2016-01-26 21:11 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 13:53 - 2016-01-26 21:10 - 22394368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-02-09 13:53 - 2016-01-26 21:10 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-09 13:53 - 2016-01-26 21:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-09 13:53 - 2016-01-26 21:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-02-09 13:53 - 2016-01-26 21:07 - 00203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iassam.dll
2016-02-09 13:53 - 2016-01-26 21:05 - 19339776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-09 13:53 - 2016-01-26 21:05 - 18678272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-02-09 13:53 - 2016-01-26 21:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-02-09 13:53 - 2016-01-26 21:05 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 13:53 - 2016-01-26 21:04 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-09 13:53 - 2016-01-26 21:04 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 13:53 - 2016-01-26 21:03 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-02-09 13:53 - 2016-01-26 21:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-09 13:53 - 2016-01-26 21:01 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 13:53 - 2016-01-26 20:59 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2016-02-09 13:53 - 2016-01-26 20:58 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-09 13:53 - 2016-01-26 20:57 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-02-09 13:53 - 2016-01-26 20:55 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-09 13:53 - 2016-01-26 20:55 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 13:53 - 2016-01-26 20:54 - 24603136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 13:53 - 2016-01-26 20:52 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 13:53 - 2016-01-26 20:50 - 02230784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 13:53 - 2016-01-26 20:50 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 13:53 - 2016-01-26 20:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 13:53 - 2016-01-26 20:49 - 05662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-02-09 13:53 - 2016-01-26 20:48 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 13:53 - 2016-01-26 20:44 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-09 13:53 - 2016-01-26 20:42 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 13:53 - 2016-01-26 20:41 - 03592704 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-02-09 13:53 - 2016-01-26 20:39 - 02275328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 13:53 - 2016-01-26 20:38 - 07835648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-02-09 13:53 - 2016-01-26 20:38 - 01734656 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 13:53 - 2016-01-26 20:37 - 04894720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 13:53 - 2016-01-26 20:36 - 02757120 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 13:53 - 2016-01-26 20:32 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-02-09 13:53 - 2016-01-26 20:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-08 05:35 - 2016-02-08 05:35 - 00000000 ____D C:\Users\4\AppData\LocalLow\Google
2016-02-03 09:51 - 2016-02-22 21:22 - 00004154 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B64CCCDA-2FD4-484D-AC0E-5B6CA34A4859}
2016-02-03 09:19 - 2016-02-03 09:45 - 00000000 ____D C:\Users\93\AppData\Local\ElevatedDiagnostics
2016-02-03 09:18 - 2016-02-03 10:01 - 00000000 ____D C:\Users\93\AppData\Local\LogMeIn Rescue Applet
2016-02-03 07:52 - 2016-02-03 07:52 - 00000000 ____D C:\Users\4\AppData\Roaming\Skype
2016-02-03 07:52 - 2016-02-03 07:52 - 00000000 ____D C:\Users\4\AppData\Local\Skype
2016-02-02 05:55 - 2016-02-02 05:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2016-02-02 05:55 - 2016-02-02 05:55 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2016-02-01 11:34 - 2016-02-01 11:34 - 00002292 _____ C:\Users\4\Desktop\Kindle.lnk
2016-02-01 11:34 - 2016-02-01 11:34 - 00000000 ____D C:\Users\4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2016-02-01 11:34 - 2016-02-01 11:34 - 00000000 ____D C:\Users\4\AppData\Local\Amazon
2016-02-01 11:31 - 2016-02-01 11:34 - 43412816 _____ (Amazon.com) C:\Users\4\Downloads\KindleForPC-installer-1.14.43019.exe
2016-01-31 08:55 - 2016-01-31 08:55 - 00000007 _____ C:\Users\4\Documents\tecuani jaguar.txt
2016-01-31 08:22 - 2016-01-31 08:22 - 01604353 _____ C:\Users\4\Documents\bookmarks.html
2016-01-31 02:07 - 2016-01-31 02:07 - 01665568 _____ ( ) C:\Users\93\Downloads\cpu-z_1.75-en.exe
2016-01-31 02:07 - 2016-01-31 02:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-01-31 02:07 - 2016-01-31 02:07 - 00000000 ____D C:\Program Files\CPUID
2016-01-31 01:58 - 2016-01-31 01:58 - 00000000 ____D C:\Users\4\AppData\Local\Apple
2016-01-28 07:00 - 2016-01-28 07:00 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 07:00 - 2016-01-28 07:00 - 00000000 ____D C:\Intel
2016-01-28 06:56 - 2016-01-28 06:56 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-01-28 06:56 - 2016-01-28 06:56 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-01-27 14:46 - 2016-01-27 14:46 - 00000000 ____D C:\Users\4\AppData\Roaming\Macromedia
2016-01-27 14:46 - 2016-01-27 14:46 - 00000000 ____D C:\Users\4\AppData\Local\Macromedia
2016-01-27 14:41 - 2016-01-27 14:41 - 00000000 ___RD C:\Sandbox
2016-01-27 14:32 - 2016-02-17 10:10 - 00000000 ____D C:\Users\4\Documents\misc doc
2016-01-27 14:32 - 2016-01-31 08:30 - 00000000 ____D C:\Users\4\Documents\Languages
2016-01-27 14:32 - 2016-01-29 11:38 - 00000000 ____D C:\Users\4\Documents\Scanned Documents
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\screen shots
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\Recipes
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\names
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\My Kindle Content
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\medical
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\manga anime etc
2016-01-27 14:32 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\library
2016-01-27 14:31 - 2016-02-23 07:15 - 00000000 ____D C:\Users\4\Documents\computer
2016-01-27 14:31 - 2016-02-04 06:20 - 00000000 ____D C:\Users\4\Documents\consumer
2016-01-27 14:31 - 2016-01-29 11:37 - 00000000 ____D C:\Users\4\Documents\Fax
2016-01-27 14:31 - 2016-01-28 10:39 - 00000000 ____D C:\Users\4\Documents\important phone numbers
2016-01-27 14:31 - 2016-01-27 14:32 - 00000000 ____D C:\Users\4\Documents\kindle
2016-01-27 14:31 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\housing DHSH HUD
2016-01-27 14:31 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\cleaning
2016-01-27 14:31 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\cats
2016-01-27 14:31 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\books authors etc
2016-01-27 14:31 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\bluescreenview
2016-01-27 14:31 - 2016-01-18 07:10 - 00000000 ____D C:\Users\4\Documents\HP Photosmart Projects
2016-01-27 14:30 - 2016-01-27 14:31 - 00000000 ____D C:\Users\4\Documents\alt
2016-01-27 14:21 - 2016-01-27 14:21 - 00597304 _____ C:\Users\4\Downloads\flux-setup.exe
2016-01-27 14:21 - 2016-01-27 14:21 - 00000000 ____D C:\Users\4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-01-27 14:21 - 2016-01-27 14:21 - 00000000 ____D C:\Users\4\AppData\Local\FluxSoftware
2016-01-27 14:13 - 2016-01-27 14:13 - 00000000 ____D C:\Users\4\AppData\Roaming\Mozilla
2016-01-27 14:13 - 2016-01-27 14:13 - 00000000 ____D C:\Users\4\AppData\Local\Mozilla
2016-01-27 13:59 - 2016-02-03 16:53 - 00000000 ____D C:\Users\4\AppData\Roaming\Canon
2016-01-27 13:56 - 2016-01-27 13:56 - 00000000 ___HD C:\ProgramData\CanonIJQuickMenu
2016-01-27 13:55 - 2016-02-23 07:03 - 00000000 ____D C:\Users\93\AppData\Roaming\canon
2016-01-27 13:55 - 2016-02-01 07:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-27 13:55 - 2016-01-27 13:55 - 00000000 ____D C:\Users\93\AppData\LocalLow\Canon Easy-WebPrint EX2
2016-01-27 13:55 - 2016-01-27 13:55 - 00000000 ____D C:\Users\93\AppData\LocalLow\Canon Easy-WebPrint EX
2016-01-27 13:55 - 2016-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series User Registration
2016-01-27 13:55 - 2014-01-21 13:15 - 00336896 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_C9L.dll
2016-01-27 13:55 - 2013-12-02 12:58 - 00096000 _____ C:\Windows\SysWOW64\CNC177ED.TBL
2016-01-27 13:55 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2016-01-27 13:54 - 2016-01-27 13:54 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2016-01-27 13:52 - 2016-01-27 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-01-27 13:52 - 2016-01-27 13:55 - 00000000 ____D C:\Program Files\Canon
2016-01-27 13:52 - 2016-01-27 13:52 - 00002439 _____ C:\Users\Public\Desktop\Canon MG6600 series On-screen Manual.lnk
2016-01-27 13:52 - 2016-01-27 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series Manual
2016-01-27 13:51 - 2016-01-27 13:51 - 00000000 ___HD C:\Program Files\CanonBJ
2016-01-27 13:29 - 2014-02-04 15:29 - 00316928 _____ (CANON INC.) C:\Windows\system32\CNC_C9C.dll
2016-01-27 13:29 - 2014-02-04 15:29 - 00105984 _____ (CANON INC.) C:\Windows\system32\CNC_C9I.dll
2016-01-27 13:29 - 2014-01-21 13:16 - 00369664 _____ (CANON INC.) C:\Windows\system32\CNC_C9L.dll
2016-01-27 13:29 - 2013-12-02 12:58 - 00096000 _____ C:\Windows\system32\CNC177ED.TBL
2016-01-27 13:29 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2016-01-27 13:28 - 2016-01-27 13:28 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-27 13:27 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\Windows\system32\CNMLMC9.DLL
2016-01-27 13:24 - 2016-01-27 13:55 - 00000000 ____D C:\Program Files (x86)\Canon
2016-01-27 12:36 - 2016-01-27 12:36 - 02870984 _____ (ESET) C:\Users\93\Downloads\esetsmartinstaller_enu.exe
2016-01-27 12:36 - 2016-01-27 12:36 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-27 12:31 - 2016-02-23 07:03 - 00002054 _____ C:\Windows\Sandboxie.ini
2016-01-27 12:30 - 2016-01-27 12:30 - 00000000 ____D C:\Program Files\Sandboxie
2016-01-27 12:23 - 2016-02-01 08:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 12:19 - 2016-01-27 12:19 - 00000000 ____D C:\Users\93\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-01-27 12:19 - 2016-01-27 12:19 - 00000000 ____D C:\Users\93\AppData\Local\FluxSoftware
2016-01-27 12:18 - 2016-02-19 06:30 - 00000000 ____D C:\ProgramData\TEMP
2016-01-27 12:18 - 2016-02-19 06:30 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-01-27 12:18 - 2016-01-27 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-01-27 12:18 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2016-01-27 12:04 - 2016-01-27 12:10 - 00000000 ____D C:\Users\93\AppData\Local\Adobe
2016-01-27 12:01 - 2016-01-15 22:36 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-27 12:01 - 2016-01-15 22:24 - 00538632 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-01-27 12:01 - 2016-01-15 22:23 - 08728920 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-01-27 12:01 - 2016-01-15 22:23 - 00848160 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-27 12:01 - 2016-01-15 22:23 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-01-27 12:01 - 2016-01-15 22:23 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-01-27 12:01 - 2016-01-15 22:21 - 01750440 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-01-27 12:01 - 2016-01-15 22:20 - 06971752 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-27 12:01 - 2016-01-15 22:20 - 00652312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-27 12:01 - 2016-01-15 22:20 - 00431240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-01-27 12:01 - 2016-01-15 22:19 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-27 12:01 - 2016-01-15 22:19 - 00405568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-01-27 12:01 - 2016-01-15 22:12 - 01415200 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-01-27 12:01 - 2016-01-15 22:09 - 01089880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-01-27 12:01 - 2016-01-15 22:08 - 01174008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-01-27 12:01 - 2016-01-15 22:08 - 00440152 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-01-27 12:01 - 2016-01-15 21:45 - 16986112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-01-27 12:01 - 2016-01-15 21:38 - 07979008 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-01-27 12:01 - 2016-01-15 21:38 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\SimCfg.dll
2016-01-27 12:01 - 2016-01-15 21:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-01-27 12:01 - 2016-01-15 21:37 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-01-27 12:01 - 2016-01-15 21:36 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SimAuth.dll
2016-01-27 12:01 - 2016-01-15 21:35 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-01-27 12:01 - 2016-01-15 21:35 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-27 12:01 - 2016-01-15 21:34 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2016-01-27 12:01 - 2016-01-15 21:34 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-27 12:01 - 2016-01-15 21:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-27 12:01 - 2016-01-15 21:32 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2016-01-27 12:01 - 2016-01-15 21:31 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-01-27 12:01 - 2016-01-15 21:31 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-01-27 12:01 - 2016-01-15 21:31 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-01-27 12:01 - 2016-01-15 21:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-01-27 12:01 - 2016-01-15 21:30 - 02127360 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-27 12:01 - 2016-01-15 21:30 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-01-27 12:01 - 2016-01-15 21:30 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-27 12:01 - 2016-01-15 21:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimCfg.dll
2016-01-27 12:01 - 2016-01-15 21:29 - 01500672 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-01-27 12:01 - 2016-01-15 21:29 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-01-27 12:01 - 2016-01-15 21:28 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-01-27 12:01 - 2016-01-15 21:28 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-01-27 12:01 - 2016-01-15 21:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SimAuth.dll
2016-01-27 12:01 - 2016-01-15 21:27 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-27 12:01 - 2016-01-15 21:26 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-01-27 12:01 - 2016-01-15 21:26 - 00260608 _____ C:\Windows\system32\MTFServer.dll
2016-01-27 12:01 - 2016-01-15 21:25 - 00235008 _____ C:\Windows\system32\MTF.dll
2016-01-27 12:01 - 2016-01-15 21:24 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-01-27 12:01 - 2016-01-15 21:24 - 00613888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-01-27 12:01 - 2016-01-15 21:24 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-01-27 12:01 - 2016-01-15 21:24 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-01-27 12:01 - 2016-01-15 21:23 - 02050048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-27 12:01 - 2016-01-15 21:23 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-27 12:01 - 2016-01-15 21:21 - 06297088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-01-27 12:01 - 2016-01-15 21:20 - 07199232 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-01-27 12:01 - 2016-01-15 21:20 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-01-27 12:01 - 2016-01-15 21:20 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-01-27 12:01 - 2016-01-15 21:20 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2016-01-27 12:01 - 2016-01-15 21:19 - 00162816 _____ C:\Windows\SysWOW64\MTF.dll
2016-01-27 12:01 - 2016-01-15 21:18 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-27 12:01 - 2016-01-15 21:17 - 05503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-01-27 12:01 - 2016-01-15 21:16 - 05202944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-01-27 12:01 - 2016-01-15 21:16 - 01542656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-27 12:01 - 2016-01-15 21:15 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-01-27 12:01 - 2016-01-15 21:14 - 01946624 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-01-27 12:01 - 2016-01-15 21:14 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-01-27 12:00 - 2016-01-15 22:37 - 00202472 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-01-27 12:00 - 2016-01-15 22:36 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-27 12:00 - 2016-01-15 22:34 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-27 12:00 - 2016-01-15 22:23 - 00785088 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-27 12:00 - 2016-01-15 22:23 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-01-27 12:00 - 2016-01-15 22:20 - 00366224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-01-27 12:00 - 2016-01-15 21:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-01-27 12:00 - 2016-01-15 21:44 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-01-27 12:00 - 2016-01-15 21:44 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\rasadhlp.dll
2016-01-27 12:00 - 2016-01-15 21:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2016-01-27 12:00 - 2016-01-15 21:43 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\winhttpcom.dll
2016-01-27 12:00 - 2016-01-15 21:42 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-01-27 12:00 - 2016-01-15 21:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\sscoreext.dll
2016-01-27 12:00 - 2016-01-15 21:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-01-27 12:00 - 2016-01-15 21:40 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
2016-01-27 12:00 - 2016-01-15 21:40 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2016-01-27 12:00 - 2016-01-15 21:40 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\rasautou.exe
2016-01-27 12:00 - 2016-01-15 21:39 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2016-01-27 12:00 - 2016-01-15 21:38 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-01-27 12:00 - 2016-01-15 21:38 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2016-01-27 12:00 - 2016-01-15 21:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-01-27 12:00 - 2016-01-15 21:37 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2016-01-27 12:00 - 2016-01-15 21:36 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-01-27 12:00 - 2016-01-15 21:36 - 00475648 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2016-01-27 12:00 - 2016-01-15 21:36 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-27 12:00 - 2016-01-15 21:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2016-01-27 12:00 - 2016-01-15 21:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasadhlp.dll
2016-01-27 12:00 - 2016-01-15 21:34 - 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-01-27 12:00 - 2016-01-15 21:34 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-01-27 12:00 - 2016-01-15 21:34 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttpcom.dll
2016-01-27 12:00 - 2016-01-15 21:33 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2016-01-27 12:00 - 2016-01-15 21:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-01-27 12:00 - 2016-01-15 21:32 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2016-01-27 12:00 - 2016-01-15 21:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasautou.exe
2016-01-27 12:00 - 2016-01-15 21:30 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2016-01-27 12:00 - 2016-01-15 21:28 - 00884736 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2016-01-27 12:00 - 2016-01-15 21:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-01-27 12:00 - 2016-01-15 21:26 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-01-27 12:00 - 2016-01-15 21:25 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2016-01-27 12:00 - 2016-01-15 21:25 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-01-27 12:00 - 2016-01-15 21:19 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-01-27 12:00 - 2016-01-15 21:19 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-01-27 12:00 - 2016-01-15 21:19 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-27 12:00 - 2016-01-15 21:11 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-01-27 11:59 - 2016-01-27 12:26 - 00000000 ____D C:\Users\93\Documents\computer
2016-01-27 11:59 - 2016-01-13 07:01 - 01604018 _____ C:\Users\93\Documents\bookmarks.html
2016-01-27 11:49 - 2016-01-27 11:49 - 00000000 ____D C:\Windows\PCHEALTH
2016-01-27 11:49 - 2016-01-27 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-01-27 11:48 - 2016-01-27 11:48 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-01-27 11:46 - 2016-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-27 11:46 - 2016-01-27 11:46 - 00000000 ____D C:\Users\93\AppData\Local\Microsoft Help
2016-01-27 11:46 - 2016-01-27 11:46 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-27 11:46 - 2016-01-27 11:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-01-27 11:45 - 2016-01-27 11:45 - 00000000 __RHD C:\MSOCache
2016-01-26 10:56 - 2016-01-31 15:48 - 00273752 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-26 08:57 - 2016-01-26 08:57 - 00003644 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-01-26 08:26 - 2016-02-23 07:16 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-25 15:11 - 2016-01-25 15:11 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-25 15:11 - 2016-01-25 15:11 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-01-25 15:11 - 2016-01-25 15:11 - 00000000 ____D C:\Windows\system32\DAX2
2016-01-25 15:11 - 2016-01-25 15:11 - 00000000 ____D C:\Program Files\Realtek
2016-01-25 15:10 - 2016-01-25 15:10 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\93\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-01-25 15:10 - 2016-01-25 15:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-25 15:10 - 2016-01-25 15:10 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-25 15:10 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-01-25 15:10 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-01-25 15:10 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-01-25 15:10 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-01-25 15:10 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-01-25 15:10 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-01-25 15:10 - 2015-06-11 19:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-01-25 15:10 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-01-25 15:10 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-01-25 15:10 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-01-25 15:10 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-01-25 15:10 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-01-25 15:10 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-01-25 15:10 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-01-25 15:10 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-01-25 15:10 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-01-25 15:10 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-01-25 15:10 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-01-25 15:10 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-01-25 15:10 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-01-25 15:10 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-01-25 15:10 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-01-25 15:10 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-01-25 15:10 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-01-25 15:10 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-01-25 15:10 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-01-25 15:10 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-01-25 15:10 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-01-25 15:10 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-01-25 15:10 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-01-25 15:10 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-01-25 15:10 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-01-25 15:10 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-01-25 15:10 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-01-25 15:10 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-01-25 15:10 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-01-25 15:10 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-01-25 15:10 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-01-25 15:10 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-01-25 15:10 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-01-25 15:10 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-01-25 15:10 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2016-01-25 15:10 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-01-25 15:10 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-01-25 15:10 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-01-25 15:10 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-01-25 15:10 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-01-25 15:10 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-01-25 15:10 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-01-25 15:10 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-01-25 15:10 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-01-25 15:10 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-01-25 15:10 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-01-25 15:10 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-01-25 15:10 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-01-25 15:10 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-01-25 15:10 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-01-25 15:10 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-01-25 15:10 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-01-25 15:10 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2016-01-25 15:10 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-01-25 15:10 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-01-25 15:10 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-01-25 15:10 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-01-25 15:10 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-01-25 15:10 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-01-25 15:10 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-01-25 15:10 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-01-25 15:10 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-01-25 15:10 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-01-25 15:10 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-01-25 15:10 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-01-25 15:10 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-01-25 15:10 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-01-25 15:10 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-01-25 15:10 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-01-25 15:10 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-01-25 15:10 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-01-25 15:10 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-01-25 15:10 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-01-25 15:10 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-01-25 15:10 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-01-25 15:10 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-01-25 15:10 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-01-25 15:10 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-01-25 15:10 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-01-25 15:10 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-01-25 15:10 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-01-25 15:10 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-01-25 15:10 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-01-25 15:10 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-01-25 15:10 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-01-25 15:10 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-01-25 15:10 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-01-25 15:10 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-01-25 15:10 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-01-25 15:10 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-01-25 15:10 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-01-25 15:10 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-01-25 15:10 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-01-25 15:10 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-01-25 14:57 - 2016-01-25 14:57 - 00001769 _____ C:\Windows\Language_trs.ini
2016-01-25 14:57 - 2016-01-25 14:57 - 00000000 ____D C:\Users\93\Intel
2016-01-25 14:44 - 2016-01-25 14:44 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2016-01-25 14:32 - 2016-01-25 15:11 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-25 14:32 - 2016-01-25 14:32 - 00000000 ____D C:\Users\93\AppData\Roaming\Macromedia
2016-01-25 14:32 - 2016-01-25 14:32 - 00000000 ____D C:\Users\93\AppData\Local\Macromedia
2016-01-25 13:31 - 2016-01-25 18:07 - 00000000 ____D C:\Users\93\AppData\Roaming\Media Player Classic

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 07:16 - 2016-01-20 10:47 - 00000000 __SHD C:\Users\93\IntelGraphicsProfiles
2016-02-23 07:13 - 2016-01-21 15:34 - 00000000 __SHD C:\Users\4\IntelGraphicsProfiles
2016-02-23 07:11 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\AppReadiness
2016-02-23 07:10 - 2015-10-29 23:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-23 07:07 - 2015-10-29 23:21 - 00000000 ____D C:\Windows\INF
2016-02-23 07:05 - 2016-01-20 12:36 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-23 07:03 - 2016-01-20 10:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-23 05:47 - 2016-01-19 17:49 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 05:43 - 2016-01-19 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-22 22:10 - 2015-10-29 22:28 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-02-15 11:12 - 2016-01-20 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 09:05 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\rescache
2016-02-10 12:39 - 2015-10-30 01:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 12:25 - 2016-01-20 14:32 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 12:23 - 2016-01-20 14:32 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 12:22 - 2015-10-29 23:11 - 00000000 ____D C:\Windows\CbsTemp
2016-02-10 12:05 - 2016-01-20 12:36 - 00003816 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-03 11:01 - 2015-10-29 23:26 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-03 11:01 - 2015-10-29 23:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-03 10:27 - 2016-01-21 15:34 - 00000000 ____D C:\Users\4
2016-02-02 06:25 - 2016-01-20 12:27 - 00004162 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BB31158B-1511-4BAE-B7AA-B4FCC768BF4C}
2016-02-01 07:53 - 2015-10-29 23:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\telnet.exe
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ___SD C:\Windows\system32\F12
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\oobe
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-28 07:34 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\bcastdvr
2016-01-27 14:13 - 2016-01-21 15:34 - 00000000 ____D C:\Users\4\AppData\Local\Packages
2016-01-27 13:55 - 2015-10-29 23:24 - 00000000 __RSD C:\Windows\Media
2016-01-27 13:29 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-01-27 11:48 - 2015-10-29 23:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-27 11:46 - 2015-10-30 01:07 - 00000000 ____D C:\Windows\ShellNew
2016-01-27 11:42 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-01-25 18:05 - 2016-01-20 12:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-25 18:05 - 2016-01-20 10:47 - 00000000 ____D C:\Users\93
2016-01-25 14:58 - 2016-01-20 10:07 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-25 14:57 - 2016-01-20 12:33 - 00000000 ____D C:\ProgramData\Intel
2016-01-25 14:57 - 2016-01-20 10:07 - 00000000 ____D C:\Program Files\Intel
2016-01-25 14:44 - 2016-01-20 12:28 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk

==================== Files in the root of some directories =======

2016-01-25 15:11 - 2016-01-25 15:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-14 15:24

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by 93 (2016-02-23 07:19:39)
Running from C:\Users\93\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-20 18:03:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

4 (S-1-5-21-3611102865-3659740907-1795170762-1002 - Limited - Enabled) => C:\Users\4
93 (S-1-5-21-3611102865-3659740907-1795170762-1001 - Administrator - Enabled) => C:\Users\93
Administrator (S-1-5-21-3611102865-3659740907-1795170762-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3611102865-3659740907-1795170762-503 - Limited - Disabled)
Guest (S-1-5-21-3611102865-3659740907-1795170762-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG6600 series User Registration (HKLM-x32\...\Canon MG6600 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\Flux) (Version:  - )
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Sandboxie 5.08 (64-bit) (HKLM\...\Sandboxie) (Version: 5.08 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\93\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2813DF22-0EC6-4360-971D-C44E9791D29E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {40B18AA6-07C8-421F-A0F1-EC867DE31DCB} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {658F1EE5-F067-4942-96E0-123B2E1C85FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {A175DBCA-162D-41D6-B69B-D78EFB5A7472} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {A32F5055-4A03-46E1-8E69-FFC05A365C0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {F04A6FFE-2968-43C2-B255-A24022E848C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-27 13:56 - 2013-06-28 15:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-11-20 14:57 - 2015-11-20 14:57 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-11-20 14:57 - 2015-11-20 14:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-20 10:05 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-10-29 23:18 - 2015-10-29 23:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-01-20 14:36 - 2015-11-22 02:47 - 02653816 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-01-20 14:36 - 2015-11-22 02:47 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-01-22 13:47 - 2016-01-22 13:47 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-07-18 00:35 - 2015-12-19 01:08 - 00402344 _____ () C:\Windows\system32\igfxTray.exe
2016-01-20 14:36 - 2015-12-06 20:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-20 14:36 - 2015-12-06 20:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-20 14:36 - 2016-01-04 17:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-20 14:36 - 2016-01-04 17:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 12:01 - 2016-01-15 21:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 12:01 - 2016-01-15 21:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-20 10:05 - 2016-02-23 05:43 - 00033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-01-20 10:05 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-01-22 13:47 - 2016-01-22 13:47 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:47 - 2016-01-22 13:48 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\4\Documents\soaring hearts receipt no labor charges for rebuilts.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\4\Documents\soaring hearts receipt no labor charges for rebuilts.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-29 23:24 - 2015-10-29 23:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3611102865-3659740907-1795170762-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\93\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5276F7E2-364F-4F9D-8B07-5D7A55CB2849}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9CA66CE7-93C6-41F3-81E8-CF2A58B43B4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F87DD62-95AC-48A2-89D6-C24BD7EE8ED8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{23E9417B-8517-48A5-AFA3-F30B86E5F899}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3802900E-50A1-4257-A867-BC63E7557426}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1E1A2123-A02F-4B92-9142-F19484CF6CF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B4F495E6-A6DC-4830-9C47-D78A23CDFEEB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4261FC36-B4C9-4D3D-9C1E-F0FDF572C314}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

27-01-2016 11:45:35 Installed Microsoft Office Home and Student 2010
31-01-2016 07:10:02 Windows Update
01-02-2016 07:52:54 Windows Modules Installer
06-02-2016 06:24:03 Windows Update
10-02-2016 12:21:00 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2016 06:58:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x1384
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/23/2016 06:43:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x1310
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/23/2016 06:23:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x123c
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/23/2016 06:13:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0xc74
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/23/2016 06:06:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10586.0, time stamp: 0x5632d899
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x9ec
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5

Error: (02/23/2016 05:58:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x358
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/22/2016 10:03:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x17a4
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/22/2016 09:48:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0x1344
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/22/2016 09:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0xd70
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5

Error: (02/22/2016 04:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb
Exception code: 0xc000027b
Fault offset: 0x00166fb1
Faulting process id: 0xd4
Faulting application start time: 0xSkypeHost.exe0
Faulting application path: SkypeHost.exe1
Faulting module path: SkypeHost.exe2
Report Id: SkypeHost.exe3
Faulting package full name: SkypeHost.exe4
Faulting package-relative application ID: SkypeHost.exe5


System errors:
=============
Error: (02/23/2016 07:16:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_7f1d9e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/23/2016 07:16:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/23/2016 07:13:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_68d12c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/23/2016 07:13:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/23/2016 07:11:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: Microsoft Photos.

Error: (02/23/2016 07:02:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/23/2016 07:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_8f759 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/23/2016 07:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_8f759 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/23/2016 07:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_8f759 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/23/2016 07:01:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_8f759 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
  Date: 2016-02-22 22:06:06.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-22 12:22:58.398
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-20 09:01:18.616
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-18 07:56:48.119
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-17 11:10:29.491
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-17 09:24:05.602
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-15 14:30:56.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-14 15:25:39.702
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 07:45:11.891
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-10 12:40:54.022
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 29%
Total physical RAM: 7105.02 MB
Available physical RAM: 5020.43 MB
Total Virtual: 8257.02 MB
Available Virtual: 6139.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.15 GB) (Free:659.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 18C7D957)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

post-200133-0-12684600-1456241045_thumb.

post-200133-0-80408700-1456241049_thumb.

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and upload your next reply.
Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.