Inactive Not sure if infected but some programs running slowly

SmokeyMcNasty

SmokeyMcNasty

Posts: 53   +0
Just this afternoon noticed some programs responding slowly, I ran all scans to no avail (jrt, adware removal, malware bytes, avast, sophos, tfc) and still no results. I tried to do a restore to just a few days ago when had no porblems but got an error msg saying couldnt restore. I chose different date and same msg. Posted below are the logs required.
 
Can result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-06-2016
Ran by admin (administrator) on MYDESKTOP (10-06-2016 16:39:06)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-06-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-12-09] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400064 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-19] (Spotify Ltd)
HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3943417612-1818929072-5295417-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A4F7A4BE-067A-4DC9-96F4-E37B8E9DEB6B}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?ilc=8
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3943417612-1818929072-5295417-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3943417612-1818929072-5295417-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qr44xpuw.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-22] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-22] ()
FF Plugin-x32: @gentek.com/thinclient -> C:\Users\admin\AppData\Roaming\C2ray\npthinclient.dll [2013-12-05] (Generic Network)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-09] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-3943417612-1818929072-5295417-1000: @gentek.com/thinclient -> C:\Users\admin\AppData\Roaming\C2ray\npthinclient.dll [2013-12-05] (Generic Network)
FF Plugin HKU\S-1-5-21-3943417612-1818929072-5295417-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-21] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\qr44xpuw.default\searchplugins\yahoo-avast.xml [2015-10-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-12-09] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-12-09] (ASUSTeK Computer Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-09] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-09] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [36352 2015-09-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-12-09] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2015-03-03] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2746624 2010-07-14] (Hewlett-Packard)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-12] (REALiX(tm))
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-03-12] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-04-28] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-01-15] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-05-02] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-10 16:39 - 2016-06-10 16:39 - 00015519 _____ C:\Users\admin\Desktop\FRST.txt
2016-06-10 16:37 - 2016-06-10 16:39 - 00000000 ____D C:\FRST
2016-06-10 16:36 - 2016-06-10 16:37 - 02385408 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-06-10 11:34 - 2016-06-10 11:34 - 00001928 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-06-10 11:34 - 2016-06-10 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-10 11:32 - 2016-05-04 12:18 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-10 11:18 - 2016-06-10 11:18 - 03677248 _____ C:\Users\admin\Desktop\adwcleaner_5.119.exe
2016-06-10 10:10 - 2016-06-10 10:10 - 00000000 ____D C:\ProgramData\ProductData
2016-06-04 15:37 - 2016-06-10 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-26 20:26 - 2016-05-26 20:26 - 00389841 _____ C:\Users\admin\Downloads\Map to Revenue Valley Sdn Bhd.pdf
2016-05-23 11:58 - 2016-05-23 12:36 - 00066962 _____ C:\Windows\ntbtlog.txt
2016-05-22 21:18 - 2016-06-10 11:08 - 00000000 ____D C:\Users\admin\AppData\Roaming\ProductData
2016-05-22 20:24 - 2016-05-22 20:24 - 00377160 _____ C:\Windows\Minidump\052216-21840-01.dmp
2016-05-11 17:00 - 2016-05-11 17:00 - 00327888 _____ C:\Windows\Minidump\051116-21964-01.dmp
2016-05-11 05:42 - 2016-04-09 14:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 05:42 - 2016-04-09 14:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 05:42 - 2016-04-09 13:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 05:41 - 2016-04-14 21:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 05:41 - 2016-04-14 21:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 05:41 - 2016-04-09 15:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 05:41 - 2016-04-09 15:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 05:41 - 2016-04-09 14:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 05:41 - 2016-04-09 14:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 05:41 - 2016-04-09 14:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 05:41 - 2016-04-06 23:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-11 05:41 - 2016-03-10 02:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 05:41 - 2016-03-10 02:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 05:40 - 2016-04-24 01:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 05:40 - 2016-04-24 00:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 05:40 - 2016-04-23 13:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 05:40 - 2016-04-23 13:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-11 05:40 - 2016-04-23 13:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-11 05:40 - 2016-04-23 13:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-11 05:40 - 2016-04-23 13:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 05:40 - 2016-04-23 13:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 05:40 - 2016-04-23 13:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-11 05:40 - 2016-04-23 13:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-11 05:40 - 2016-04-23 13:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-11 05:40 - 2016-04-23 12:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-11 05:40 - 2016-04-23 12:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-11 05:40 - 2016-04-23 12:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-11 05:40 - 2016-04-23 12:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 05:40 - 2016-04-23 12:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-11 05:40 - 2016-04-23 12:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-11 05:40 - 2016-04-23 12:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-11 05:40 - 2016-04-23 12:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 05:40 - 2016-04-23 12:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-11 05:40 - 2016-04-23 12:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-11 05:40 - 2016-04-23 12:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 05:40 - 2016-04-23 12:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-11 05:40 - 2016-04-23 12:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-11 05:40 - 2016-04-23 12:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-11 05:40 - 2016-04-23 12:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-11 05:40 - 2016-04-23 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-11 05:40 - 2016-04-23 12:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-11 05:40 - 2016-04-23 12:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 05:40 - 2016-04-23 12:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 05:40 - 2016-04-23 12:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 05:40 - 2016-04-23 12:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-11 05:40 - 2016-04-23 12:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-11 05:40 - 2016-04-23 12:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 05:40 - 2016-04-23 12:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-11 05:40 - 2016-04-23 12:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-11 05:40 - 2016-04-23 12:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-11 05:40 - 2016-04-23 12:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 05:40 - 2016-04-23 12:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 05:40 - 2016-04-23 12:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 05:40 - 2016-04-23 12:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-11 05:40 - 2016-04-23 12:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-11 05:40 - 2016-04-23 12:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 05:40 - 2016-04-23 11:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-11 05:40 - 2016-04-23 11:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 05:40 - 2016-04-23 11:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-11 05:40 - 2016-04-23 11:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-11 05:40 - 2016-04-23 11:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 05:40 - 2016-04-23 11:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-11 05:40 - 2016-04-23 11:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 05:40 - 2016-04-23 11:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-11 05:40 - 2016-04-23 11:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-11 05:40 - 2016-04-23 11:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-11 05:40 - 2016-04-23 11:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-11 05:40 - 2016-04-23 11:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 05:40 - 2016-04-23 11:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-11 05:40 - 2016-04-23 11:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 05:40 - 2016-04-23 11:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 05:40 - 2016-04-23 11:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 05:40 - 2016-04-23 11:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 05:40 - 2016-04-23 11:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-11 05:40 - 2016-04-23 11:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 05:40 - 2016-04-23 11:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 05:40 - 2016-04-23 11:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 05:40 - 2016-04-23 11:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 05:40 - 2016-04-23 11:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 05:38 - 2016-04-09 15:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 05:38 - 2016-04-09 15:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 05:38 - 2016-04-09 15:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
 
2016-05-11 05:38 - 2016-04-09 15:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-11 05:38 - 2016-04-09 14:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 05:38 - 2016-04-09 14:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 05:38 - 2016-04-09 14:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-11 05:38 - 2016-04-09 14:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 14:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 13:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 05:38 - 2016-04-09 13:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 05:38 - 2016-04-09 13:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 05:38 - 2016-04-09 13:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-11 05:38 - 2016-04-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 05:38 - 2016-04-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 05:38 - 2016-04-09 13:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 05:38 - 2016-04-09 13:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 05:38 - 2016-04-09 13:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 05:38 - 2016-04-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 05:38 - 2016-04-09 13:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-11 05:38 - 2016-04-09 13:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-11 05:38 - 2016-04-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 05:38 - 2016-04-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 05:38 - 2016-04-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 05:38 - 2016-04-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 05:38 - 2016-04-09 13:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-11 05:38 - 2016-04-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 05:38 - 2016-04-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 05:36 - 2016-04-09 12:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 05:36 - 2016-04-09 11:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-10 16:21 - 2009-07-14 12:45 - 00029776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-10 16:21 - 2009-07-14 12:45 - 00029776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-10 14:43 - 2015-03-11 20:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-10 14:41 - 2015-03-03 17:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-10 14:40 - 2016-01-21 22:28 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-06-10 14:37 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-10 14:36 - 2013-10-09 21:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-10 11:35 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
2016-06-10 11:34 - 2016-05-04 22:14 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462371281
2016-06-10 11:21 - 2016-05-04 12:08 - 00000000 ____D C:\AdwCleaner
2016-06-10 11:12 - 2012-12-09 01:42 - 00000000 ____D C:\Users\admin
2016-06-10 11:09 - 2015-12-06 11:57 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-06-10 11:09 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-10 11:09 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-10 11:09 - 2014-10-13 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-06-10 11:09 - 2014-05-15 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-06-10 11:09 - 2013-10-25 12:34 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-10 11:09 - 2013-10-24 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-10 11:09 - 2012-12-09 03:07 - 00000000 ____D C:\Windows\SysWOW64\Drivers\MFDLL
2016-06-10 11:09 - 2012-12-09 03:00 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-10 11:09 - 2009-07-14 13:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-10 11:09 - 2009-07-14 13:32 - 00000000 ____D C:\Windows\Offline Web Pages
2016-06-10 11:09 - 2009-07-14 13:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-06-10 11:09 - 2009-07-14 13:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-06-10 11:09 - 2009-07-14 13:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-06-10 11:09 - 2009-07-14 13:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 __RSD C:\Windows\Media
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\TAPI
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-10 11:09 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\ias
2016-06-10 11:08 - 2016-05-04 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-10 11:08 - 2016-05-04 12:09 - 00000000 ____D C:\Users\admin\Documents\My Filehippo Downloads
2016-06-10 11:08 - 2016-05-04 03:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-06-10 11:08 - 2016-05-03 18:12 - 00000000 ____D C:\Users\admin\AppData\Local\Akamai
2016-06-10 11:08 - 2016-03-16 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-06-10 11:08 - 2016-01-24 14:25 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-06-10 11:08 - 2015-08-25 18:50 - 00000000 ____D C:\Users\admin\AppData\Roaming\Shortcut
2016-06-10 11:08 - 2015-07-08 13:36 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6
2016-06-10 11:08 - 2015-03-11 20:38 - 00000000 ____D C:\Program Files\Temp File Cleaner
2016-06-10 11:08 - 2015-03-11 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-10 11:08 - 2015-03-11 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-10 11:08 - 2015-03-01 21:54 - 00000000 ____D C:\Windows\erdnt
2016-06-10 11:08 - 2015-02-28 22:19 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-10 11:08 - 2014-12-21 03:14 - 00000000 ____D C:\Users\admin\AppData\LocalLow\ADSRemoval
2016-06-10 11:08 - 2014-10-13 16:42 - 00000000 ____D C:\Users\admin\Documents\PCSX2
2016-06-10 11:08 - 2014-10-07 23:03 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-06-10 11:08 - 2014-05-15 11:05 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-06-10 11:08 - 2014-05-13 08:12 - 00000000 ____D C:\Users\admin\Documents\Public Bank Berhad Internet Banking_files
2016-06-10 11:08 - 2014-05-01 21:34 - 00000000 ____D C:\ProgramData\Protexis
2016-06-10 11:08 - 2014-05-01 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X7
2016-06-10 11:08 - 2014-04-19 12:32 - 00000000 ____D C:\Users\admin\Documents\JALIL DAMAI_files
2016-06-10 11:08 - 2014-03-10 17:39 - 00000000 ____D C:\Users\admin\Documents\InfiniteCrisis
2016-06-10 11:08 - 2014-03-10 17:11 - 00000000 ____D C:\Users\admin\AppData\Local\Turbine
2016-06-10 11:08 - 2014-03-10 16:45 - 00000000 ____D C:\Users\admin\AppData\Roaming\C2ray
2016-06-10 11:08 - 2014-02-25 13:34 - 00000000 ____D C:\Users\admin\AppData\Local\Unity
2016-06-10 11:08 - 2014-02-24 23:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-10 11:08 - 2014-02-24 12:25 - 00000000 ____D C:\ProgramData\Borland
2016-06-10 11:08 - 2014-02-05 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\psx emulation cheater
2016-06-10 11:08 - 2014-02-05 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-06-10 11:08 - 2014-01-27 14:18 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-06-10 11:08 - 2013-11-16 03:24 - 00000000 ____D C:\Users\admin\AppData\LocalLow\AdbPlugin
2016-06-10 11:08 - 2013-11-02 00:17 - 00000000 ____D C:\Users\admin\.frostwire5
2016-06-10 11:08 - 2013-10-27 20:47 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-10 11:08 - 2013-10-27 20:46 - 00000000 ____D C:\Users\admin\AppData\Local\Downloaded Installations
2016-06-10 11:08 - 2013-10-25 16:40 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA
2016-06-10 11:08 - 2013-10-25 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-10 11:08 - 2013-10-24 20:31 - 00000000 ____D C:\Windows\Minidump
2016-06-10 11:08 - 2013-10-11 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-10 11:08 - 2013-10-11 03:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-10 11:08 - 2013-10-10 15:37 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2016-06-10 11:08 - 2013-10-10 15:37 - 00000000 ____D C:\ProgramData\Skype
2016-06-10 11:08 - 2013-10-10 15:34 - 00000000 ____D C:\Users\admin\AppData\LocalLow\SecurePlugin
2016-06-10 11:08 - 2013-10-10 15:34 - 00000000 ____D C:\Users\admin\AppData\LocalLow\IObit
2016-06-10 11:08 - 2013-10-10 15:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\IObit
2016-06-10 11:08 - 2013-10-10 15:33 - 00000000 ____D C:\ProgramData\IObit
2016-06-10 11:08 - 2012-12-10 03:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-10 11:08 - 2009-07-14 13:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-06-10 11:08 - 2009-07-14 12:45 - 00000000 ____D C:\Windows\Setup
2016-06-10 11:08 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\security
2016-06-10 11:08 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\Help
2016-06-10 11:08 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\AppCompat
2016-06-10 11:07 - 2016-05-04 12:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-10 11:07 - 2016-05-04 12:03 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2016-06-10 11:07 - 2015-07-08 13:36 - 00000000 ____D C:\Program Files (x86)\FrostWire 6
2016-06-10 11:07 - 2015-03-11 20:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-10 11:07 - 2014-10-13 16:41 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.2.1
2016-06-10 11:07 - 2014-05-15 11:03 - 00000000 ____D C:\Program Files (x86)\Aeria Games
2016-06-10 11:07 - 2014-04-02 12:15 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-06-10 11:07 - 2014-03-15 16:11 - 00000000 ____D C:\Program Files (x86)\TunnelBear
2016-06-10 11:07 - 2014-02-27 12:11 - 00000000 ____D C:\Program Files\File Association Helper
2016-06-10 11:07 - 2014-02-05 17:20 - 00000000 ____D C:\Program Files (x86)\psx emulation cheater
2016-06-10 11:07 - 2014-02-05 16:07 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-06-10 11:07 - 2013-10-24 21:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-10 11:07 - 2013-10-11 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-10 11:07 - 2013-10-10 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-10 11:07 - 2013-10-09 21:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-10 11:07 - 2012-12-09 03:07 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-10 11:07 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-10 11:05 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\registration
2016-06-10 10:48 - 2015-03-10 01:18 - 00000000 ____D C:\ProgramData\Sophos
2016-06-10 10:48 - 2013-12-04 09:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-06-10 09:23 - 2016-05-04 22:34 - 00002011 _____ C:\Users\admin\Desktop\JRT.txt
2016-06-10 09:13 - 2015-03-01 22:25 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-05-22 20:27 - 2013-10-10 13:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-22 20:27 - 2013-10-10 13:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-22 20:24 - 2016-03-05 10:14 - 432872430 _____ C:\Windows\MEMORY.DMP
2016-05-13 03:00 - 2014-12-11 07:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 06:52 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2016-05-12 03:46 - 2009-07-14 13:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-12 03:39 - 2009-07-14 12:45 - 00335880 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-12 03:36 - 2011-04-12 16:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 03:13 - 2013-10-10 13:04 - 00000000 ____D C:\Windows\system32\MRT
2016-05-12 03:03 - 2013-10-10 13:04 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2009-07-14 12:54 - 2009-07-14 12:54 - 0000174 ___SH () C:\Program Files\desktop(8567).ini

Some files in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-07 02:37

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-06-2016
Ran by admin (2016-06-10 16:39:55)
Running from C:\Users\admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-12-08 17:42:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3943417612-1818929072-5295417-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3943417612-1818929072-5295417-500 - Administrator - Disabled)
Guest (S-1-5-21-3943417612-1818929072-5295417-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3943417612-1818929072-5295417-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\{5708517C-59A3-45C6-9727-6C06C8595AFD}) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
C2ray 1.0.7.3 (HKLM-x32\...\C2ray) (Version: 1.0.7.3 - C2fun.com)
File Association Helper (HKLM\...\{572D0504-2C67-4016-801F-D70879A3026A}) (Version: 1.1.6.53763 - WinZip Computing International, LLC)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FrostWire 6.1.2 (HKLM-x32\...\FrostWire 6) (Version: 6.1.2.2 - FrostWire LLC)
Grand Fantasia (HKLM-x32\...\Grand Fantasia) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.6.101 - IObit)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5997 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
Spotify (HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.4.0 - Addpcs, LLC)
TunnelBear (x32 Version: 2.3.17.0 - TunnelBear) Hidden
Unity Web Player (HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation)
WordPerfect Office X7 - Common Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Common Files English (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM Content TBYB (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM TBYB (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Lightning Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Lightning Files English (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Oxford (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Presentations Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Presentations Files English (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Quattro Pro Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Quattro Pro Files English (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - System Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - WordPerfect Files (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - WordPerfect Files English (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - WPD format Props x64 (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - WT (x32 Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 (HKLM-x32\...\_{64A329FC-D1B2-4354-922D-21F7EC777E10}) (Version: 17.0.0.314 - Corel Corporation)
WordPerfect Office X7 (x32 Version: 17.0 - Corel Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {352228EF-798D-4A62-9F01-264601F794A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-22] (Adobe Systems Incorporated)
Task: {53FEAB63-F0D9-450C-81E2-72CF8678E47B} - System32\Tasks\{000F06D1-94F5-42B0-BCDC-44E925AE3309} => pcalua.exe -a C:\Users\admin\AppData\Local\Temp\jre-8u51-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {79A3DE15-36F7-44D2-8EF4-6223903CAB09} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A1D0271C-F100-4F6D-A781-50EA1E520D44} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {E918702D-BD95-48B6-BDD9-3D281C0068AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {EC3F22EA-74B4-4B68-B896-8B43084589F4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {F8851D91-D036-4CD1-8012-8A02EDB7ACCF} - System32\Tasks\SafeZone scheduled Autoupdate 1462371281 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {FA122B14-DA9D-49D8-AEDD-323151D741D9} - System32\Tasks\{6038F396-C43F-4BD6-AB77-5E52F6557F70} => pcalua.exe -a C:\Users\admin\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.1.2-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()

==================== Loaded Modules (Whitelisted) ==============

2013-10-09 21:47 - 2015-04-09 05:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-04 16:22 - 2015-09-04 16:22 - 00036352 _____ () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
2016-05-04 12:17 - 2016-05-04 12:17 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 12:17 - 2016-05-04 12:17 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-10 11:30 - 2016-06-10 11:30 - 02924032 _____ () C:\Program Files\AVAST Software\Avast\defs\16060901\algo.dll
2016-05-04 12:17 - 2016-05-04 12:17 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-04 12:17 - 2016-05-04 12:17 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-04-17 19:36 - 2015-04-09 08:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-04 12:17 - 2016-05-04 12:17 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-16 20:50 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-03-16 20:50 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2013-06-07 05:59 - 2013-06-07 05:59 - 00158744 _____ () C:\Program Files (x86)\Aeria Games\Ignite\AGAkamai.dll
2012-12-09 02:53 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-22 20:27 - 2016-05-22 20:27 - 19427520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3943417612-1818929072-5295417-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2016-05-03 10:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3943417612-1818929072-5295417-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Aeria Ignite => "c:\program files (x86)\aeria games\ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: FAHConsole => c:\program files\file association helper\fahconsole.exe
MSCONFIG\startupreg: QuickFinder Scheduler => "c:\program files (x86)\corel\wordperfect office x7\programs\qfschd170.exe"
MSCONFIG\startupreg: ShadowPlay => c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap64.dll,shadowplayonsystemstart
MSCONFIG\startupreg: Spotify => "c:\users\admin\appdata\roaming\spotify\spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "c:\users\admin\appdata\roaming\spotify\spotifywebhelper.exe"
MSCONFIG\startupreg: Steam => "c:\program files (x86)\steam\steam.exe" -silent
MSCONFIG\startupreg: TunnelBear =>
 
==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{86B0B000-0604-4C30-8915-2BEAD1AFF315}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F76CAB5-3135-48D2-8947-9B00F1061A63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{99D0C62D-5B8F-4BA9-B373-3E70E185C1E3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B1198886-F6E1-4E83-AF6B-91C9A0E0DD3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{43D3F327-515C-47F1-BBF8-23B66C578E74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{68BE8EF3-4829-4C4A-A72C-74F93E8A8E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{53EE5AFC-D90C-4BE9-9113-696B25B3DCD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9413AB61-B7FC-4E00-85EB-8AB8E199DB0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{67A17A01-344A-4BC2-9B15-1BAB71E85FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7B8EE845-09CE-4A60-9CBF-3E331EA7A8E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E89FCDDA-EC24-4BB9-B262-3D50EE4D8D67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B9D6048E-5A83-4D60-BF4A-CC4A67666349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{970BB27E-064B-4067-B6A4-859303DF545F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{D79BA0C5-ED56-40C2-8B9D-C23F533D33F5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{279A9FB0-29DD-426F-9641-7367D4DF05C4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF0BA3E1-DA21-4D4F-AA2B-E3548B27B210}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FB0EBC97-C4AF-456F-8358-C23EEE0DABAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7353A2A7-4695-432E-BB10-4CCE9F5BFB26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52293CF0-5430-49EF-BD23-0A1569E4F991}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{BA9E4879-00CC-4AAA-A3AF-A454E5C7B998}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{45BBFABC-6B23-490B-B5F9-AF23DD15F2C6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{B54CA954-96E8-4B30-9F03-DC9598621C72}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F13424CD-E31F-4076-94D0-9322964158A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72BA6340-6266-46F7-AC0B-AEDE679BBF7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A17763C0-7DA9-4BAD-9726-8F442D31A239}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B427DF6-437A-4EF0-8200-9F565EB0FE0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{585D0441-657A-4056-A52B-33C7EA1B12CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{19229F66-629D-408F-8863-EA66B3C3F6A9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6400D1C2-85DE-404E-B7D2-2363FF758EFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{61D0B398-AC43-4E16-A921-F0910499D5D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CD7773DE-2E6A-4784-B77C-76C3933DA11A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04E59413-BA11-4558-B50D-478166408D00}] => (Allow) C:\Users\admin\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{D15B826D-6FA8-4345-AB85-0BFDDBB3DAC4}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{0AB15D00-2EF7-468F-8874-4D987269D5E3}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [TCP Query User{16F5B33C-7E34-48E5-9EF9-BF5DC2A4824E}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{47BBF41D-4E85-40E6-9D4E-E01AE9B8BEAA}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1B3211FF-468A-4268-9E43-C28A99CC5759}] => (Block) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6A3BCCD7-476F-4951-B047-7AEC09761CE9}] => (Block) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB7934B1-2D93-4967-B312-F03EB287F9DF}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{04C34BCA-1577-4FCD-A764-5E29A3BA1842}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{55474AFB-E53B-4CDC-8FB9-2D8162D49C91}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{ABCF2E42-550E-4C80-92BA-5D09DB36F3AE}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe

==================== Restore Points =========================

27-05-2016 03:00:10 Windows Update
31-05-2016 15:29:02 Windows Update
03-06-2016 20:44:09 Windows Update
07-06-2016 20:54:36 Windows Update
10-06-2016 09:19:41 JRT Pre-Junkware Removal
10-06-2016 09:24:19 Restore Operation
10-06-2016 10:15:12 Device Driver Package Install: Avast Network Service
10-06-2016 10:21:08 Windows Update
10-06-2016 10:25:11 Restore Operation
10-06-2016 11:37:07 Windows Update

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2016 02:40:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xd1c
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3

Error: (06/10/2016 02:40:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2016 02:34:35 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (06/10/2016 11:37:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Firewall since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (06/10/2016 11:37:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast Firewall NDIS6 Helper.

System Error:
The system cannot find the file specified.
.

Error: (06/10/2016 11:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xad4
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3

Error: (06/10/2016 11:24:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2016 11:14:29 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0xc0000022.

Error: (06/10/2016 11:14:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2016 11:13:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Faulting module name: NvStreamNetworkService.exe, version: 4.1.1943.6202, time stamp: 0x551399be
Exception code: 0xc0000005
Fault offset: 0x00000000004e920f
Faulting process id: 0xb0c
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3


System errors:
=============
Error: (06/10/2016 02:40:48 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.71192.168.137.0255.255.255.0

Error: (06/10/2016 02:40:48 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (06/10/2016 02:39:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) Capability Licensing Service Interface service failed to start due to the following error:
%%1053

Error: (06/10/2016 02:39:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Capability Licensing Service Interface service to connect.

Error: (06/10/2016 02:38:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ASUS HM Com Service service failed to start due to the following error:
%%1053

Error: (06/10/2016 02:38:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ASUS HM Com Service service to connect.

Error: (06/10/2016 02:37:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ASUS Com Service service failed to start due to the following error:
%%1053

Error: (06/10/2016 02:37:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ASUS Com Service service to connect.

Error: (06/10/2016 11:39:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.223.921.0).

Error: (06/10/2016 11:29:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.


CodeIntegrity:
===================================
Date: 2016-05-03 10:56:02.614
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-05-03 10:56:02.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-01 22:28:04.659
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-03-01 22:28:04.627
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 92%
Total physical RAM: 4046.1 MB
Available physical RAM: 316.5 MB
Total Virtual: 8090.39 MB
Available Virtual: 3636.53 MB

==================== Drives ================================

Drive c: (system) (Fixed) (Total:244.04 GB) (Free:95.59 GB) NTFS
Drive d: (local disk) (Fixed) (Total:221.62 GB) (Free:219 GB) NTFS
Drive e: (DTS 30692) (CDROM) (Total:4.18 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AF7155AA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=============================

I don't see much there but we can double check...

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
If you already have MBAM 2.0 installed:
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
It would seem as if my computer just had hiccups last night things runing as smooth as usual eve this morning the same. Thanks for your reply. If u still think should dbl check I will follow the steps.
 
You must log in or register to reply here.

Similar threads

M
Solved Infected browsers - no internet connection
Replies
17
Views
5K
Broni
Broni
swervin
Programs Not Opening After Deleting Folder in AppData
Replies
3
Views
3K
swervin
swervin
M
Solved Over run with Adware
Replies
16
Views
4K
Broni
Broni

Latest posts

Back