Jump to content


Photo

Possible Threat in Operating System


  • This topic is locked This topic is locked
11 replies to this topic

#1 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 08 February 2016 - 05:24 PM

I have read the instructions for posting.

I have an asus f555l with a windows 10 operating system. Brand new computer. I downloaded a exe file 9 days ago

and suddenly the computer started slowing down. When I clicked on the windows 10 internet explorer I got a warning signal requesting me to contact the windows support team. 

BSOD: dllRegisterSetting has detected the error code 0x80060402. Window's Defender Error Code: 0x80016CFA. Stop: 0x0000007B INACCESSIBLE_BOOT_DEVICE

Error Code 0x800610A3 while starting Window's Defender due to Malware Activity.

Window's Defender time out error code: 0x000B0043

Error code 0x800610A3 unauthorized access to registry dll

 

I called them and a technician told me that the cpu was around 72.  There are so many programs running I don't know which ones to delete. He told me the operating system was infected. I tried to restart the computer using the factory settings but the computer is still slow. On top of that I get this message:

 

A configuration change was requested to clear this computer's TPM [Trusted Platform Module]. Warning: Clearing erases information stored on the TPM. You will lose all created keys and access to data encrypted by these keys. Press F12 to Clear the TPM. Press ESC to reject this change request and continue.

I have been pressing ESC for now.

 

I do get pop ups. Ad block does not help

 

I used ESET Online Scanner and No Threats found.

I have to upload the documents requested because I cannot even copy and paste the information.

Please help.

Thank you

 

EDIT: Many of our helpers will not download files that they did not specifically request that you attach... As you might guess, we have no way of knowing what might be in a downloaded file and malware creators might want to use the opportunity to infect helper's computers...  Please copy/paste your logs directly into your posts - we provide lots of room to do that and you can extend into another post if you run out of room...  Thank you...

Attached Files


Edited by Budfred, 09 February 2016 - 01:45 AM.


#2 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 09 February 2016 - 12:22 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.10586.0
Run by Raj at 13:14:16 on 2016-02-08
Microsoft Windows 10 Home  10.0.10586.0.1252.1.1033.18.3999.1884 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWOW64\esif_uf.exe
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Users\Raj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\InstallAgent.exe
svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "C:\Users\Raj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: FilterAdministratorToken = dword:1
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2310b389-72f4-4f3a-9d03-a126ed4d806f} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2310b389-72f4-4f3a-9d03-a126ed4d806f}\6496F435D27515A5F4A5D25374 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4c7ad485-3172-477f-9f37-4d7b5583c94f} : DHCPNameServer = 192.168.80.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: FilterAdministratorToken = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-8-25 1462720]
R0 IntelHSWPcc;IntelHSWPcc;C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-8-25 88256]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-5-8 20096]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-5-8 18048]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [2015-10-23 121560]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\syswow64\esif_uf.exe [2015-10-23 1394360]
R2 igfxCUIService2.0.0.0;Intel® HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-1-12 373160]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2015-8-7 207648]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AiCharger;ASUS Charger Driver;C:\WINDOWS\System32\drivers\AiCharger.sys [2015-5-25 21816]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-10-30 245248]
R3 dptf_cpu;dptf_cpu;C:\WINDOWS\System32\drivers\dptf_cpu.sys [2015-10-23 53752]
R3 esif_lf;esif_lf;C:\WINDOWS\System32\drivers\esif_lf.sys [2015-10-23 261624]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-5-13 19976]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-2-8 192216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-23 887552]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2016-1-12 607512]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-10-23 402136]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-23 4619520]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-2-8 1135416]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 ATP;ASUS Input Device;C:\WINDOWS\System32\drivers\AsusTP.sys [2015-8-23 100776]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-10-30 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-10-28 474376]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-2-8 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-2-8 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-30 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-30 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-02-08 17:59:50 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-02-08 17:59:33 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-02-08 17:59:33 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-02-08 17:59:33 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-02-08 17:59:33 -------- d-----w- C:\ProgramData\Malwarebytes
2016-02-08 17:59:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-08 17:59:14 -------- d-----w- C:\Users\Raj\AppData\Local\Programs
2016-02-08 17:47:29 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{35DA12AE-DA3A-45EA-AF7C-EB31ED70640A}\mpengine.dll
2016-02-08 17:41:31 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-02-08 17:41:31 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-02-08 05:33:37 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-02-07 05:02:26 -------- d-----w- C:\WINDOWS\System32\MRT
2016-02-07 01:46:56 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2016-02-07 01:42:20 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-02-07 01:42:20 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F3AA2E17-1630-4EC3-ACBB-5ADF20D54408}\gapaengine.dll
2016-02-07 01:41:58 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2016-02-06 22:15:09 -------- d-----w- C:\Users\Raj\AppData\Local\LogMeIn Rescue Applet
2016-02-06 03:13:19 -------- d-----w- C:\Users\Raj\AppData\Local\Comms
2016-02-06 02:40:12 -------- d-sh--we C:\ProgramData\Documents
2016-02-06 02:39:20 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2016-02-06 02:37:32 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2016-02-06 02:35:20 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2016-02-06 02:35:20 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2016-02-06 02:23:08 99848 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2016-02-06 02:23:08 103944 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2016-02-06 02:23:00 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-02-06 02:23:00 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-06 02:22:55 -------- d--h--w- C:\Intel
2016-02-06 02:22:55 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2016-02-06 02:22:02 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-02-06 02:22:00 -------- d-----w- C:\Program Files (x86)\ASUS
2016-02-06 02:18:27 -------- d-----w- C:\WINDOWS\ServiceProfiles
2016-02-06 02:18:25 -------- d-s---w- C:\WINDOWS\System32\Microsoft
2016-02-06 01:32:33 -------- d-----w- C:\WINDOWS\ASUS
2016-02-05 23:58:26 -------- d-----w- C:\Users\Raj\AppData\Local\NetworkTiles
2016-02-05 23:58:11 -------- d-----w- C:\Users\Raj\AppData\Local\MicrosoftEdge
2016-02-05 23:57:59 -------- d-----r- C:\Users\Raj\OneDrive
2016-02-05 23:56:40 -------- d-sh--w- C:\$RECYCLE.BIN
2016-02-05 23:54:35 -------- d-----w- C:\Users\Raj\AppData\Local\Publishers
2016-02-05 23:54:33 -------- d-----w- C:\Users\Raj\AppData\Local\ActiveSync
2016-02-05 23:52:20 -------- d-----w- C:\Users\Raj\AppData\Local\VirtualStore
2016-02-05 23:52:16 -------- d-----r- C:\Users\Raj\Searches
2016-02-05 23:52:15 -------- d-----r- C:\Users\Raj\Contacts
2016-02-05 23:52:11 -------- d-----w- C:\Users\Raj\AppData\Local\Packages
2016-02-05 23:52:09 165 ----a-w- C:\Users\Raj\AppData\Roaming\sp_data.sys
2016-02-05 23:52:07 -------- d-----w- C:\Users\Raj\AppData\Local\TileDataLayer
2016-02-05 23:52:06 -------- d-sh--w- C:\Users\Raj\IntelGraphicsProfiles
2016-02-05 23:50:10 -------- d-----w- C:\ProgramData\USBChargerPlus
2016-02-05 23:50:05 -------- d-----w- C:\ProgramData\ASUS Smart Gesture
2016-02-05 22:19:13 -------- dc----w- C:\WINDOWS\Panther
2016-02-05 22:19:13 -------- d-----w- C:\WINDOWS\InfusedApps
2016-02-05 22:18:47 -------- d-----w- C:\Windows.old
2016-02-05 22:18:06 -------- d-----w- C:\WINDOWS\SysWow64\sda
2016-02-05 22:18:06 -------- d-----w- C:\ProgramData\SetupTPDriver
2016-02-05 22:17:24 -------- d-----w- C:\WINDOWS\Setup
2016-02-05 22:16:22 -------- d-----w- C:\WINDOWS\OCR
2016-02-05 22:11:16 209408 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2016-02-05 22:10:45 -------- d-----w- C:\WINDOWS\System32\drivers
2016-02-05 22:09:35 -------- d-----w- C:\WINDOWS\INF
2016-02-05 22:03:29 -------- d-----w- C:\WINDOWS\CbsTemp
.
==================== Find3M  ====================
.
2016-02-05 22:08:46 230912 ----a-w- C:\WINDOWS\System32\msclmd.dll
2016-01-13 03:40:01 626696 ----a-w- C:\WINDOWS\System32\MetroIntelGenericUIFramework.dll
2016-01-13 03:40:00 99848 ----a-w- C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll
2016-01-13 03:40:00 535968 ----a-w- C:\WINDOWS\System32\IntelWiDiUMS64.exe
2016-01-13 03:40:00 415752 ----a-w- C:\WINDOWS\System32\IntelOpenCL64.dll
2016-01-13 03:40:00 350224 ----a-w- C:\WINDOWS\System32\IntelWiDiMCComp64.dll
2016-01-13 03:40:00 318472 ----a-w- C:\WINDOWS\SysWow64\IntelOpenCL32.dll
2016-01-13 03:40:00 103944 ----a-w- C:\WINDOWS\SysWow64\Intel_OpenCL_ICD32.dll
2016-01-13 00:40:10 56952 ----a-w- C:\WINDOWS\System32\ASGCoInstaller_x64.dll
.
============= FINISH: 13:15:43.04 ===============


#3 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 09 February 2016 - 12:23 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2/8/2016
Scan Time: 1:00 PM
Logfile: malwarebytes anti-malware home.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.02.08.03
Rootkit Database: v2016.01.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Raj
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332006
Time Elapsed: 20 min, 53 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 09 February 2016 - 12:24 PM

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbam.exe  
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 10 February 2016 - 06:30 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 

When I clicked on the windows 10 internet explorer I got a warning signal requesting me to contact the windows support team.
BSOD: dllRegisterSetting has detected the error code 0x80060402. Window's Defender Error Code: 0x80016CFA. Stop: 0x0000007B INACCESSIBLE_BOOT_DEVICE
Error Code 0x800610A3 while starting Window's Defender due to Malware Activity.
Window's Defender time out error code: 0x000B0043
Error code 0x800610A3 unauthorized access to registry dll


The request to contact the windows support team is a hack.
Microsoft never ask to contact them for problems.

===

I need more information.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Please post the logs.

Wait for further information.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 11 February 2016 - 01:08 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Raj (administrator) on LAPTOP-TJ70V1DO (11-02-2016 13:31:32)
Running from C:\Users\Raj\Downloads
Loaded Profiles: Raj (Available Profiles: Raj)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Intel Corporation) C:\Windows\syswow64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_95e4f9a171a1ad95\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKU\S-1-5-21-3460043397-847619879-3896516206-1001\...\RunOnce: [Uninstall C:\Users\Raj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Raj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3460043397-847619879-3896516206-1001\...\RunOnce: [Uninstall C:\Users\Raj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Raj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2310b389-72f4-4f3a-9d03-a126ed4d806f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4c7ad485-3172-477f-9f37-4d7b5583c94f}: [DhcpNameServer] 192.168.80.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3460043397-847619879-3896516206-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3460043397-847619879-3896516206-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3460043397-847619879-3896516206-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3460043397-847619879-3896516206-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-20] ()
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2016-01-12] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-16] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-16] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-25] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-28] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-14] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [607512 2016-01-12] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4619520 2015-07-21] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-11 13:31 - 2016-02-11 13:32 - 00008043 _____ C:\Users\Raj\Downloads\FRST.txt
2016-02-11 13:31 - 2016-02-11 13:31 - 02370560 _____ (Farbar) C:\Users\Raj\Downloads\FRST64.exe
2016-02-11 13:31 - 2016-02-11 13:31 - 00000000 ____D C:\FRST
2016-02-11 13:08 - 2016-02-11 13:11 - 01508352 _____ C:\Users\Raj\Downloads\adwcleaner_5.033.exe
2016-02-11 13:00 - 2016-02-11 13:00 - 00000693 _____ C:\Users\Raj\Desktop\AdwCleaner[S1].txt
2016-02-11 12:43 - 2016-02-11 13:27 - 00000000 ____D C:\AdwCleaner
2016-02-08 13:25 - 2016-02-11 13:15 - 00000000 ____D C:\Users\Raj\AppData\Local\FSDART
2016-02-08 13:25 - 2016-02-08 13:27 - 00000000 ____D C:\ProgramData\F-Secure
2016-02-08 13:25 - 2016-02-08 13:25 - 00000000 ____D C:\Users\Raj\AppData\Local\F-Secure
2016-02-08 13:22 - 2016-02-08 18:23 - 00001062 _____ C:\Users\Raj\Desktop\malwarebytes anti-malware home.txt
2016-02-08 13:22 - 2016-02-08 18:23 - 00000752 _____ C:\Users\Raj\Desktop\checkup.txt
2016-02-08 13:15 - 2016-02-08 18:23 - 00023892 _____ C:\Users\Raj\Desktop\dds.txt
2016-02-08 13:15 - 2016-02-08 18:23 - 00009709 _____ C:\Users\Raj\Desktop\attach.txt
2016-02-08 12:59 - 2016-02-08 13:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-08 12:59 - 2016-02-08 12:59 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-08 12:59 - 2016-02-08 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-08 12:59 - 2016-02-08 12:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-08 12:59 - 2016-02-08 12:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-08 12:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-08 12:59 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-08 12:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-08 12:41 - 2016-02-03 14:01 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-08 12:41 - 2016-02-03 14:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-08 12:35 - 2016-02-08 12:35 - 00240964 _____ C:\WINDOWS\ntbtlog.txt
2016-02-08 12:28 - 2016-02-08 12:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-07 00:02 - 2016-02-11 13:30 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-07 00:02 - 2016-02-11 13:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-06 20:46 - 2016-02-06 20:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-06 20:41 - 2015-12-08 22:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-02-06 17:16 - 2016-02-06 17:16 - 00000248 _____ C:\rescue.info
2016-02-06 17:15 - 2016-02-06 20:30 - 00000000 ____D C:\Users\Raj\AppData\Local\LogMeIn Rescue Applet
2016-02-06 17:00 - 2016-02-06 17:00 - 00000000 ____D C:\Users\Raj\AppData\Roaming\Macromedia
2016-02-05 22:13 - 2016-02-05 22:13 - 00000000 ____D C:\Users\Raj\AppData\Local\Comms
2016-02-05 22:01 - 2016-02-11 12:41 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1868F30-65E8-420D-8AE2-9D27AD00E3EF}
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\Default User
2016-02-05 21:40 - 2016-02-05 21:40 - 00000000 _SHDL C:\Users\All Users
2016-02-05 21:39 - 2016-02-05 21:39 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-02-05 21:37 - 2015-10-30 02:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-05 21:35 - 2016-02-11 13:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-05 21:33 - 2016-02-05 21:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-05 21:28 - 2016-02-05 21:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-02-05 21:23 - 2016-02-11 13:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-05 21:23 - 2016-02-05 21:23 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-02-05 21:23 - 2016-01-12 22:40 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-02-05 21:23 - 2016-01-12 22:40 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-02-05 21:22 - 2016-02-05 21:28 - 00000000 ___HD C:\Intel
2016-02-05 21:22 - 2016-02-05 21:28 - 00000000 ____D C:\Program Files\Intel
2016-02-05 21:22 - 2016-02-05 21:28 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-02-05 21:18 - 2016-02-11 13:15 - 00189016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-05 21:18 - 2016-02-05 21:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-05 20:32 - 2016-02-05 21:32 - 00000000 ____D C:\WINDOWS\ASUS
2016-02-05 20:32 - 2016-02-05 20:32 - 00000000 ____H C:\Recovery.txt
2016-02-05 18:58 - 2016-02-05 18:58 - 00000000 ____D C:\Users\Raj\AppData\Local\NetworkTiles
2016-02-05 18:58 - 2016-02-05 18:58 - 00000000 ____D C:\Users\Raj\AppData\Local\MicrosoftEdge
2016-02-05 18:57 - 2016-02-11 13:19 - 00002357 _____ C:\Users\Raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 18:57 - 2016-02-11 13:19 - 00000000 ___RD C:\Users\Raj\OneDrive
2016-02-05 18:54 - 2016-02-05 18:54 - 00000000 ____D C:\Users\Raj\AppData\Local\Publishers
2016-02-05 18:54 - 2016-02-05 18:54 - 00000000 ____D C:\Users\Raj\AppData\Local\ActiveSync
2016-02-05 18:52 - 2016-02-11 13:19 - 00000165 _____ C:\Users\Raj\AppData\Roaming\sp_data.sys
2016-02-05 18:52 - 2016-02-11 13:17 - 00000000 __SHD C:\Users\Raj\IntelGraphicsProfiles
2016-02-05 18:52 - 2016-02-08 13:23 - 00000000 ____D C:\Users\Raj\AppData\Local\Packages
2016-02-05 18:52 - 2016-02-08 12:43 - 00000000 ____D C:\Users\Raj\AppData\Local\VirtualStore
2016-02-05 18:52 - 2016-02-05 18:52 - 00000000 ____D C:\Users\Raj\AppData\Roaming\Adobe
2016-02-05 18:52 - 2016-02-05 18:52 - 00000000 ____D C:\Users\Raj\AppData\Local\TileDataLayer
2016-02-05 18:51 - 2016-02-05 18:57 - 00000000 ____D C:\Users\Raj
2016-02-05 18:51 - 2016-02-05 18:51 - 00000020 ___SH C:\Users\Raj\ntuser.ini
2016-02-05 18:51 - 2016-02-05 18:51 - 00000000 _SHDL C:\Users\Raj\My Documents
2016-02-05 18:51 - 2016-02-05 18:51 - 00000000 _SHDL C:\Users\Raj\Documents\My Videos
2016-02-05 18:51 - 2016-02-05 18:51 - 00000000 _SHDL C:\Users\Raj\Documents\My Pictures
2016-02-05 18:51 - 2016-02-05 18:51 - 00000000 _SHDL C:\Users\Raj\Documents\My Music
2016-02-05 18:50 - 2016-02-05 18:52 - 00000000 ____D C:\ProgramData\USBChargerPlus
2016-02-05 18:50 - 2016-02-05 18:52 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-02-05 17:19 - 2016-02-05 18:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-05 17:19 - 2016-02-05 17:19 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-02-05 17:18 - 2016-02-05 17:18 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-05 17:18 - 2016-02-05 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-02-05 17:18 - 2016-02-05 17:18 - 00000000 ____D C:\ProgramData\SetupTPDriver
2016-02-05 17:17 - 2016-02-05 17:17 - 00000000 ____D C:\WINDOWS\Setup
2016-02-05 17:16 - 2016-02-05 17:16 - 00000000 ____D C:\WINDOWS\OCR
2016-02-05 17:16 - 2016-02-05 17:16 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-05 17:16 - 2016-02-05 17:16 - 00000000 ____D C:\Program Files\MSBuild
2016-02-05 17:16 - 2016-02-05 17:16 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-05 17:16 - 2016-02-05 17:16 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\0409
2016-02-05 17:15 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-02-05 17:11 - 2016-02-11 13:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-05 17:11 - 2016-02-11 13:13 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-05 17:11 - 2016-02-11 12:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-05 17:11 - 2016-02-11 12:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-05 17:11 - 2016-02-08 13:20 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-02-05 17:11 - 2016-02-06 17:02 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-05 17:11 - 2016-02-05 22:12 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-05 17:11 - 2016-02-05 21:41 - 00000000 ____D C:\WINDOWS\rescache
2016-02-05 17:11 - 2016-02-05 21:40 - 00000000 ____D C:\WINDOWS\Registration
2016-02-05 17:11 - 2016-02-05 21:39 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-05 17:11 - 2016-02-05 21:32 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-05 17:11 - 2016-02-05 21:30 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-05 17:11 - 2016-02-05 21:30 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-05 17:11 - 2016-02-05 21:25 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-05 17:11 - 2016-02-05 20:32 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-05 17:11 - 2016-02-05 18:53 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-05 17:11 - 2016-02-05 18:53 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\setup
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\system32\Com
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\IME
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\Help
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-05 17:11 - 2016-02-05 17:15 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 __RSD C:\WINDOWS\Media
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Web
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Vss
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\tracing
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\TAPI
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SystemResources
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SystemApps
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\ras
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\IME
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\ias
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\System
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SKB
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\ShellNew
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\security
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\schemas
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\SchCache
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Resources
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\PLA
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Performance
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\InputMethod
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Globalization
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Cursors
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\Branding
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\addins
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\ProgramData\Comms
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files\Windows NT
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files\Common Files\Services
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-02-05 17:11 - 2016-02-05 17:11 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-02-05 17:11 - 2016-02-05 17:08 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-02-05 17:11 - 2016-02-05 17:08 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-02-05 17:11 - 2016-02-05 17:08 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-02-05 17:11 - 2016-02-05 17:08 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-02-05 17:11 - 2016-02-05 17:08 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-02-05 17:11 - 2016-02-05 17:08 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-02-05 17:11 - 2016-02-05 17:08 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-02-05 17:11 - 2016-02-05 17:08 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-02-05 17:11 - 2016-02-05 17:08 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-02-05 17:11 - 2016-02-05 17:08 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-02-05 17:11 - 2016-02-05 17:08 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-02-05 17:11 - 2016-02-05 17:08 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-02-05 17:11 - 2016-02-05 17:08 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-02-05 17:11 - 2016-02-05 17:08 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-02-05 17:09 - 2016-02-11 13:28 - 00000000 ____D C:\WINDOWS\INF
2016-02-05 17:03 - 2016-02-11 13:29 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-05 17:00 - 2015-10-30 01:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-02-05 16:59 - 2016-02-11 13:15 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-05 16:59 - 2016-02-05 18:48 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-05 16:59 - 2016-02-05 17:15 - 00000000 ____D C:\WINDOWS\servicing
2016-02-05 16:59 - 2016-02-05 17:11 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-01-31 18:50 - 2016-02-05 20:32 - 00000000 ___HD C:\$SysReset
2016-01-28 13:28 - 2016-01-16 01:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 13:28 - 2016-01-16 01:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 13:28 - 2016-01-16 00:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-28 13:27 - 2016-01-16 01:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 13:27 - 2016-01-16 01:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 13:27 - 2016-01-16 01:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 13:27 - 2016-01-16 01:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 13:27 - 2016-01-16 01:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 13:27 - 2016-01-16 01:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 13:27 - 2016-01-16 01:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 13:27 - 2016-01-16 01:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 13:27 - 2016-01-16 01:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 13:27 - 2016-01-16 01:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 13:27 - 2016-01-16 01:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-28 13:27 - 2016-01-16 01:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 13:27 - 2016-01-16 01:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-28 13:27 - 2016-01-16 01:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 13:27 - 2016-01-16 01:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 13:27 - 2016-01-16 01:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 13:27 - 2016-01-16 01:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 13:27 - 2016-01-16 01:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 13:27 - 2016-01-16 01:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-28 13:27 - 2016-01-16 01:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-28 13:27 - 2016-01-16 01:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-28 13:27 - 2016-01-16 01:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-28 13:27 - 2016-01-16 01:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 13:27 - 2016-01-16 01:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 13:27 - 2016-01-16 01:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 13:27 - 2016-01-16 01:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 13:27 - 2016-01-16 00:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 13:27 - 2016-01-16 00:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 13:27 - 2016-01-16 00:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 13:27 - 2016-01-16 00:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 13:27 - 2016-01-16 00:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 13:27 - 2016-01-16 00:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 13:27 - 2016-01-16 00:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 13:27 - 2016-01-16 00:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 13:27 - 2016-01-16 00:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 13:27 - 2016-01-16 00:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-28 13:27 - 2016-01-16 00:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 13:27 - 2016-01-16 00:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 13:27 - 2016-01-16 00:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 13:27 - 2016-01-16 00:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 13:27 - 2016-01-16 00:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 13:27 - 2016-01-16 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 13:27 - 2016-01-16 00:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 13:27 - 2016-01-16 00:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 13:27 - 2016-01-16 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 13:27 - 2016-01-16 00:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 13:27 - 2016-01-16 00:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 13:27 - 2016-01-16 00:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 13:27 - 2016-01-16 00:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 13:27 - 2016-01-16 00:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 13:27 - 2016-01-16 00:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 13:27 - 2016-01-16 00:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 13:27 - 2016-01-16 00:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 13:27 - 2016-01-16 00:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 13:27 - 2016-01-16 00:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 13:27 - 2016-01-16 00:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 13:27 - 2016-01-16 00:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 13:27 - 2016-01-16 00:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 13:27 - 2016-01-16 00:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 13:27 - 2016-01-16 00:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 13:27 - 2016-01-16 00:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 13:27 - 2016-01-16 00:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 13:27 - 2016-01-16 00:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 13:27 - 2016-01-16 00:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 13:27 - 2016-01-16 00:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-28 13:27 - 2016-01-16 00:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 13:27 - 2016-01-16 00:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 13:27 - 2016-01-16 00:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 13:27 - 2016-01-16 00:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 13:27 - 2016-01-16 00:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 13:27 - 2016-01-16 00:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 13:27 - 2016-01-16 00:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 13:27 - 2016-01-16 00:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-28 13:27 - 2016-01-16 00:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 13:27 - 2016-01-16 00:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 13:27 - 2016-01-16 00:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 13:27 - 2016-01-16 00:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 13:27 - 2016-01-16 00:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 13:27 - 2016-01-16 00:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 13:27 - 2016-01-16 00:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 13:27 - 2016-01-16 00:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-28 13:27 - 2016-01-16 00:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 13:27 - 2016-01-16 00:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 13:27 - 2016-01-16 00:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 13:27 - 2016-01-16 00:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 13:27 - 2016-01-16 00:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 13:27 - 2016-01-16 00:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-28 13:27 - 2016-01-16 00:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 13:27 - 2016-01-16 00:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 13:27 - 2016-01-16 00:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 13:27 - 2016-01-16 00:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 13:27 - 2016-01-16 00:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 13:27 - 2016-01-16 00:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 13:27 - 2016-01-16 00:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 13:27 - 2016-01-16 00:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-28 13:27 - 2016-01-16 00:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 13:27 - 2016-01-16 00:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 13:27 - 2016-01-16 00:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 13:27 - 2016-01-16 00:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 13:27 - 2016-01-16 00:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 13:27 - 2016-01-16 00:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 13:27 - 2016-01-16 00:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 13:27 - 2016-01-16 00:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 13:27 - 2016-01-16 00:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 13:27 - 2016-01-16 00:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 13:27 - 2016-01-16 00:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 13:27 - 2016-01-16 00:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-28 13:27 - 2016-01-16 00:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 13:27 - 2016-01-16 00:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 13:27 - 2016-01-16 00:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 13:27 - 2016-01-16 00:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 13:27 - 2016-01-16 00:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-28 13:27 - 2016-01-16 00:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 13:27 - 2016-01-16 00:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 13:27 - 2016-01-16 00:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 13:27 - 2016-01-16 00:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 13:27 - 2016-01-16 00:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 13:27 - 2016-01-16 00:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 13:27 - 2016-01-16 00:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 13:27 - 2016-01-16 00:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 13:27 - 2016-01-16 00:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-01-19 11:13 - 2016-01-19 11:13 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-19 11:13 - 2016-01-19 11:13 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-19 11:13 - 2016-01-19 11:13 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-19 11:13 - 2016-01-19 11:13 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-19 11:13 - 2016-01-19 11:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-19 11:13 - 2016-01-19 11:13 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-19 11:12 - 2016-01-19 11:12 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-01-19 11:12 - 2016-01-19 11:12 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-19 11:12 - 2016-01-19 11:12 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-19 11:12 - 2016-01-19 11:12 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-19 11:12 - 2016-01-19 11:12 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-19 11:12 - 2016-01-19 11:12 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-19 11:12 - 2016-01-19 11:12 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-19 11:12 - 2016-01-19 11:12 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-19 11:12 - 2016-01-19 11:12 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00791552 _____

#7 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 11 February 2016 - 01:10 PM

# AdwCleaner v5.033 - Logfile created 11/02/2016 at 13:12:26
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Raj - LAPTOP-TJ70V1DO
# Running from : C:\Users\Raj\Downloads\adwcleaner_5.033.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [664 bytes] ##########
 

Attached Files



#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 11 February 2016 - 01:12 PM

Please post the Addition.txt file that was created with the Farbar tool.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 11 February 2016 - 02:52 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Raj (2016-02-11 13:32:38)
Running from C:\Users\Raj\Downloads
Windows 10 Home (X64) (2016-02-05 23:48:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3460043397-847619879-3896516206-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3460043397-847619879-3896516206-503 - Limited - Disabled)
Guest (S-1-5-21-3460043397-847619879-3896516206-501 - Limited - Disabled)
Raj (S-1-5-21-3460043397-847619879-3896516206-1001 - Administrator - Enabled) => C:\Users\Raj
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.875.080715 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3460043397-847619879-3896516206-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Raj\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1029E2AA-119D-4064-9EAC-4E6A258EEFD0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {182A4B71-2793-4C6A-A207-5008189C938C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
Task: {2011FE87-645D-46D1-831F-59F5E34DF840} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {5CA15D1F-CF9B-4E59-BE60-04774A36A5E7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {61109D1E-5CC8-4889-93C8-9CCE68D8AD13} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {7187CA0F-A2FD-423F-B83D-0F53FD7F0DF2} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {7BA25DD2-1BF9-4327-82DB-4E365ED58DD5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-06-09] (ASUS)
Task: {7FACBEB6-2DA5-4056-9781-573D1D455B5D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {8EFBC5A0-4A0D-480D-A2BC-06C7106283A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-23 20:19 - 2015-07-20 21:19 - 00121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-08 17:40 - 2016-02-08 17:40 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-12 22:39 - 2016-01-12 22:39 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-19 11:12 - 2016-01-19 11:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 13:27 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 13:27 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-19 11:12 - 2016-01-19 11:12 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-02-08 17:40 - 2016-02-08 17:40 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-08 17:40 - 2016-02-08 17:40 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-06-09 22:25 - 2015-06-09 22:25 - 00035376 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-06-09 22:25 - 2015-06-09 22:25 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 06:04 - 2015-07-10 06:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3460043397-847619879-3896516206-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Signature\Signature01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
 
==================== Restore Points =========================
 
07-02-2016 00:01:16 Windows Update
07-02-2016 00:01:53 Windows Update
11-02-2016 13:27:29 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/11/2016 01:30:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (02/11/2016 01:27:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/11/2016 01:18:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-TJ70V1DO)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/11/2016 01:18:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.10586.63, time stamp: 0x568b1fdc
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.71, time stamp: 0x5699d8e0
Exception code: 0xc000027b
Fault offset: 0x00000000006fce8b
Faulting process id: 0x924
Faulting application start time: 0xSearchUI.exe0
Faulting application path: SearchUI.exe1
Faulting module path: SearchUI.exe2
Report Id: SearchUI.exe3
Faulting package full name: SearchUI.exe4
Faulting package-relative application ID: SearchUI.exe5
 
Error: (02/08/2016 01:30:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (02/08/2016 01:30:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (02/08/2016 01:24:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (02/08/2016 01:24:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (02/08/2016 01:24:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (02/08/2016 12:59:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-TJ70V1DO)
Description: Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009280 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (02/11/2016 01:20:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}
 
Error: (02/11/2016 01:15:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (02/11/2016 01:15:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (02/11/2016 01:12:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
 
Error: (02/11/2016 01:12:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_70aed service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/11/2016 01:12:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_70aed service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/11/2016 01:12:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_70aed service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/11/2016 01:12:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_70aed service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (02/11/2016 01:12:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/11/2016 01:12:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
CodeIntegrity:
===================================
  Date: 2016-02-11 13:17:20.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-09 04:36:52.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-08 12:41:28.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-07 00:03:27.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-02-05 21:21:41.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-5010U CPU @ 2.10GHz
Percentage of memory in use: 46%
Total physical RAM: 3998.71 MB
Available physical RAM: 2133.13 MB
Total Virtual: 5406.71 MB
Available Virtual: 3481.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465 GB) (Free:440.28 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CB496E90)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 12 February 2016 - 06:43 AM


Your logs are clean.

This problem is not caused by malware. This is not my forte.

I suggest you start a new topic in the Windows 10 Forum.
An expert should be able to advise you on how to proceed.
http://www.bleepingc...ows-10-support/

You can also check with the Asus community.
https://vip.asus.com/forum/


p.s.
I did find a few links that may interest you.

http://www.techpower...-on-not.218795/

Do the F12 at your own risk.

===

Good luck.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#11 araj08

araj08

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 12 February 2016 - 10:38 AM

thank you



#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 21 February 2016 - 06:16 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button