1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

[Solved] Possible Infection or glitch

Discussion in 'Malware Removal Help' started by Rustys, Mar 30, 2016.

  1. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    IE 11 on our windows seven system has been acting really glitch lately. We want to check for infection before we look at other just to rule that out.

    Have already done the reset to IE and no help.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 3/30/2016
    Scan Time: 12:47 PM
    Logfile:
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.03.30.07
    Rootkit Database: v2016.03.30.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Loretta

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 546945
    Time Elapsed: 1 hr, 38 min, 36 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  2. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01

    Ran by Loretta (administrator) on LORETTA-PC (30-03-2016 14:37:24)

    Running from C:\Users\Loretta\Desktop

    Loaded Profiles: Loretta (Available Profiles: Loretta)

    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

    Internet Explorer Version 11 (Default browser: IE)

    Boot Mode: Normal

    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe

    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

    (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe

    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

    (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

    (Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe

    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

    (AMD) C:\Windows\System32\atieclxx.exe

    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

    (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe



    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems Incorporated)

    HKU\S-1-5-21-185604243-1747783858-1897388037-1004\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [380928 2009-05-16] (AMD)

    HKU\S-1-5-21-185604243-1747783858-1897388037-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    Tcpip\..\Interfaces\{60B2E9D3-5096-4D7E-8F51-C32C9B751A09}: [DhcpNameServer] 75.75.75.75 75.75.76.76

    Internet Explorer:

    ==================

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

    HKU\S-1-5-21-185604243-1747783858-1897388037-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

    SearchScopes: HKU\S-1-5-21-185604243-1747783858-1897388037-1004 -> DefaultScope {278238AF-3F59-4AEA-A558-A528CCA45C9B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

    SearchScopes: HKU\S-1-5-21-185604243-1747783858-1897388037-1004 -> {278238AF-3F59-4AEA-A558-A528CCA45C9B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

    DPF: HKLM-x32 {28AF57CC-DD0B-4166-92C3-5F8F7F8C8ABA} hxxp://www.digitalworkshop.com/OpusPlugins/ilm500.cab

    DPF: HKLM-x32 {49232000-16E4-426C-A231-62846947304B} hxxps://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab

    DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}

    DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

    DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab

    DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

    DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    FireFox:

    ========

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)

    S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-02-05] (Creative Labs) [File not signed]

    S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2009-11-03] (Creative Labs) [File not signed]

    R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]

    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

    R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]

    S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

    S4 Net Driver HPZ12; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

    S4 Net Driver HPZ12; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

    S4 Pml Driver HPZ12; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

    S4 Pml Driver HPZ12; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)

    R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)

    S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)

    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

    S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] ()

    S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [168968 2015-10-12] (Windows (R) Win 7 DDK provider)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-03-30 14:37 - 2016-03-30 14:37 - 00007866 ____C C:\Users\Loretta\Desktop\FRST.txt

    2016-03-30 14:37 - 2016-03-30 14:37 - 00000000 ____D C:\FRST

    2016-03-30 14:35 - 2016-03-30 14:35 - 00770080 _____ C:\Windows\system32\FNTCACHE.DAT

    2016-03-30 14:30 - 2016-03-30 14:31 - 03102720 ____C C:\Users\Loretta\Desktop\adwcleaner_5.108.exe

    2016-03-30 14:29 - 2016-03-30 14:34 - 00000000 ____D C:\AdwCleaner

    2016-03-30 12:46 - 2016-03-30 12:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

    2016-03-30 12:45 - 2016-03-30 12:45 - 00001064 ____C C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

    2016-03-30 12:45 - 2016-03-30 12:45 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

    2016-03-30 12:45 - 2016-03-30 12:45 - 00000000 ___DC C:\ProgramData\Malwarebytes

    2016-03-30 12:45 - 2016-03-30 12:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

    2016-03-30 12:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

    2016-03-30 12:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

    2016-03-30 12:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

    2016-03-30 12:36 - 2016-03-30 12:36 - 02374144 ____C (Farbar) C:\Users\Loretta\Desktop\FRST64.exe

    2016-03-30 12:35 - 2016-03-30 12:35 - 22851472 ____C (Malwarebytes ) C:\Users\Loretta\Desktop\mbam-setup-2.2.1.1043.exe

    2016-03-28 14:49 - 2016-03-28 14:49 - 06868672 ____C (Piriform Ltd) C:\Users\Loretta\Downloads\ccsetup516.exe

    2016-03-18 14:49 - 2016-03-18 14:49 - 02192776 ____C C:\Users\Loretta\Downloads\The Most Useful Keyboard Shortcuts for Popular Services.pdf

    2016-03-08 19:54 - 2016-02-11 12:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

    2016-03-08 19:54 - 2016-02-11 12:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

    2016-03-08 19:54 - 2016-02-11 12:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

    2016-03-08 19:54 - 2016-02-11 12:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

    2016-03-08 19:54 - 2016-02-11 12:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

    2016-03-08 19:54 - 2016-02-11 12:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

    2016-03-08 19:54 - 2016-02-11 12:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

    2016-03-08 19:54 - 2016-02-11 12:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

    2016-03-08 19:54 - 2016-02-11 12:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

    2016-03-08 19:54 - 2016-02-11 12:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

    2016-03-08 19:54 - 2016-02-09 00:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

    2016-03-08 19:54 - 2016-02-09 00:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

    2016-03-08 19:54 - 2016-02-08 15:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

    2016-03-08 19:54 - 2016-02-08 14:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

    2016-03-08 19:54 - 2016-02-08 14:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

    2016-03-08 19:54 - 2016-02-08 14:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

    2016-03-08 19:54 - 2016-02-08 14:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

    2016-03-08 19:54 - 2016-02-08 14:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

    2016-03-08 19:54 - 2016-02-08 14:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

    2016-03-08 19:54 - 2016-02-08 14:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

    2016-03-08 19:54 - 2016-02-08 14:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

    2016-03-08 19:54 - 2016-02-08 14:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

    2016-03-08 19:54 - 2016-02-08 14:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

    2016-03-08 19:54 - 2016-02-08 14:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

    2016-03-08 19:54 - 2016-02-08 14:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

    2016-03-08 19:54 - 2016-02-08 14:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

    2016-03-08 19:54 - 2016-02-08 14:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

    2016-03-08 19:54 - 2016-02-08 14:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

    2016-03-08 19:54 - 2016-02-08 14:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

    2016-03-08 19:54 - 2016-02-08 14:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

    2016-03-08 19:54 - 2016-02-08 14:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

    2016-03-08 19:54 - 2016-02-08 14:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

    2016-03-08 19:54 - 2016-02-08 14:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

    2016-03-08 19:54 - 2016-02-08 14:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

    2016-03-08 19:54 - 2016-02-08 14:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

    2016-03-08 19:54 - 2016-02-08 14:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

    2016-03-08 19:54 - 2016-02-08 14:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

    2016-03-08 19:54 - 2016-02-08 14:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

    2016-03-08 19:54 - 2016-02-08 14:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

    2016-03-08 19:54 - 2016-02-08 14:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

    2016-03-08 19:54 - 2016-02-08 13:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

    2016-03-08 19:54 - 2016-02-08 13:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

    2016-03-08 19:54 - 2016-02-08 13:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

    2016-03-08 19:54 - 2016-02-08 12:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

    2016-03-08 19:54 - 2016-02-08 12:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

    2016-03-08 19:54 - 2016-02-08 12:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

    2016-03-08 19:54 - 2016-02-08 12:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

    2016-03-08 19:54 - 2016-02-08 12:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

    2016-03-08 19:54 - 2016-02-08 12:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

    2016-03-08 19:54 - 2016-02-08 12:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

    2016-03-08 19:54 - 2016-02-08 12:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

    2016-03-08 19:54 - 2016-02-08 12:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

    2016-03-08 19:54 - 2016-02-08 12:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

    2016-03-08 19:54 - 2016-02-08 12:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

    2016-03-08 19:54 - 2016-02-08 12:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

    2016-03-08 19:54 - 2016-02-08 12:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

    2016-03-08 19:54 - 2016-02-08 12:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

    2016-03-08 19:54 - 2016-02-08 12:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

    2016-03-08 19:54 - 2016-02-08 12:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

    2016-03-08 19:54 - 2016-02-08 12:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

    2016-03-08 19:54 - 2016-02-08 12:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

    2016-03-08 19:54 - 2016-02-08 11:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

    2016-03-08 19:54 - 2016-02-08 11:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

    2016-03-08 19:54 - 2016-02-08 11:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

    2016-03-08 19:54 - 2016-02-08 11:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

    2016-03-08 19:54 - 2016-02-08 11:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

    2016-03-08 19:54 - 2016-02-08 11:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

    2016-03-08 19:54 - 2016-02-08 11:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

    2016-03-08 19:54 - 2016-02-08 11:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

    2016-03-08 19:54 - 2016-02-08 11:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

    2016-03-08 19:54 - 2016-02-08 11:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

    2016-03-08 19:54 - 2016-02-08 11:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

    2016-03-08 19:54 - 2016-02-08 11:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

    2016-03-08 19:54 - 2016-02-08 11:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

    2016-03-08 19:54 - 2016-02-08 11:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

    2016-03-08 19:54 - 2016-02-08 10:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

    2016-03-08 19:54 - 2016-02-04 11:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    2016-03-08 19:54 - 2016-02-03 12:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

    2016-03-08 19:54 - 2016-02-03 12:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll

    2016-03-08 19:54 - 2016-02-03 12:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

    2016-03-08 19:54 - 2016-02-03 12:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll

    2016-03-08 19:54 - 2016-02-03 12:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

    2016-03-08 19:53 - 2016-02-11 12:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

    2016-03-08 19:53 - 2016-02-11 12:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

    2016-03-08 19:53 - 2016-02-11 12:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

    2016-03-08 19:53 - 2016-02-11 12:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

    2016-03-08 19:53 - 2016-02-11 12:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

    2016-03-08 19:53 - 2016-02-11 12:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

    2016-03-08 19:53 - 2016-02-11 12:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

    2016-03-08 19:53 - 2016-02-11 12:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

    2016-03-08 19:53 - 2016-02-11 12:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

    2016-03-08 19:53 - 2016-02-11 12:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

    2016-03-08 19:53 - 2016-02-11 12:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

    2016-03-08 19:53 - 2016-02-11 12:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

    2016-03-08 19:53 - 2016-02-11 12:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

    2016-03-08 19:53 - 2016-02-11 12:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

    2016-03-08 19:53 - 2016-02-11 12:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

    2016-03-08 19:53 - 2016-02-11 12:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

    2016-03-08 19:53 - 2016-02-11 12:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

    2016-03-08 19:53 - 2016-02-11 12:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

    2016-03-08 19:53 - 2016-02-11 12:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

    2016-03-08 19:53 - 2016-02-11 12:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

    2016-03-08 19:53 - 2016-02-11 12:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

    2016-03-08 19:53 - 2016-02-11 12:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

    2016-03-08 19:53 - 2016-02-11 12:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

    2016-03-08 19:53 - 2016-02-11 12:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

    2016-03-08 19:53 - 2016-02-11 12:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 12:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 11:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

    2016-03-08 19:53 - 2016-02-11 11:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

    2016-03-08 19:53 - 2016-02-11 11:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

    2016-03-08 19:53 - 2016-02-11 11:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

    2016-03-08 19:53 - 2016-02-11 11:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

    2016-03-08 19:53 - 2016-02-11 11:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

    2016-03-08 19:53 - 2016-02-11 11:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

    2016-03-08 19:53 - 2016-02-11 11:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

    2016-03-08 19:53 - 2016-02-11 11:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

    2016-03-08 19:53 - 2016-02-11 11:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

    2016-03-08 19:53 - 2016-02-11 11:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

    2016-03-08 19:53 - 2016-02-11 11:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

    2016-03-08 19:53 - 2016-02-11 11:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

    2016-03-08 19:53 - 2016-02-11 11:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

    2016-03-08 19:53 - 2016-02-11 11:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 11:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

    2016-03-08 19:53 - 2016-02-09 03:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

    2016-03-08 19:53 - 2016-02-09 03:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

    2016-03-08 19:53 - 2016-02-09 03:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

    2016-03-08 19:53 - 2016-02-09 03:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

    2016-03-08 19:53 - 2016-02-09 03:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll

    2016-03-08 19:53 - 2016-02-09 03:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

    2016-03-08 19:53 - 2016-02-09 03:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

    2016-03-08 19:53 - 2016-02-09 03:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

    2016-03-08 19:53 - 2016-02-09 03:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

    2016-03-08 19:53 - 2016-02-09 03:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

    2016-03-08 19:53 - 2016-02-09 03:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

    2016-03-08 19:53 - 2016-02-05 12:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

    2016-03-08 19:53 - 2016-02-05 12:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

    2016-03-08 19:53 - 2016-02-05 12:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

    2016-03-08 19:53 - 2016-02-05 12:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

    2016-03-08 19:53 - 2016-02-05 12:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

    2016-03-08 19:53 - 2016-02-05 12:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

    2016-03-08 19:53 - 2016-02-05 12:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

    2016-03-08 19:53 - 2016-02-05 11:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

    2016-03-08 19:53 - 2016-02-05 11:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

    2016-03-08 19:53 - 2016-02-05 11:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

    2016-03-08 19:53 - 2016-02-04 19:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll

    2016-03-08 19:53 - 2016-02-04 12:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

    2016-03-05 01:25 - 2016-03-05 01:26 - 02487978 ____C C:\Users\Loretta\Downloads\Cyber Security Assessment Netherlands 2015.pdf

    2016-03-04 13:58 - 2016-02-19 13:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

    2016-03-04 13:58 - 2016-02-19 12:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

    2016-03-04 13:58 - 2016-02-19 08:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

    2016-03-04 13:58 - 2016-02-12 12:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

    2016-03-04 13:58 - 2016-02-12 12:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

    2016-03-04 13:58 - 2016-02-12 12:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

    2016-03-04 13:58 - 2016-02-12 12:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

    2016-03-04 13:58 - 2016-02-12 12:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

    2016-03-04 13:58 - 2016-02-12 12:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

    2016-03-04 13:58 - 2016-02-12 12:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

    2016-03-04 13:58 - 2016-02-12 12:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

    2016-03-04 13:58 - 2016-02-12 12:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

    2016-03-04 13:58 - 2016-02-12 12:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

    2016-03-04 13:58 - 2016-02-12 12:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

    2016-03-04 13:58 - 2016-02-12 12:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

    2016-03-04 13:58 - 2016-02-12 12:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

    2016-03-04 13:58 - 2016-02-12 12:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

    2016-03-04 13:58 - 2016-02-12 12:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

    2016-03-04 13:58 - 2016-02-12 12:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

    2016-03-04 13:58 - 2016-02-11 08:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

    2016-03-04 13:58 - 2016-02-05 08:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

    2016-03-04 13:58 - 2016-02-05 08:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

    2016-03-04 13:58 - 2016-02-05 08:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

    2016-02-29 13:48 - 2016-02-29 13:48 - 00320264 ____C C:\Users\Loretta\Downloads\wnetwatcher.zip

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-03-30 14:35 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

    2016-03-30 14:35 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf

    2016-03-30 14:21 - 2016-01-21 14:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

    2016-03-30 12:05 - 2009-07-13 22:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    2016-03-30 12:05 - 2009-07-13 22:45 - 00018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    2016-03-30 12:01 - 2009-07-13 23:13 - 00853430 _____ C:\Windows\system32\PerfStringBackup.INI

    2016-03-28 14:57 - 2014-09-11 09:27 - 00000000 ___DC C:\Russell

    2016-03-28 14:50 - 2015-03-22 10:19 - 00000979 ____C C:\Users\Public\Desktop\CCleaner.lnk

    2016-03-28 13:42 - 2009-07-13 23:08 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT

    2016-03-27 19:11 - 2015-12-28 18:11 - 00000000 ____D C:\Program Files (x86)\StarCraft II

    2016-03-27 19:02 - 2015-12-28 18:37 - 00000000 ___DC C:\Users\Loretta\AppData\Local\Battle.net

    2016-03-27 19:02 - 2015-12-28 18:37 - 00000000 ____D C:\Program Files (x86)\Battle.net

    2016-03-27 12:19 - 2015-12-28 18:11 - 00000000 ___DC C:\Users\Loretta\Documents\StarCraft II

    2016-03-24 14:56 - 2015-12-28 18:11 - 00001136 ____C C:\Users\Public\Desktop\StarCraft II.lnk

    2016-03-24 10:21 - 2016-01-21 14:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

    2016-03-24 10:21 - 2016-01-21 14:08 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

    2016-03-24 10:21 - 2016-01-21 14:08 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

    2016-03-24 08:38 - 2015-04-04 11:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX

    2016-03-24 08:38 - 2015-04-04 11:56 - 00000000 ___SD C:\Windows\system32\GWX

    2016-03-21 22:37 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

    2016-03-13 17:03 - 2012-10-31 18:48 - 00000000 __RDC C:\Books

    2016-03-11 21:58 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache

    2016-03-08 20:03 - 2013-09-07 12:55 - 00000000 ____D C:\Windows\system32\MRT

    2016-03-08 20:00 - 2009-11-06 14:08 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    2016-03-04 13:59 - 2015-05-04 21:56 - 00000000 ____D C:\Windows\system32\appraiser

    ==================== Files in the root of some directories =======

    2013-01-13 13:07 - 2013-01-13 13:38 - 0070150 ____C () C:\Users\Loretta\AppData\Roaming\HDU_temp.bmp

    2009-11-07 14:30 - 2015-12-05 12:58 - 0007631 ____C () C:\Users\Loretta\AppData\Local\Resmon.ResmonCfg

    2015-04-29 15:04 - 2015-04-29 15:04 - 0000057 ____C () C:\ProgramData\Ament.ini

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed

    C:\Windows\system32\wininit.exe => File is digitally signed

    C:\Windows\SysWOW64\wininit.exe => File is digitally signed

    C:\Windows\explorer.exe => File is digitally signed

    C:\Windows\SysWOW64\explorer.exe => File is digitally signed

    C:\Windows\system32\svchost.exe => File is digitally signed

    C:\Windows\SysWOW64\svchost.exe => File is digitally signed

    C:\Windows\system32\services.exe => File is digitally signed

    C:\Windows\system32\User32.dll => File is digitally signed

    C:\Windows\SysWOW64\User32.dll => File is digitally signed

    C:\Windows\system32\userinit.exe => File is digitally signed

    C:\Windows\SysWOW64\userinit.exe => File is digitally signed

    C:\Windows\system32\rpcss.dll => File is digitally signed

    C:\Windows\system32\dnsapi.dll => File is digitally signed

    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



    LastRegBack: 2016-03-29 17:08

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

    Ran by Loretta (2016-03-30 14:38:18)

    Running from C:\Users\Loretta\Desktop

    Windows 7 Home Premium Service Pack 1 (X64) (2009-11-06 19:47:04)

    Boot Mode: Normal

    ==========================================================



    ==================== Accounts: =============================

    Administrator (S-1-5-21-185604243-1747783858-1897388037-500 - Administrator - Disabled)

    Guest (S-1-5-21-185604243-1747783858-1897388037-501 - Limited - Disabled)

    Loretta (S-1-5-21-185604243-1747783858-1897388037-1004 - Administrator - Enabled) => C:\Users\Loretta

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)

    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

    ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden

    Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)

    Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)

    Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)

    Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden

    Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)

    Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden

    Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)

    Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden

    AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)

    AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)

    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

    Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version: - PopCap Games)

    Bluetooth by hp (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)

    Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)

    Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden

    CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)

    Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)

    Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)

    Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)

    Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)

    Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)

    Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)

    Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)

    Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)

    CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)

    DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

    DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden

    Doom 3 (HKLM-x32\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision)

    Doom 3 (x32 Version: 1.2 - Activision) Hidden

    DOOM 3: Resurrection of Evil (HKLM-x32\...\InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision)

    DOOM 3: Resurrection of Evil (x32 Version: 1.0 - Activision) Hidden

    Family Tree Maker 2010 (HKLM-x32\...\Family Tree Maker 2010) (Version: 19.0.180 - Ancestry.com)

    Family Tree Maker 2010 (x32 Version: 19.0.180 - Ancestry.com) Hidden

    Ghost Recon (HKLM-x32\...\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}) (Version: - )

    Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)

    Hexagon Mahjongg (HKLM-x32\...\Hexagon Mahjongg) (Version: 1.00.08.03.26 - Selectsoft Publishing)

    Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)

    HP IDF Software (HKLM-x32\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)

    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)

    HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)

    HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden

    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

    HydraVision (x32 Version: 4.2.98.0 - ATI Technologies Inc.) Hidden

    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)

    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)

    LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden

    LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)

    Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)

    Macrium Reflect Free Edition (Version: 6.1.887 - Paramount Software (UK) Ltd.) Hidden

    Mahjong Journey of Enlightenment (HKLM-x32\...\Mahjong Journey of Enlightenment) (Version: - )

    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

    Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

    Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)

    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

    Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)

    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)

    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

    Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)

    Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)

    Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)

    Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)

    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

    Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)

    Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)

    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)

    Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden

    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)

    PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden

    PowerRecover (x32 Version: 5.5.1931 - CyberLink Corp.) Hidden

    Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.10.4 - Intuit)

    Sound Blaster X-Fi (HKLM-x32\...\{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}) (Version: 1.0 - Creative Technology Limited)

    Star Trek Armada II (HKLM-x32\...\Star Trek Armada II) (Version: - )

    Star Trek: Armada (HKLM-x32\...\Activision_StarTrekArmadaUninstallKey) (Version: - )

    StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)

    Tom Clancy's Rainbow Six 3: Athena Sword 1.10.016 (HKLM-x32\...\{664FF9A8-7E44-4E17-AD40-D10E15504C49}) (Version: 1.10.016 - )

    Tom Clancy's Rainbow Six 3: Raven Shield 1.60.412 (HKLM-x32\...\{AF131494-F5D8-45C5-938C-D5F020CF1B0D}) (Version: 1.60.412 - )

    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {120767B6-65CA-4A91-91BE-D09854E6764A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

    Task: {3438D29C-1FD4-4B0D-BB66-ABE51C51CE20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)

    Task: {7AA22FD7-7E26-4664-B789-50BBCC0CB56B} - \CLMLSvc -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============



    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)



    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\20951211.sys => ""="Driver"

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\20951211.sys => ""="Driver"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)



    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)



    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2014-12-21 13:31 - 2013-09-03 18:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

    # ::1 localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-185604243-1747783858-1897388037-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Loretta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

    DNS Servers: 75.75.75.75 - 75.75.76.76

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)



    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



    ==================== Restore Points =========================

    28-03-2016 20:01:23 Windows Update

    ==================== Faulty Device Manager Devices =============

    Name: Broadcom BCM2070 Bluetooth 3.0 USB Device

    Description: Broadcom BCM2070 Bluetooth 3.0 USB Device

    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

    Manufacturer: Broadcom

    Service: BTHUSB

    Problem: : This device is disabled. (Code 22)

    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.



    ==================== Event log errors: =========================

    Application errors:

    ==================

    System errors:

    =============

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: The SQL Server Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The Macrium Reflect Image Mounting Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/30/2016 02:34:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/30/2016 02:34:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: The Bluetooth Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (03/30/2016 02:34:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The Business Contact Manager SQL Server Startup Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/30/2016 02:34:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The Bluetooth Driver Management Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/30/2016 02:34:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

    Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).



    ==================== Memory info ===========================

    Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz

    Percentage of memory in use: 23%

    Total physical RAM: 4095.23 MB

    Available physical RAM: 3128.03 MB

    Total Virtual: 8188.66 MB

    Available Virtual: 7173.51 MB

    ==================== Drives ================================

    Drive c: (HP) (Fixed) (Total:596.07 GB) (Free:506.98 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================

    Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)

    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

    Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  3. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    # AdwCleaner v5.108 - Logfile created 30/03/2016 at 14:34:41

    # Updated 30/03/2016 by Xplode

    # Database : 2016-03-30.1 [Server]

    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)

    # Username : Loretta - LORETTA-PC

    # Running from : C:\Users\Loretta\Downloads\adwcleaner_5.108.exe

    # Option : Clean

    # Support : http://toolslib.net/forum

    ***** [ Services ] *****



    ***** [ Folders ] *****



    ***** [ Files ] *****



    ***** [ DLLs ] *****



    ***** [ Shortcuts ] *****



    ***** [ Scheduled tasks ] *****



    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL

    [-] Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget.1

    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}

    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}

    ***** [ Web browsers ] *****



    *************************

    :: "Image File Execution Options" keys deleted

    :: "Tracing" keys deleted

    :: "Prefetch" files deleted

    :: Proxy settings cleared

    :: Winsock settings cleared

    :: TCP/IP settings cleared

    :: IPSec settings cleared

    :: BITS queue cleared

    :: IE policies deleted

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [1360 bytes] - [30/03/2016 14:34:41]

    C:\AdwCleaner\AdwCleaner[S1].txt - [1191 bytes] - [30/03/2016 14:32:32]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1506 bytes] ##########


    # AdwCleaner v5.108 - Logfile created 30/03/2016 at 14:32:32

    # Updated 30/03/2016 by Xplode

    # Database : 2016-03-30.1 [Server]

    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)

    # Username : Loretta - LORETTA-PC

    # Running from : C:\Users\Loretta\Downloads\adwcleaner_5.108.exe

    # Option : Scan

    # Support : http://toolslib.net/forum

    ***** [ Services ] *****



    ***** [ Folders ] *****



    ***** [ Files ] *****



    ***** [ DLL ] *****



    ***** [ Shortcuts ] *****



    ***** [ Scheduled tasks ] *****



    ***** [ Registry ] *****

    Key Found : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL

    Key Found : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget.1

    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}

    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}

    ***** [ Web browsers ] *****



    *************************

    C:\AdwCleaner\AdwCleaner[S1].txt - [1035 bytes] - [30/03/2016 14:32:32]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1108 bytes] ##########
     
  4. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    Hi,
    When you say glitchy, can you me some examples what IE is doing? I like to see a scan using IE since it's your default browser.

    56e1f2ab6ac41183281be5705935b6c6._.png Scan with ESET Online Scanner

    This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
    Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
    Please visit ESET Online Scanner website.

    Click there Run ESET Online Scanner.

    If using Internet Explorer:



    • Accept the Terms of Use and click Start.
    • Allow the running of add-on.

    If using Mozilla Firefox or Google Chrome:

    • Download esetsmartinstaller_enu.exe that you'll be given link to.
    • Double click esetsmartinstaller_enu.exe.
    • Allow the Terms of Use and click Start.

    To perform the scan:

    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Under “Enable Stealth Technology select “Change” select any extra drives in that window.
    • Click Start
    • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
    • When completed, the program will begin to scan. This may take several hours. Get yourself a Soft drink, please, be patient.
    • Do not do anything on your machine as it may interrupt the scan.
    • When the scan is done, click Finish.
    • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.


    Please include this logfile in your next reply.
     
  5. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Take for ever to load a page if it does not the TTL does not run out. With some site like this one I have to clear the cache and cookies so I can get logged in. Even still if I select a thread it goes to that thread and I have to log back in to comment. Some times if I go back a page it is fine other times I have to re-log in Sometimes the window will minimize for a few seconds the go back to normal size. Pages are taking long time to load and getting longer.

    Scan results next posting running now.
     
  6. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Strange this is the only log file I found. All that was on it. Unless it did not save it or missing something. The scan did state nothing found.

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK
    Update Init
    Update Download
    Update Finalize
    Updated modules version: 28830
     
  7. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    Hi, nothing was found with the online scanner. I got to go to work when I get home late this evening .I'll analyze your logs again as a special software that breaks everything down. At this point I think I know what the problem is but I want to use process of elimination. I'll get back with you and will have some more instructions for you in a short while. Thanks for your patience!
     
  8. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    No hurry Kenny lets do this right.
     
  9. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    Hi

    Work is killing me this time of year! Okay, Your logs show no malware but we need to perform the below.
    AdwCleaner and FRST perform some of what we're doing below, but we need to fully to
    Flush your DNS and a few others things. I'll be back tonight or sat...




    TFC(Temp File Cleaner):


    • Please download TFC to the desktop,
    • Save any unsaved work. TFC will close all open application windows.
    • Right-click on TFC.exe and select Run as Administrator to run the program.
    • Click the Start button in the bottom left of the GUI(graphical user interface)'
    • If prompted, click "Yes" to reboot.
    Note:Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.


    Next

    Note: You will need to save any work before double clicking the fix.bat file because it will automatically restart your computer

    • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):

      Code:
      @Echo on
      pushd\windows\system32\drivers\etc
      attrib -h -s -r hosts
      echo 127.0.0.1 localhost>HOSTS
      attrib +r +h +s hosts
      popd
      ipconfig /release
      ipconfig /renew
      ipconfig /flushdns
      netsh winsock reset all
      netsh int ip reset all
      shutdown -r -t 1
      del %0
    • Once you've done that click on File and select Save As...
    • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
    • Name the file fix.bat (the .bat extension is very important)
    • Save the file to your desktop and double click it to run it.
    • Once it runs it will automatically restart your computer
    Next

    Please download MiniToolBox from here:

    http://www.bleepingcomputer.com/download/minitoolbox/dl/65/

    Checkmark the following checkboxes:

    Flush DNS
    Report IE Proxy Settings
    Reset IE Proxy Settings
    List content of Hosts
    List IP configuration
    List Winsock Entries
    List last 10 Event Viewer log
    List Devices
    List Users, Partitions and Memory size.
    List Minidump Files
    List Restore Points


    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.



    Thank you,

    Also, please let me know how things are running now and don't forget to post Result.txt
     
    Last edited: Apr 1, 2016
  10. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Will have to use it to let you know about the run and the file that MiniToolBox created was called MTB.txt not the Results.txt.

    MiniToolBox by Farbar Version: 07-02-2016 01
    Ran by Loretta (administrator) on 01-04-2016 at 09:17:20
    Running from "C:\Users\Loretta\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Model: AW011AV-ABA p6250t Manufacturer: HP-Pavilion
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.
    ========================= Hosts content: =================================
    127.0.0.1 localhost
    ========================= IP Configuration: ================================

    Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Connected)
    Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Loretta-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
    Physical Address. . . . . . . . . : 00-26-82-1E-46-80
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2601:0:d00:9400::2(Preferred)
    Lease Obtained. . . . . . . . . . : Friday, April 01, 2016 9:16:41 AM
    Lease Expires . . . . . . . . . . : Monday, April 04, 2016 11:53:18 PM
    IPv6 Address. . . . . . . . . . . : 2601:0:d00:9400:b187:a1c8:20:8ea6(Preferred)
    Temporary IPv6 Address. . . . . . : 2601:0:d00:9400:93b:5532:1e42:b2b9(Preferred)
    Link-local IPv6 Address . . . . . : fe80::b187:a1c8:20:8ea6%11(Preferred)
    IPv4 Address. . . . . . . . . . . : 10.0.0.7(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Friday, April 01, 2016 9:16:40 AM
    Lease Expires . . . . . . . . . . : Friday, April 08, 2016 9:16:45 AM
    Default Gateway . . . . . . . . . : fe80::4632:c8ff:fe95:38ab%11
    10.0.0.1
    DHCP Server . . . . . . . . . . . : 10.0.0.1
    DHCPv6 IAID . . . . . . . . . . . : 184559234
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-82-82-60-90-E6-BA-04-C7-B9
    DNS Servers . . . . . . . . . . . : 2001:558:feed::1
    2001:558:feed::2
    75.75.75.75
    75.75.76.76
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 90-E6-BA-04-C7-B9
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: cdns01.comcast.net
    Address: 2001:558:feed::1

    Name: google.com
    Addresses: 2607:f8b0:400f:802::200e
    172.217.1.174


    Pinging google.com [2607:f8b0:400f:803::200e] with 32 bytes of data:
    Reply from 2607:f8b0:400f:803::200e: time=34ms
    Reply from 2607:f8b0:400f:803::200e: time=34ms

    Ping statistics for 2607:f8b0:400f:803::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 34ms, Average = 34ms
    Server: cdns01.comcast.net
    Address: 2001:558:feed::1

    Name: yahoo.com
    Addresses: 2001:4998:c:a06::2:4008
    2001:4998:58:c02::a9
    2001:4998:44:204::a7
    98.139.183.24
    98.138.253.109
    206.190.36.45


    Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
    Reply from 2001:4998:58:c02::a9: time=90ms
    Reply from 2001:4998:58:c02::a9: time=90ms

    Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 90ms, Average = 90ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    11...00 26 82 1e 46 80 ......Atheros 802.11 a/b/g/n Dualband Wireless Network Module
    10...90 e6 ba 04 c7 b9 ......Realtek PCIe GBE Family Controller
    1...........................Software Loopback Interface 1
    13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.7 25
    10.0.0.0 255.255.255.0 On-link 10.0.0.7 281
    10.0.0.7 255.255.255.255 On-link 10.0.0.7 281
    10.0.0.255 255.255.255.255 On-link 10.0.0.7 281
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 10.0.0.7 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 10.0.0.7 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    11 281 ::/0 fe80::4632:c8ff:fe95:38ab
    1 306 ::1/128 On-link
    11 281 2601:0:d00:9400::/60 fe80::4632:c8ff:fe95:38ab
    11 33 2601:0:d00:9400::/64 On-link
    11 281 2601:0:d00:9400::2/128 On-link
    11 281 2601:0:d00:9400:93b:5532:1e42:b2b9/128
    On-link
    11 281 2601:0:d00:9400:b187:a1c8:20:8ea6/128
    On-link
    11 281 fe80::/64 On-link
    11 281 fe80::b187:a1c8:20:8ea6/128
    On-link
    1 306 ff00::/8 On-link
    11 281 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================

    System errors:
    =============
    Error: (04/01/2016 09:15:44 AM) (Source: DCOM) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


    Microsoft Office Sessions:
    =========================

    =========================== Installed Programs ============================

    2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
    Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
    Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
    Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
    Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
    Age of Empires III (HKLM-x32\...\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
    Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
    AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
    AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Bejeweled 3 (HKLM-x32\...\Bejeweled 3) (Version: - PopCap Games)
    Bluetooth by hp (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
    Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
    Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
    Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
    Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
    Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
    Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
    Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
    Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
    Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - Creative Technology Limited)
    Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
    CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
    DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
    Doom 3 (HKLM-x32\...\{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision) Hidden
    Doom 3 (HKLM-x32\...\{FB6908C2-2138-4D6E-9CAF-11D7AE6C3909}) (Version: 1.2 - Activision) Hidden
    Doom 3 (HKLM-x32\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.2 - Activision)
    DOOM 3: Resurrection of Evil (HKLM-x32\...\{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision) Hidden
    DOOM 3: Resurrection of Evil (HKLM-x32\...\InstallShield_{04347DFD-87B6-4E30-B14D-5DF2888AD8F5}) (Version: 1.0 - Activision)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Family Tree Maker 2010 (HKLM-x32\...\{89EAD745-088B-4160-B964-42C4D4D273AD}) (Version: 19.0.180 - Ancestry.com) Hidden
    Family Tree Maker 2010 (HKLM-x32\...\Family Tree Maker 2010) (Version: 19.0.180 - Ancestry.com)
    Ghost Recon (HKLM-x32\...\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}) (Version: - )
    Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
    Hexagon Mahjongg (HKLM-x32\...\Hexagon Mahjongg) (Version: 1.00.08.03.26 - Selectsoft Publishing)
    Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
    HP IDF Software (HKLM-x32\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
    HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
    HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
    HydraVision (HKLM-x32\...\{9AE27CE5-2442-EEA6-1D66-ED8D95E2EDF6}) (Version: 4.2.98.0 - ATI Technologies Inc.) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
    LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
    LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
    Macrium Reflect Free Edition (HKLM\...\{16C16A28-0B86-4B48-9457-EA53362BA793}) (Version: 6.1.887 - Paramount Software (UK) Ltd.) Hidden
    Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
    Mahjong Journey of Enlightenment (HKLM-x32\...\Mahjong Journey of Enlightenment) (Version: - )
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
    Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
    Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
    PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
    PowerRecover (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1931 - CyberLink Corp.) Hidden
    Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.10.4 - Intuit)
    Sound Blaster X-Fi (HKLM-x32\...\{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}) (Version: 1.0 - Creative Technology Limited)
    Star Trek Armada II (HKLM-x32\...\Star Trek Armada II) (Version: - )
    Star Trek: Armada (HKLM-x32\...\Activision_StarTrekArmadaUninstallKey) (Version: - )
    StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
    Tom Clancy's Rainbow Six 3: Athena Sword 1.10.016 (HKLM-x32\...\{664FF9A8-7E44-4E17-AD40-D10E15504C49}) (Version: 1.10.016 - )
    Tom Clancy's Rainbow Six 3: Raven Shield 1.60.412 (HKLM-x32\...\{AF131494-F5D8-45C5-938C-D5F020CF1B0D}) (Version: 1.60.412 - )
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )

    ========================= Devices: ================================

    Name: Broadcom BCM2070 Bluetooth 3.0 USB Device
    Description: Broadcom BCM2070 Bluetooth 3.0 USB Device
    Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
    Manufacturer: Broadcom
    Service: BTHUSB
    Device ID: USB\VID_0A5C&PID_21B0\00247EFAE484
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ========================= Memory info: ===================================

    Percentage of memory in use: 20%
    Total physical RAM: 4095.23 MB
    Available physical RAM: 3260.09 MB
    Total Virtual: 8188.66 MB
    Available Virtual: 7306.77 MB

    ========================= Partitions: =====================================

    1 Drive c: (HP) (Fixed) (Total:596.07 GB) (Free:501.08 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\LORETTA-PC

    Administrator Guest Loretta

    ========================= Minidump Files ==================================

    No minidump file found

    ========================= Restore Points ==================================

    29-03-2016 02:01:23 Windows Update
    01-04-2016 15:12:30 Windows Update

    **** End of log ****
     
  11. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Nope same issues and happening with IE.
     
  12. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    There's no malware on this Pc or/and there's no network infection. That's the good news. But your issues with IE11 is a guessing game Rusty. Well, there is more than one way to skin a cat, as we say. One tool that Microsoft came out with years ago is Microsoft Fix. I've used this tool several times with good results. The size of the download is less than 500k This tool will run on window 7 and I would click on all troubleshooters and one of these should fix this issue. Please follow the steps below.

    Please visit the link HERE first to read about Microsoft tool!



    Then you can download and use: f689ef05a78b8387884bd5e9d5c51ccf.png Microsoft Fix it Center Online
    Microsoft Fix it Center Client contains troubleshooters that help detect issues on target PCs and solve them on demand or proactively before you even know they exist!
    It finds and fixes many common PC and device problems automatically. It also helps prevent new problems by proactively checking for known issues and installing updates. Fix it Center helps to consolidate the many steps of diagnosing and repairing a problem into an automated tool that does the work for you.

    Microsoft Fix it Center makes getting support easier than ever, with tools that help solve the issues you have now and prevent new ones.
    • Easy to Install and Run: Easy-to-use wizards will guide you through the set-up process and help you anytime you need support.
    • Automated: With automated troubleshooters, Fix it Center helps solve issues with your PC, even if you're not sure what the exact problem is. Fix It Center scans your device to diagnose and repair problems, then gives you the option to "Find and fix" or to "Find and report.
    • Preventive Care: By helping you find and fix issues before they become real problems, Fix it Center helps keep your PC running smoothly and automatically downloading the latest solutions.

    Let me know after you had run all the troubleshooters on your computer, let me know if this fixes your issue with IE
     
  13. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    Btw, I notice you have Windows Defender "Enabled" but out of date? Is it up to date?
     
  14. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Will do. May be a few days.

    Suppose to be when windows update and it states that it is.
     
  15. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    This is interesting since it downloaded and installed and I am even posting form the offending system.

    Capture.PNG
     
  16. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
  17. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
  18. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    IE is the only browser on the system.

    Did the second reset.
     
  19. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
  20. Kenny94

    Kenny94 Registered Members

    Joined:
    Jan 21, 2016
    Messages:
    417
    Location:
    SC
    Operating System:
    OS X
    Computer Brand or Motherboard:
    iPad Air, HP Chromebook and Compaq laptop with xp
    I guess you mean the link worked? Okay, let me know after you click on the troubleshooters what your situation with Internet explorer and how your computer is doing.
     

Share This Page