Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Brand new laptop now riddled with Faster Light, other junk


  • This topic is locked This topic is locked
10 replies to this topic

#1 Zombie Superman

Zombie Superman

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 05 March 2015 - 02:17 PM

Purchased a brand new Dell Inspiron 15 and after the McAfee trial ended, a deluge of ad and malware attacked. I've used the Cox McAfee security suite and Super Anti-Spyware to remove some, but Faster LIght and other pop ups are still there. Thanks in advance for the assistance!

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Captain (administrator) on BIGSHOWLAPTOP on 05-03-2015 12:40:01
Running from C:\Users\Captain\Downloads
Loaded Profiles: Captain (Available profiles: Captain)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\Faster Light\bin\tmpC33E.tmp
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulAlert.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Soundboard\Soundboard.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-30] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-837735214-458657860-401388344-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837735214-458657860-401388344-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837735214-458657860-401388344-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-837735214-458657860-401388344-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3332410&octid=EB_ORIGINAL_CTID&ISID=IC87B25E4-9A86-4750-861D-DB11ECD2BE3B&SearchSource=58&CUI=&UM=8&UP=SPCF897602-528B-4A58-BBA4-09DA9C53E25F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-837735214-458657860-401388344-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3332410&octid=EB_ORIGINAL_CTID&ISID=IC87B25E4-9A86-4750-861D-DB11ECD2BE3B&SearchSource=58&CUI=&UM=8&UP=SPCF897602-528B-4A58-BBA4-09DA9C53E25F&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-837735214-458657860-401388344-1001 -> {30A074D2-4C4D-4666-BA89-DD8EE17780F2} URL =
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Profiles\4syu03yg.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Profiles\4syu03yg.default\user.js
FF Extension: Faster Light 1.0.1 - C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Profiles\4syu03yg.default\Extensions\{a081059f-4e06-4f49-9a1e-4b92e171ba25}.xpi [2015-01-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-01-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-05]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S2 0181851425577155mcinstcleanup; C:\Windows\TEMP\018185~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows ® Win 7 DDK provider) [File not signed]
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-21] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
S2 Update Faster Light; "C:\Program Files (x86)\Faster Light\updateFasterLight.exe" [X]
R2 Util Faster Light; "C:\Program Files (x86)\Faster Light\bin\utilFasterLight.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-08] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-05-31] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R1 {442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64; C:\Windows\System32\drivers\{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64.sys [48792 2014-12-21] (StdLib)
R1 {a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64; C:\Windows\System32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys [48792 2015-01-09] (StdLib)
R1 {a081059f-4e06-4f49-9a1e-4b92e171ba25}w64; C:\Windows\System32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}w64.sys [48792 2015-01-09] (StdLib)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 12:40 - 2015-03-05 12:40 - 00018516 _____ () C:\Users\Captain\Downloads\FRST.txt
2015-03-05 12:38 - 2015-03-05 12:40 - 00000000 ____D () C:\FRST
2015-03-05 12:37 - 2015-03-05 12:38 - 02092544 _____ (Farbar) C:\Users\Captain\Downloads\FRST64.exe
2015-03-05 12:16 - 2015-03-05 12:16 - 00000917 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soundboard.lnk
2015-03-05 12:16 - 2015-03-05 12:16 - 00000905 _____ () C:\Users\Public\Desktop\Soundboard.lnk
2015-03-05 12:16 - 2015-03-05 12:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-03-05 12:16 - 2015-03-05 12:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-03-05 12:16 - 2015-03-05 12:16 - 00000000 ____D () C:\Users\Captain\AppData\Roaming\Soundboard
2015-03-05 12:16 - 2015-03-05 12:16 - 00000000 ____D () C:\Program Files (x86)\Soundboard
2015-03-05 12:15 - 2015-03-05 12:15 - 02729864 _____ () C:\Users\Captain\Downloads\Soundboard(1).exe
2015-03-05 11:41 - 2015-03-05 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-05 11:34 - 2015-03-05 11:34 - 00000000 ___RD () C:\Users\Captain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-19 20:00 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-19 20:00 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-13 13:47 - 2015-02-13 13:47 - 03379416 _____ () C:\Users\Captain\Desktop\TBS01rough.wav
2015-02-13 13:20 - 2015-02-13 13:20 - 01410118 _____ () C:\Users\Captain\Desktop\In Iowa, Joe Biden Gives A Shout Out To “An Old Butt Buddy”.wav
2015-02-13 13:17 - 2015-02-13 13:17 - 00200704 _____ (Zhorn Software) C:\Users\Captain\Downloads\SoundBoard.exe
2015-02-12 23:44 - 2015-02-12 23:44 - 00004044 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-12 23:44 - 2015-02-12 23:44 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-12 23:44 - 2015-02-12 23:44 - 00003232 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-12 23:44 - 2015-02-12 23:44 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-12 23:44 - 2015-02-12 23:44 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-12 23:20 - 2015-02-12 23:20 - 00003516 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-christophermeaux@outlook.com
2015-02-12 23:20 - 2015-02-12 23:20 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-02-12 23:20 - 2015-02-12 23:20 - 00000000 ____D () C:\Users\Captain\Documents\Adobe
2015-02-12 23:16 - 2015-02-13 14:19 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-12 23:09 - 2015-02-03 17:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 23:09 - 2015-02-03 17:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 23:09 - 2015-02-03 17:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 23:09 - 2015-02-02 17:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 23:09 - 2015-02-02 17:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 23:09 - 2015-02-02 17:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 23:09 - 2015-01-19 12:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-12 23:09 - 2014-12-19 02:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 23:09 - 2014-12-19 02:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 23:09 - 2014-12-08 17:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-12 22:48 - 2015-02-12 23:19 - 00000000 ____D () C:\Program Files\Adobe
2015-02-12 22:48 - 2015-02-12 22:59 - 00001091 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2014.lnk
2015-02-12 22:47 - 2015-02-12 22:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-12 22:47 - 2015-02-12 22:47 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2015-02-12 22:47 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2015-02-12 22:47 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2015-02-12 22:47 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2015-02-12 22:43 - 2015-02-12 22:43 - 00000000 ___RD () C:\Users\Captain\Creative Cloud Files
2015-02-12 22:42 - 2015-03-05 12:16 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-12 22:41 - 2015-02-12 22:41 - 00001327 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-02-12 22:41 - 2015-02-12 22:41 - 00001315 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-02-12 22:39 - 2015-03-05 12:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-12 22:37 - 2015-03-05 12:15 - 00000000 ____D () C:\Users\Captain\AppData\Local\Adobe
2015-02-12 22:37 - 2015-01-15 16:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 22:37 - 2015-01-15 16:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 22:37 - 2015-01-13 22:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-12 22:37 - 2015-01-13 21:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-12 22:37 - 2014-10-28 20:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 22:37 - 2014-10-28 20:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 22:37 - 2014-10-28 20:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 22:37 - 2014-10-28 20:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 22:37 - 2014-10-28 19:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 22:36 - 2015-02-12 22:37 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\Captain\Downloads\CreativeCloudSet-Up.exe
2015-02-12 22:36 - 2015-01-13 16:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 22:36 - 2015-01-13 16:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 22:36 - 2015-01-10 03:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 22:36 - 2015-01-10 03:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-12 22:36 - 2015-01-10 02:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-12 22:36 - 2015-01-10 01:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 22:36 - 2015-01-10 00:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 22:36 - 2014-12-08 21:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 22:36 - 2014-12-08 19:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 22:36 - 2014-10-28 20:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-12 22:36 - 2014-10-28 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-12 22:36 - 2014-10-28 19:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-12 22:36 - 2014-10-28 19:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-12 22:36 - 2014-10-28 19:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-12 22:36 - 2014-10-28 19:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-12 22:36 - 2014-10-28 19:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-12 22:36 - 2014-10-28 19:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-12 22:35 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 22:35 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 22:35 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 22:35 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 22:35 - 2015-01-11 20:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-12 22:35 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 22:35 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 22:35 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 22:35 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 22:35 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 22:35 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 22:35 - 2015-01-11 19:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-12 22:35 - 2015-01-11 19:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-12 22:35 - 2015-01-11 19:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-12 22:35 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 22:35 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 22:35 - 2015-01-11 19:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 22:35 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 22:35 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 22:35 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 22:35 - 2015-01-11 19:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-12 22:35 - 2015-01-11 19:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-12 22:35 - 2015-01-11 19:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-12 22:35 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 22:35 - 2015-01-11 19:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-12 22:35 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 22:35 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 22:35 - 2015-01-11 19:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 22:35 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 22:35 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 22:35 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 22:35 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 22:35 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 22:35 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 22:35 - 2015-01-10 02:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-05 22:08 - 2015-02-03 13:31 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 22:08 - 2015-02-03 13:31 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 21:30 - 2015-03-05 11:58 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-05 21:30 - 2015-02-05 21:30 - 00001822 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-02-05 21:30 - 2015-02-05 21:30 - 00000000 ____D () C:\Users\Captain\AppData\Roaming\SUPERAntiSpyware.com
2015-02-05 21:30 - 2015-02-05 21:30 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-05 21:30 - 2015-02-05 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-05 21:29 - 2015-02-05 21:29 - 21172408 _____ (SUPERAntiSpyware) C:\Users\Captain\Downloads\SUPERAntiSpyware.exe
2015-02-05 18:43 - 2014-12-08 19:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-05 18:42 - 2014-07-24 09:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-02-05 18:42 - 2014-07-24 09:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-02-05 18:42 - 2014-07-24 09:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-02-05 18:42 - 2014-07-24 09:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-02-05 18:42 - 2014-07-24 09:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-02-05 18:42 - 2014-07-24 09:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-02-05 18:42 - 2014-07-24 09:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-02-05 18:42 - 2014-07-24 09:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-02-05 18:42 - 2014-07-24 09:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-02-05 18:42 - 2014-07-24 09:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2015-02-05 18:42 - 2014-07-24 07:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-02-05 18:42 - 2014-07-24 07:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-02-05 18:42 - 2014-07-24 07:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-02-05 18:42 - 2014-07-24 07:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-02-05 18:42 - 2014-07-24 07:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2015-02-05 18:42 - 2014-07-24 05:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-02-05 18:42 - 2014-07-24 05:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-02-05 18:42 - 2014-07-24 05:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-02-05 18:42 - 2014-07-24 04:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-02-05 18:42 - 2014-07-24 03:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-02-05 18:42 - 2014-07-24 03:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-02-05 18:42 - 2014-07-24 03:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-02-05 18:42 - 2014-07-24 03:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-02-05 18:42 - 2014-07-24 03:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-02-05 18:42 - 2014-07-24 03:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-02-05 18:42 - 2014-07-24 02:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-02-05 18:42 - 2014-07-24 02:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-02-05 18:42 - 2014-07-24 02:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-02-05 18:42 - 2014-07-24 02:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-02-05 18:42 - 2014-07-24 02:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-02-05 18:42 - 2014-07-24 02:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-02-05 18:42 - 2014-07-24 02:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-02-05 18:42 - 2014-07-24 02:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-02-05 18:42 - 2014-07-24 02:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-02-05 18:42 - 2014-07-24 02:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-02-05 18:42 - 2014-07-24 02:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2015-02-05 18:42 - 2014-07-24 02:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-02-05 18:42 - 2014-07-24 02:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-02-05 18:42 - 2014-07-24 01:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-02-05 18:42 - 2014-07-24 01:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2015-02-05 18:42 - 2014-07-24 01:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-02-05 18:42 - 2014-07-23 22:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-05 18:42 - 2014-07-23 22:11 - 00513544 _____ () C:\Windows\system32\locale.nls
2015-02-05 18:42 - 2014-07-04 03:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2015-02-05 18:42 - 2014-07-04 03:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2015-02-05 18:42 - 2014-06-14 00:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-02-05 18:42 - 2014-06-13 23:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-02-05 18:42 - 2014-05-05 22:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-02-05 18:41 - 2014-07-24 09:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-02-05 18:41 - 2014-07-24 09:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-02-05 18:41 - 2014-07-24 09:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-02-05 18:41 - 2014-07-24 09:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-02-05 18:41 - 2014-07-24 09:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-02-05 18:41 - 2014-07-24 09:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-02-05 18:41 - 2014-07-24 09:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-02-05 18:41 - 2014-07-24 09:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-02-05 18:41 - 2014-07-24 09:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-02-05 18:41 - 2014-07-24 09:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-02-05 18:41 - 2014-07-24 07:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-02-05 18:41 - 2014-07-24 07:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2015-02-05 18:41 - 2014-07-24 07:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-02-05 18:41 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-02-05 18:41 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-02-05 18:41 - 2014-07-24 05:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-02-05 18:41 - 2014-07-24 05:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-02-05 18:41 - 2014-07-24 05:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-02-05 18:41 - 2014-07-24 05:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2015-02-05 18:41 - 2014-07-24 05:41 - 00118272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-02-05 18:41 - 2014-07-24 05:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-02-05 18:41 - 2014-07-24 05:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-02-05 18:41 - 2014-07-24 05:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2015-02-05 18:41 - 2014-07-24 05:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-02-05 18:41 - 2014-07-24 04:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-02-05 18:41 - 2014-07-24 04:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2015-02-05 18:41 - 2014-07-24 04:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-02-05 18:41 - 2014-07-24 04:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-02-05 18:41 - 2014-07-24 04:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-02-05 18:41 - 2014-07-24 04:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-02-05 18:41 - 2014-07-24 04:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-02-05 18:41 - 2014-07-24 04:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2015-02-05 18:41 - 2014-07-24 04:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-02-05 18:41 - 2014-07-24 04:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-02-05 18:41 - 2014-07-24 04:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-02-05 18:41 - 2014-07-24 04:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-02-05 18:41 - 2014-07-24 04:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-02-05 18:41 - 2014-07-24 04:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-02-05 18:41 - 2014-07-24 04:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-02-05 18:41 - 2014-07-24 04:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2015-02-05 18:41 - 2014-07-24 04:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-02-05 18:41 - 2014-07-24 03:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-02-05 18:41 - 2014-07-24 03:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2015-02-05 18:41 - 2014-07-24 03:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-02-05 18:41 - 2014-07-24 03:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-02-05 18:41 - 2014-07-24 03:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-02-05 18:41 - 2014-07-24 03:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-02-05 18:41 - 2014-07-24 03:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-02-05 18:41 - 2014-07-24 03:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2015-02-05 18:41 - 2014-07-24 03:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-02-05 18:41 - 2014-07-24 03:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-02-05 18:41 - 2014-07-24 03:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-02-05 18:41 - 2014-07-24 03:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-02-05 18:41 - 2014-07-24 03:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-02-05 18:41 - 2014-07-24 03:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2015-02-05 18:41 - 2014-07-24 03:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-02-05 18:41 - 2014-07-24 02:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2015-02-05 18:41 - 2014-07-24 02:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-02-05 18:41 - 2014-07-24 02:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-02-05 18:41 - 2014-07-24 02:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-02-05 18:41 - 2014-07-24 02:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-02-05 18:41 - 2014-07-24 02:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-02-05 18:41 - 2014-07-24 02:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2015-02-05 18:41 - 2014-07-24 02:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2015-02-05 18:41 - 2014-07-24 02:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2015-02-05 18:41 - 2014-07-24 02:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-02-05 18:41 - 2014-07-24 02:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-02-05 18:41 - 2014-07-24 02:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-02-05 18:41 - 2014-07-24 02:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-02-05 18:41 - 2014-07-24 02:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-02-05 18:41 - 2014-07-24 02:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-02-05 18:41 - 2014-07-24 02:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2015-02-05 18:41 - 2014-07-24 02:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-02-05 18:41 - 2014-07-24 02:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-02-05 18:41 - 2014-07-24 02:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-02-05 18:41 - 2014-07-24 02:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2015-02-05 18:41 - 2014-07-24 02:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-02-05 18:41 - 2014-07-24 02:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-02-05 18:41 - 2014-07-24 02:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-02-05 18:41 - 2014-07-24 02:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2015-02-05 18:41 - 2014-07-24 02:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-02-05 18:41 - 2014-07-24 02:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-02-05 18:41 - 2014-07-24 01:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-02-05 18:41 - 2014-07-24 01:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-02-05 18:41 - 2014-07-24 01:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-02-05 18:41 - 2014-07-24 01:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-02-05 18:41 - 2014-07-24 01:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-02-05 18:41 - 2014-07-11 23:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2015-02-05 18:41 - 2014-07-11 22:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2015-02-05 18:41 - 2014-07-04 06:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-02-05 18:41 - 2014-07-04 04:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2015-02-05 18:41 - 2014-07-04 04:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-02-05 18:41 - 2014-07-04 04:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2015-02-05 18:41 - 2014-07-04 04:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-02-05 18:41 - 2014-06-27 00:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-02-05 18:41 - 2014-06-25 18:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-02-05 18:41 - 2014-06-25 18:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2015-02-05 18:41 - 2014-06-19 17:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-02-05 18:41 - 2014-06-18 20:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-02-05 18:41 - 2014-06-07 06:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-02-05 18:41 - 2014-06-07 04:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-02-05 18:41 - 2014-06-05 08:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-02-05 18:41 - 2014-06-05 04:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2015-02-05 18:41 - 2014-06-05 03:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2015-02-05 18:41 - 2014-05-30 23:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2015-02-05 18:41 - 2014-05-30 22:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2015-02-05 18:41 - 2014-05-29 00:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-02-05 18:41 - 2014-05-28 23:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-02-05 18:41 - 2014-05-26 01:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2015-02-05 18:41 - 2014-05-10 04:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-02-05 18:41 - 2014-05-10 02:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-02-05 18:41 - 2014-05-05 18:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-02-05 18:41 - 2014-03-24 20:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-02-05 18:41 - 2014-03-24 20:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-02-05 18:41 - 2014-03-24 19:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-02-05 18:41 - 2014-03-24 19:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-02-05 18:40 - 2014-12-19 00:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-05 18:40 - 2014-12-11 20:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-02-05 18:40 - 2014-12-11 18:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-02-05 18:39 - 2014-12-05 21:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-05 18:39 - 2014-12-05 19:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-05 18:39 - 2014-10-28 19:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-05 18:39 - 2014-10-28 19:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-05 18:33 - 2014-12-08 13:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-02-05 18:33 - 2014-12-08 13:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-02-05 18:33 - 2014-12-05 19:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-02-05 18:33 - 2014-10-28 22:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-02-05 18:33 - 2014-10-28 22:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-02-05 18:33 - 2014-10-28 21:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-02-05 18:33 - 2014-10-28 21:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-05 18:33 - 2014-10-28 21:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-05 18:33 - 2014-10-28 21:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-02-05 18:33 - 2014-10-28 21:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-02-05 18:33 - 2014-10-28 21:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-02-05 18:33 - 2014-10-28 21:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-02-05 18:33 - 2014-10-28 21:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-02-05 18:33 - 2014-10-28 21:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-02-05 18:33 - 2014-10-28 20:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-02-05 18:33 - 2014-10-28 19:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-02-05 18:33 - 2014-10-28 19:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-05 18:33 - 2014-07-11 22:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-02-05 18:32 - 2015-02-05 18:32 - 00000000 __SHD () C:\Users\Captain\AppData\Local\EmieBrowserModeList
2015-02-05 18:21 - 2015-02-05 18:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 12:30 - 2014-05-31 06:40 - 01149588 _____ () C:\Windows\WindowsUpdate.log
2015-03-05 12:20 - 2013-08-22 08:46 - 00014267 _____ () C:\Windows\setupact.log
2015-03-05 12:16 - 2014-12-06 22:51 - 00000000 ____D () C:\Users\Captain\AppData\Roaming\Adobe
2015-03-05 12:16 - 2014-12-06 22:50 - 00000000 ____D () C:\Users\Captain
2015-03-05 12:07 - 2014-12-21 18:48 - 00000000 ____D () C:\Program Files (x86)\Faster Light
2015-03-05 12:03 - 2014-05-31 06:28 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 12:02 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-05 11:46 - 2014-12-08 20:35 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-837735214-458657860-401388344-1001
2015-03-05 11:41 - 2015-01-09 21:36 - 00001862 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk
2015-03-05 11:39 - 2015-01-09 21:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-05 11:39 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-05 11:37 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-05 11:33 - 2014-12-21 19:23 - 00000000 __RDO () C:\Users\Captain\OneDrive
2015-03-05 11:32 - 2013-08-22 09:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-03 07:17 - 2015-01-09 21:51 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-19 23:18 - 2014-05-31 06:59 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-02-19 23:10 - 2013-08-22 08:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 23:09 - 2013-08-22 07:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-19 22:03 - 2014-12-21 19:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-19 22:03 - 2014-05-31 06:12 - 00041036 _____ () C:\Windows\PFRO.log
2015-02-19 19:58 - 2015-01-09 23:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-19 19:56 - 2014-12-08 20:31 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{91932F07-343C-45D9-89B1-837C22A879E5}
2015-02-19 19:54 - 2015-01-09 23:37 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-19 19:52 - 2015-01-09 23:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-19 19:52 - 2015-01-09 23:54 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 14:18 - 2014-12-21 19:31 - 00000000 ____D () C:\Users\Captain\AppData\Local\CrashDumps
2015-02-13 14:17 - 2014-12-21 18:52 - 00000000 ____D () C:\Users\Captain\AppData\Roaming\Music Editor Free
2015-02-13 14:16 - 2014-05-31 07:00 - 00000000 ____D () C:\Temp
2015-02-13 12:49 - 2014-12-21 19:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-12 23:44 - 2014-05-31 06:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-12 23:43 - 2014-05-31 06:54 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-12 23:43 - 2014-05-31 06:52 - 00000000 ____D () C:\Program Files\Dell
2015-02-12 23:42 - 2014-12-21 19:01 - 00000000 ____D () C:\Users\Captain\AppData\Roaming\PCDr
2015-02-12 23:11 - 2013-08-22 08:44 - 00346744 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 22:41 - 2014-05-31 06:40 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-05 22:06 - 2014-12-21 18:52 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2015-02-05 22:05 - 2013-08-22 13:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-02-05 22:05 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\setup
2015-02-05 22:05 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-02-05 21:28 - 2014-05-31 06:55 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-05 21:16 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates

==================== Files in the root of some directories =======

2014-05-31 06:14 - 2014-05-31 06:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-31 06:47 - 2014-05-31 06:47 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-05-31 06:43 - 2014-05-31 06:44 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-05-31 06:44 - 2014-05-31 06:46 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-05-31 06:46 - 2014-05-31 06:47 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-05-31 06:43 - 2014-05-31 06:43 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Captain\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 13:01

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 05 March 2015 - 05:42 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2

Please download and install mbam.pngMalwarebytes Anti-Malware
  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 08 March 2015 - 01:29 PM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#4 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 March 2015 - 01:45 PM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.

 

 

Sorry, I've had a lot going on and haven't been able to get back on. I'll begin the first steps now.


Edited by Zombie Superman, 12 March 2015 - 01:46 PM.


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 12 March 2015 - 01:49 PM

OK... :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 March 2015 - 02:45 PM

AdwCleaner Log:

# AdwCleaner v4.112 - Logfile created 12/03/2015 at 13:53:06
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Captain - BIGSHOWLAPTOP
# Running from : C:\Users\Captain\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : {442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64
Service Deleted : {a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64
Service Deleted : {a081059f-4e06-4f49-9a1e-4b92e171ba25}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\RelevantKnowledge
Folder Deleted : C:\Program Files (x86)\Faster Light
Folder Deleted : C:\Users\Captain\AppData\Local\Temp\Faster Light
File Deleted : C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Profiles\4syu03yg.default\Extensions\{a081059f-4e06-4f49-9a1e-4b92e171ba25}.xpi
File Deleted : C:\Windows\System32\drivers\{442ad619-2fad-4d96-9434-49e6d1c6e280}Gw64.sys
File Deleted : C:\Windows\System32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}Gw64.sys
File Deleted : C:\Windows\System32\drivers\{a081059f-4e06-4f49-9a1e-4b92e171ba25}w64.sys
File Deleted : C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Profiles\4syu03yg.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\SOFTWARE\Faster Light

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [4568 bytes] - [12/03/2015 13:47:56]
AdwCleaner[S0].txt - [4135 bytes] - [12/03/2015 13:53:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4194  bytes] ##########
 

Malware Bytes Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/12/2015
Scan Time: 2:10:49 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.12.05
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Captain

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335995
Time Elapsed: 11 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.FasterLight.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Faster Light, Quarantined, [6342fd47f298df573571b60335cec937],
PUP.Optional.FasterLight.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Faster Light, Quarantined, [5f4670d4c1c95fd78b1c2e8b798ae41c],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.SearchProtect.A, C:\Users\Captain\AppData\Local\Temp\setup.exe, Quarantined, [dcc999abaae0c670937e09af70916898],

Physical Sectors: 0
(No malicious items detected)


(end)

FRST Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Captain at 2015-03-12 14:35:20
Running from C:\Users\Captain\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.1 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{1D817B4D-A183-48C0-8463-FCC39459367B}) (Version: 1.0.1014.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Music Editor Free v10.0.3 (HKLM-x32\...\Music Editor Free_is1) (Version:  - Copyright© 2005-2014 MEFMedia, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Soundboard (HKLM-x32\...\Soundboard) (Version: 1.0.0 - UNKNOWN)
Soundboard (x32 Version: 1.0.0 - UNKNOWN) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-02-2015 20:51:22 Windows Update
06-03-2015 14:53:44 Installed Microsoft Office Home and Student 2007
12-03-2015 11:24:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {155AC481-6223-41CB-896E-726F5C9BE85B} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-christophermeaux@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {19B132B3-A1FE-4541-A867-6BEA5F30D154} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {1DE8D30A-BCA0-402C-BAC0-2EB414301BFB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {28284132-1325-4BD7-8B76-41F861F1B9FD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-15] (Synaptics Incorporated)
Task: {35AC98E7-BE2B-4BCD-9DD6-75674814FC84} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {4A639CEC-6421-40F3-8DA6-F30A80D8BC94} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {6A52E4D1-0B6D-4A32-9D63-6D8AC13360B6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-19] (Microsoft Corporation)
Task: {7B9BD755-0083-47DD-989F-83CB11AB2096} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {8A80D60E-B762-4698-82B0-1850472C0BE4} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-02-19] (Aviata Inc)
Task: {9E7BAEC7-2DEE-4FC2-B89D-E0E9B7B0A717} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {CF138FF6-D55F-404F-A40F-AD173975F375} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {E4AA81D6-FD9E-4E12-843E-E26BF4F8B4A3} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {E9D9F2BC-38C9-41C5-B598-CA103B3883FA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-22 13:40 - 2013-08-22 13:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 13:40 - 2013-08-22 13:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 13:40 - 2013-08-22 13:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2014-12-19 16:57 - 2014-12-19 16:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-31 08:00 - 2013-08-19 11:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-05-31 08:00 - 2013-08-19 11:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-05-31 08:00 - 2013-08-19 11:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-01-08 03:00 - 2014-01-08 03:00 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-01-08 02:58 - 2014-01-08 02:58 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-01-08 03:03 - 2014-01-08 03:03 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-05-31 07:47 - 2013-12-10 10:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-05-31 07:44 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 13:41 - 2013-03-05 13:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-05-31 08:00 - 2013-11-21 17:00 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-05-31 08:00 - 2012-11-26 00:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-05-31 08:00 - 2012-11-26 00:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Captain\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-837735214-458657860-401388344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Captain\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-837735214-458657860-401388344-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== Accounts: =============================

Administrator (S-1-5-21-837735214-458657860-401388344-500 - Administrator - Disabled)
Captain (S-1-5-21-837735214-458657860-401388344-1001 - Administrator - Enabled) => C:\Users\Captain
Guest (S-1-5-21-837735214-458657860-401388344-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2015 02:01:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/06/2015 01:11:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/06/2015 01:09:20 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (03/06/2015 00:37:48 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/05/2015 01:06:05 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?

Error: (03/05/2015 01:06:05 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?

Error: (03/05/2015 01:06:00 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?

Error: (03/05/2015 01:06:00 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?

Error: (03/05/2015 01:05:55 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?

Error: (03/05/2015 01:05:55 PM) (Source: .NET Runtime) (EventID: 1024) (User: )
Description: .NET Runtime version : 4.0.30319.34014 - This application could not be started.This application could not be started.

Do you want to view information about this issue?


System errors:
=============
Error: (03/12/2015 02:25:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The My Dell Client Framework service failed to start due to the following error:
%%1053

Error: (03/12/2015 02:25:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the My Dell Client Framework service to connect.

Error: (03/12/2015 02:00:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Faster Light service failed to start due to the following error:
%%2

Error: (03/12/2015 02:00:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update Faster Light service failed to start due to the following error:
%%2

Error: (03/12/2015 01:57:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\athihvs.dll

Error: (03/12/2015 01:57:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\athihvs.dll

Error: (03/12/2015 01:54:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\athihvs.dll

Error: (03/12/2015 01:53:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (03/12/2015 01:53:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Data Vault service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/12/2015 01:53:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 23%
Total physical RAM: 8096.02 MB
Available physical RAM: 6230.29 MB
Total Pagefile: 9376.02 MB
Available Pagefile: 7376.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.03 GB) (Free:873.13 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:11.09 GB) (Free:0.72 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5FE0B01D)

Partition: GPT Partition Type.

==================== End Of Log ============================


 



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 12 March 2015 - 03:44 PM

The FRST.txt log is missing... :)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 March 2015 - 05:49 PM

Oops! :thumbup2:


Edited by Zombie Superman, 12 March 2015 - 05:50 PM.


#9 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 March 2015 - 07:43 PM

Looks like the log is too big to paste or upload...



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 13 March 2015 - 11:46 AM

Please split it into more parts.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:14 AM

Posted 18 March 2015 - 04:24 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users