Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mouse and Internet connection


  • This topic is locked This topic is locked
23 replies to this topic

#1 sh4rkbyt3

sh4rkbyt3

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 15 March 2015 - 06:35 PM

Not sure what's quite going on. I am having repeated problems where mouse activity seems to be delayed followed by a system disconnect. I have to repeatedly restart/reset my router and then it works for a while. This has been going on back and forth. Had the exact same issue with my previous computer. This one is now doing the same thing. The only correlation is the 1Tb storage drive I have docked to an external docking station. Attached below is my .dds file.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Gemini II at 19:29:05 on 2015-03-15
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.16345.13598 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{188817CC-27ED-455D-A141-DEAAAD810AB1} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2015-3-6 82560]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2015-3-6 42624]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-3-6 65736]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-3-6 268640]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2015-3-6 22680]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2015-3-6 1047320]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2015-3-6 441728]
R1 VirtDiskBus;3TB+ Unlock;C:\Windows\System32\drivers\VirtDiskBus64.sys [2015-3-6 66160]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-3-6 29168]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2015-3-6 88408]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-3-6 136752]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-3-6 343336]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-3-6 243880]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-3-6 1148560]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-3-6 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-3-6 21833360]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-3-6 410952]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-3-6 273824]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-3-6 4030800]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2015-3-6 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2015-3-6 88832]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-3-6 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-3-6 38032]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-3-6 565352]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2015/03/08 18:48:58;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2013-9-2 243464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 cleanhlp;cleanhlp;C:\EEK\bin\cleanhlp64.sys [2015-3-8 57024]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-3-6 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2015-03-15 23:06:35 -------- d-----w- C:\Users\Gemini II\AppData\Local\ElevatedDiagnostics
2015-03-15 22:06:50 -------- d-sh--w- C:\$RECYCLE.BIN
2015-03-15 21:29:14 -------- d-----w- C:\Users\Gemini II\AppData\Local\Diagnostics
2015-03-15 00:55:44 -------- d-----w- C:\Program Files\RogueKiller
2015-03-08 22:52:44 59904 ----a-w- C:\Windows\SysWow64\wbemdisp.tlb
2015-03-08 22:52:44 23664 ----a-w- C:\Windows\SysWow64\lgfwunis.exe
2015-03-08 22:52:44 115016 ----a-w- C:\Windows\SysWow64\MSINET.OCX
2015-03-08 22:52:44 102912 ----a-w- C:\Windows\SysWow64\Vb6stkit.dll
2015-03-08 22:52:44 102160 ----a-w- C:\Windows\SysWow64\VB6KO.DLL
2015-03-08 22:52:43 -------- d-----w- C:\Program Files (x86)\lg_fwupdate
2015-03-08 22:49:00 -------- d-----w- C:\Users\Gemini II\AppData\Local\Packages
2015-03-08 22:48:07 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2015-03-08 22:48:07 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2015-03-08 22:48:07 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2015-03-08 22:45:49 -------- d-----w- C:\Users\Gemini II\AppData\Local\CyberLink
2015-03-08 22:45:10 -------- d-----w- C:\ProgramData\install_clap
2015-03-08 22:44:23 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-03-08 22:44:23 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-03-08 22:44:23 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2015-03-08 22:44:23 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-03-08 22:44:21 -------- d-----w- C:\ProgramData\CLSK
2015-03-08 22:14:20 98816 ----a-w- C:\Windows\sed.exe
2015-03-08 22:14:20 256000 ----a-w- C:\Windows\PEV.exe
2015-03-08 22:14:20 208896 ----a-w- C:\Windows\MBR.exe
2015-03-08 21:58:04 -------- d-----w- C:\Users\Gemini II\AppData\Local\CrashDumps
2015-03-08 21:43:17 -------- d-----w- C:\EEK
2015-03-08 21:40:46 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2015-03-08 21:37:22 37624 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2015-03-08 21:37:21 -------- d-----w- C:\ProgramData\RogueKiller
2015-03-08 21:32:34 -------- d-----w- C:\AdwCleaner
2015-03-07 14:59:25 778928 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-03-07 14:59:25 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-07 14:56:40 -------- d-----w- C:\Users\Gemini II\AppData\Local\Adobe
2015-03-07 04:16:41 -------- d-----w- C:\Users\Gemini II\AppData\Roaming\Logishrd
2015-03-07 03:38:04 -------- d-----w- C:\Users\Gemini II\AppData\Local\Microsoft Games
2015-03-07 03:36:40 -------- d-----w- C:\Users\Gemini II\AppData\Roaming\Foxit Software
2015-03-07 03:36:16 -------- d-----w- C:\Program Files (x86)\Foxit Software
2015-03-07 02:42:45 -------- d-----w- C:\Program Files\AVAST Software
2015-03-07 02:42:05 -------- d-----w- C:\ProgramData\AVAST Software
2015-03-07 02:33:53 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-03-07 02:33:47 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-03-07 02:33:47 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-03-07 02:33:47 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-03-07 02:33:47 -------- d-----w- C:\ProgramData\Malwarebytes
2015-03-07 02:33:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-07 02:33:35 -------- d-----w- C:\Users\Gemini II\AppData\Local\Programs
2015-03-07 02:30:02 -------- d-----w- C:\Windows\Panther
2015-03-07 02:29:38 -------- d-----w- C:\Program Files\CCleaner
2015-03-07 02:27:27 -------- d-----w- C:\Users\Gemini II\AppData\Local\NVIDIA Corporation
2015-03-07 02:27:27 -------- d-----w- C:\Users\Gemini II\AppData\Local\NVIDIA
2015-03-07 02:24:59 74056 ----a-w- C:\Windows\System32\OpenCL.dll
2015-03-07 01:11:39 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-07 00:14:13 -------- d-----w- C:\ProgramData\Oracle
2015-03-06 23:58:13 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2015-03-06 23:58:13 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2015-03-06 23:58:13 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2015-03-06 23:58:13 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-03-06 23:58:13 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2015-03-06 23:49:36 66160 ----a-w- C:\Windows\System32\drivers\VirtDiskBus64.sys
2015-03-06 23:49:36 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2015-03-06 23:48:37 -------- d-----w- C:\Windows\GBD
2015-03-06 23:42:59 31272 ----a-w- C:\Windows\System32\AppleChargerSrv.exe
2015-03-06 23:42:59 22680 ----a-w- C:\Windows\System32\drivers\AppleCharger.sys
2015-03-06 23:42:59 -------- d-----w- C:\Program Files\GIGABYTE
2015-03-06 23:42:59 -------- d-----w- C:\Program Files (x86)\GIGABYTE
2015-03-06 23:42:54 88832 ----a-w- C:\Windows\System32\drivers\EtronXHCI.sys
2015-03-06 23:42:54 65152 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys
2015-03-06 23:42:50 -------- d-----w- C:\Program Files (x86)\Etron Technology
2015-03-06 23:40:53 -------- d-----w- C:\Program Files (x86)\Marvell
2015-03-06 23:40:01 -------- d-sh--w- C:\Windows\Installer
.
==================== Find3M  ====================
.
2015-03-07 02:59:09 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-03-07 02:59:09 88408 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2015-03-07 02:59:09 65736 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-03-07 02:59:09 29168 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-03-07 02:59:09 268640 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-03-07 02:59:09 136752 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-03-07 02:59:08 43112 ----a-w- C:\Windows\avastSS.scr
2015-03-07 02:59:07 1047320 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2015-03-07 01:11:39 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-05 21:01:44 995248 ----a-w- C:\Windows\System32\nvumdshimx.dll
2015-02-05 19:07:04 6861128 ----a-w- C:\Windows\System32\nvcpl.dll
2015-02-05 19:07:03 3517584 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-02-05 19:07:00 935056 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-02-05 19:07:00 62792 ----a-w- C:\Windows\System32\nvshext.dll
2015-02-05 19:07:00 2558792 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-02-05 19:06:59 385168 ----a-w- C:\Windows\System32\nvmctray.dll
2015-02-05 17:57:47 621384 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-02-05 12:50:11 4236870 ----a-w- C:\Windows\System32\nvcoproc.bin
.
============= FINISH: 19:29:20.48 ===============
 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 19 March 2015 - 07:47 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?

#3 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 19 March 2015 - 08:10 PM

Mbam found nothing, here's the results:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/19/2015
Scan Time: 8:43:16 PM
Logfile: mbam1.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.03.19.10
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gemini II

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346019
Time Elapsed: 4 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

ADW found nothing either, results:

# AdwCleaner v4.112 - Logfile created 19/03/2015 at 20:58:45
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Gemini II - GEMINIII-PC
# Running from : C:\Users\Gemini II\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7T1VOONW\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

*************************

AdwCleaner[R0].txt - [713 bytes] - [08/03/2015 17:32:40]
AdwCleaner[R1].txt - [829 bytes] - [14/03/2015 14:54:21]
AdwCleaner[R2].txt - [896 bytes] - [14/03/2015 20:50:06]
AdwCleaner[R3].txt - [953 bytes] - [15/03/2015 18:38:50]
AdwCleaner[R4].txt - [1070 bytes] - [17/03/2015 20:04:01]
AdwCleaner[R5].txt - [1198 bytes] - [19/03/2015 20:50:14]
AdwCleaner[S0].txt - [778 bytes] - [08/03/2015 17:34:02]
AdwCleaner[S1].txt - [1018 bytes] - [15/03/2015 18:39:50]
AdwCleaner[S2].txt - [1126 bytes] - [19/03/2015 20:58:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1185  bytes] ##########

 

 

FRST results:
 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Gemini II (administrator) on GEMINIII-PC on 19-03-2015 21:02:53
Running from C:\Users\Gemini II\Desktop
Loaded Profiles: Gemini II (Available profiles: Gemini II)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Gemini II\AppData\Local\Viber\Viber.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_134_ActiveX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\...\Run: [Viber] => C:\Users\Gemini II\AppData\Local\Viber\Viber.exe [776400 2015-02-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-06] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-06] (Avast Software s.r.o.)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-06]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-06] (Avast Software)
S3 BFE; . [0 2015-03-19] () <==== ATTENTION (zero size file/folder)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-01-26] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\bin\a2ddax64.sys [26176 2015-03-08] (Emsisoft GmbH)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-06] ()
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-03-08] (Emsisoft GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
R3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-06] (Avast Software)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-19 21:02 - 2015-03-19 21:03 - 00010705 _____ () C:\Users\Gemini II\Desktop\FRST.txt
2015-03-19 21:02 - 2015-03-19 21:02 - 02095616 _____ (Farbar) C:\Users\Gemini II\Desktop\FRST64.exe
2015-03-19 21:02 - 2015-03-19 21:02 - 00000000 ____D () C:\FRST
2015-03-19 21:00 - 2015-03-19 21:00 - 00001265 _____ () C:\Users\Gemini II\Desktop\AdwCleaner[S2].txt
2015-03-19 20:56 - 2015-03-19 20:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-19 20:56 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-19 20:49 - 2015-03-19 20:49 - 00001060 _____ () C:\Users\Gemini II\Desktop\mbam1.txt
2015-03-19 20:40 - 2015-03-19 20:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-18 22:19 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-03-18 22:19 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-03-18 22:19 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-18 22:19 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-18 22:19 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-03-18 22:19 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-03-18 22:19 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-03-18 22:19 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-03-18 22:07 - 2015-03-19 21:00 - 00001055 _____ () C:\Windows\setupact.log
2015-03-18 22:07 - 2015-03-18 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-17 20:55 - 2015-03-19 21:00 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\ViberPC
2015-03-17 20:55 - 2015-03-19 21:00 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\Viber
2015-03-17 20:55 - 2015-03-17 20:55 - 00000966 _____ () C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-03-17 20:55 - 2015-03-17 20:55 - 00000958 _____ () C:\Users\Gemini II\Desktop\Viber.lnk
2015-03-17 20:03 - 2015-03-17 20:03 - 00000000 ___SD () C:\32788R22FWJFW
2015-03-17 20:03 - 2015-03-17 20:03 - 00000000 ____D () C:\ComboFix
2015-03-17 19:49 - 2015-03-17 19:48 - 00262144 _____ () C:\Users\Gemini II\Desktop\5931118A-60E4-4635-AC34-120CE1C27D2B.Diagnose.0.etl
2015-03-15 20:33 - 2012-03-01 02:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-03-15 20:33 - 2012-03-01 02:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-15 20:33 - 2012-03-01 02:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-03-15 20:33 - 2012-03-01 02:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-03-15 20:33 - 2012-03-01 01:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-15 20:33 - 2012-03-01 01:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-03-15 20:33 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-03-15 19:29 - 2015-03-15 19:29 - 00014870 _____ () C:\Users\Gemini II\Desktop\dds.txt
2015-03-15 19:29 - 2015-03-15 19:29 - 00005168 _____ () C:\Users\Gemini II\Desktop\attach.txt
2015-03-15 19:28 - 2015-03-15 19:28 - 00688992 ____R (Swearware) C:\Users\Gemini II\Desktop\dds.com
2015-03-15 18:49 - 2015-03-15 18:49 - 00000000 ____D () C:\Users\Gemini II\Desktop\ComIntRepair
2015-03-15 18:06 - 2015-03-15 18:06 - 00019967 _____ () C:\ComboFix.txt
2015-03-15 15:32 - 2015-03-15 15:33 - 00002566 _____ () C:\Users\Gemini II\Documents\Cert export wizard.pfx
2015-03-15 14:47 - 2015-03-15 14:47 - 00000000 ____D () C:\Users\Gemini II\Documents\Adobe
2015-03-14 20:55 - 2015-03-14 20:55 - 00000848 _____ () C:\Users\Public\Desktop\RogueKiller.lnk
2015-03-14 20:55 - 2015-03-14 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-03-14 20:55 - 2015-03-14 20:55 - 00000000 ____D () C:\Program Files\RogueKiller
2015-03-14 17:01 - 2015-03-14 17:01 - 00001658 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-03-14 17:01 - 2015-03-14 17:01 - 00000000 ____D () C:\Program Files\Recuva
2015-03-14 14:35 - 2015-03-19 21:02 - 01334670 _____ () C:\Windows\WindowsUpdate.log
2015-03-12 19:35 - 2015-03-12 19:35 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-03-12 19:34 - 2015-03-12 19:34 - 00001355 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-03-12 19:34 - 2015-03-12 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-03-09 22:03 - 2015-03-09 22:03 - 00099611 _____ () C:\Users\Gemini II\Desktop\2012-05-onone-signature-collection.zip
2015-03-08 19:07 - 2015-03-08 19:07 - 06621424 _____ ( ) C:\Users\Gemini II\Desktop\CyberLink.v3809_OEM_DKA_U_DVD120206-03.exe
2015-03-08 19:06 - 2015-03-08 19:06 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-08 18:59 - 2015-03-08 18:59 - 00000000 ____D () C:\Users\Gemini II\Documents\CyberLink
2015-03-08 18:53 - 2015-03-08 18:53 - 00001404 _____ () C:\Users\Public\Desktop\CyberLink Media Suite 10.lnk
2015-03-08 18:52 - 2015-03-08 18:53 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2015-03-08 18:52 - 2015-03-08 18:52 - 00000273 _____ () C:\Windows\lgfwup.ini
2015-03-08 18:52 - 2015-03-08 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit
2015-03-08 18:52 - 2012-07-11 13:18 - 00023664 _____ (BitLeader) C:\Windows\SysWOW64\lgfwunis.exe
2015-03-08 18:52 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemdisp.tlb
2015-03-08 18:52 - 1998-07-22 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6stkit.dll
2015-03-08 18:52 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6KO.DLL
2015-03-08 18:52 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2015-03-08 18:49 - 2015-03-08 18:49 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\Packages
2015-03-08 18:48 - 2015-03-08 18:48 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-03-08 18:48 - 2015-03-08 18:48 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-03-08 18:48 - 2015-03-08 18:48 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2015-03-08 18:45 - 2015-03-14 16:05 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\CyberLink
2015-03-08 18:45 - 2015-03-08 18:53 - 00000000 ____D () C:\ProgramData\install_clap
2015-03-08 18:45 - 2015-03-08 18:46 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\CyberLink
2015-03-08 18:44 - 2015-03-08 18:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-03-08 18:44 - 2015-03-08 18:53 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-03-08 18:44 - 2015-03-08 18:44 - 00002050 _____ () C:\Users\Public\Desktop\CyberLink BD Advisor.lnk
2015-03-08 18:44 - 2015-03-08 18:44 - 00000000 ____D () C:\ProgramData\CLSK
2015-03-08 18:43 - 2015-03-08 19:08 - 00000000 ____D () C:\ProgramData\Temp
2015-03-08 18:43 - 2015-03-08 18:59 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-08 18:14 - 2015-03-17 20:03 - 00000000 ____D () C:\Windows\erdnt
2015-03-08 18:14 - 2015-03-15 18:06 - 00000000 ____D () C:\Qoobox
2015-03-08 18:14 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-08 18:14 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-08 18:14 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-08 18:14 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-08 18:14 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-08 18:14 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-08 18:14 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-08 18:14 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-08 17:58 - 2015-03-14 23:08 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\CrashDumps
2015-03-08 17:43 - 2015-03-17 20:05 - 00000000 ____D () C:\EEK
2015-03-08 17:40 - 2015-03-08 17:40 - 00001268 _____ () C:\Users\Gemini II\Desktop\Revo Uninstaller.lnk
2015-03-08 17:40 - 2015-03-08 17:40 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-08 17:37 - 2015-03-15 15:33 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-08 17:37 - 2015-03-08 17:40 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-08 17:32 - 2015-03-19 20:58 - 00000000 ____D () C:\AdwCleaner
2015-03-08 17:27 - 2015-03-08 17:28 - 05613296 ____R (Swearware) C:\Users\Gemini II\Desktop\ComboFix.exe
2015-03-08 09:23 - 2015-03-08 09:24 - 00000000 ____D () C:\Users\Gemini II\Desktop\Mar15
2015-03-07 20:47 - 2015-03-07 22:10 - 00000000 ____D () C:\Users\Gemini II\Desktop\Untitled Export
2015-03-07 14:24 - 2015-03-07 14:24 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bit.lnk
2015-03-07 14:24 - 2015-03-07 14:24 - 00002055 _____ () C:\Users\Public\Desktop\Lightroom 5.7 64-bit.lnk
2015-03-07 14:21 - 2015-03-07 14:21 - 00000000 ____D () C:\Users\Gemini II\Desktop\Adobe
2015-03-07 11:44 - 2015-03-07 11:44 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-07 11:44 - 2015-03-07 11:44 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-07 11:43 - 2015-03-07 14:24 - 00000000 ____D () C:\Program Files\Adobe
2015-03-07 11:01 - 2015-03-07 11:01 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Macromedia
2015-03-07 10:59 - 2015-03-14 15:08 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-07 10:59 - 2015-03-14 15:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-07 10:59 - 2015-03-07 10:59 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-03-07 10:59 - 2015-03-07 10:59 - 00000000 ____D () C:\Windows\system32\Macromed
2015-03-07 10:56 - 2015-03-14 15:09 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\Adobe
2015-03-07 10:31 - 2015-03-07 10:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-03-07 00:16 - 2015-03-07 00:16 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Logitech
2015-03-07 00:16 - 2015-03-07 00:16 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Logishrd
2015-03-06 23:56 - 2015-03-14 14:54 - 00000000 ____D () C:\Users\Gemini II\Desktop\Security
2015-03-06 23:38 - 2015-03-10 21:15 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\Microsoft Games
2015-03-06 23:36 - 2015-03-14 11:03 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Foxit Software
2015-03-06 23:36 - 2015-03-06 23:36 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-03-06 22:59 - 2015-03-15 08:50 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-06 22:59 - 2015-03-06 22:59 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-06 22:59 - 2015-03-06 22:59 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-06 22:59 - 2015-03-06 22:59 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-06 22:59 - 2015-03-06 22:59 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-03-06 22:59 - 2015-03-06 22:59 - 00000000 ____D () C:\Windows\system32\vbox
2015-03-06 22:59 - 2015-03-06 22:59 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\AVAST Software
2015-03-06 22:59 - 2015-03-06 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-06 22:42 - 2015-03-08 18:59 - 00062648 _____ () C:\Users\Gemini II\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-06 22:42 - 2015-03-06 22:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-06 22:42 - 2015-03-06 22:42 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-06 22:33 - 2015-03-19 20:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-06 22:33 - 2015-03-19 20:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-06 22:33 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-06 22:33 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-06 22:33 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-06 22:33 - 2015-03-06 22:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-06 22:31 - 2015-03-06 22:31 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-03-06 22:31 - 2015-03-06 22:31 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-03-06 22:30 - 2015-03-06 22:29 - 00000000 ____D () C:\Windows\Panther
2015-03-06 22:29 - 2015-03-06 22:29 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-06 22:29 - 2015-03-06 22:29 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-06 22:27 - 2015-03-07 11:23 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\NVIDIA Corporation
2015-03-06 22:27 - 2015-03-07 11:23 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\NVIDIA
2015-03-06 22:25 - 2015-03-06 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-06 22:25 - 2015-03-06 22:25 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-06 22:25 - 2015-03-06 22:25 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-06 22:25 - 2015-02-05 17:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-06 22:25 - 2015-02-05 17:01 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-06 22:25 - 2015-02-05 17:01 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-06 22:25 - 2015-02-05 17:01 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-06 22:25 - 2015-02-05 15:07 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-03-06 22:25 - 2015-02-05 15:07 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-03-06 22:25 - 2015-02-05 15:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-03-06 22:25 - 2015-02-05 15:07 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-03-06 22:25 - 2015-02-05 15:07 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-03-06 22:25 - 2015-02-05 15:06 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-03-06 22:25 - 2015-02-05 13:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-06 22:25 - 2015-02-05 08:50 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-03-06 22:25 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-06 22:25 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-06 22:25 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-06 22:25 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-06 22:25 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-06 22:25 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-06 22:24 - 2015-03-06 22:28 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-03-06 22:24 - 2015-03-06 22:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-06 22:24 - 2015-03-06 22:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-06 22:24 - 2015-02-05 17:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-03-06 22:24 - 2015-02-05 17:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-03-06 22:24 - 2015-02-05 17:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-03-06 22:24 - 2015-02-05 17:01 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-03-06 22:24 - 2015-02-05 17:01 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-03-06 21:23 - 2015-03-15 14:47 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Adobe
2015-03-06 21:14 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-03-06 21:12 - 2015-03-06 21:12 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-06 21:12 - 2015-03-06 21:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-06 21:12 - 2015-03-06 21:12 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-06 21:12 - 2015-03-06 21:12 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-06 21:12 - 2015-03-06 21:12 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-03-06 21:12 - 2015-03-06 21:12 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-03-06 21:12 - 2015-03-06 21:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-03-06 21:12 - 2015-03-06 21:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-03-06 21:12 - 2015-03-06 21:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-06 21:12 - 2015-03-06 21:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-06 21:12 - 2015-03-06 21:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-06 21:12 - 2015-03-06 21:12 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-03-06 21:12 - 2015-03-06 21:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-03-06 21:12 - 2015-03-06 21:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-03-06 21:12 - 2015-03-06 21:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-03-06 21:12 - 2015-03-06 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-03-06 21:12 - 2015-03-06 21:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-03-06 21:11 - 2015-03-06 21:11 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-06 21:11 - 2015-03-06 21:11 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-06 20:51 - 2015-03-19 20:59 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-06 20:14 - 2015-03-06 20:14 - 00000000 ____D () C:\ProgramData\Sun
2015-03-06 20:14 - 2015-03-06 20:14 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-06 19:58 - 2012-02-17 02:38 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-06 19:58 - 2012-02-17 02:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-03-06 19:58 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-03-06 19:58 - 2012-02-17 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-03-06 19:58 - 2012-02-17 00:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-03-06 19:49 - 2015-03-06 19:49 - 00000886 _____ () C:\Users\Public\Desktop\3TB+Unlock.lnk
2015-03-06 19:49 - 2015-03-06 19:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_VirtDiskBus64_01009.Wdf
2015-03-06 19:49 - 2015-03-06 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2015-03-06 19:49 - 2011-02-08 17:02 - 00066160 _____ (Giga-Byte Technology CO., LTD.) C:\Windows\system32\Drivers\VirtDiskBus64.sys
2015-03-06 19:49 - 2009-07-14 15:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-03-06 19:48 - 2015-03-06 19:49 - 00000000 ____D () C:\Windows\GBD
2015-03-06 19:46 - 2015-03-19 20:10 - 00772558 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-06 19:43 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-06 19:43 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-06 19:43 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-06 19:43 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-06 19:43 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-06 19:43 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-06 19:43 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-06 19:43 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-06 19:43 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-06 19:43 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-06 19:43 - 2014-05-14 10:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-06 19:43 - 2014-05-14 10:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-06 19:43 - 2014-05-14 10:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-06 19:43 - 2014-05-14 10:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-03-06 19:42 - 2015-03-06 19:49 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2015-03-06 19:42 - 2015-03-06 19:42 - 00000000 ____D () C:\Program Files\GIGABYTE
2015-03-06 19:42 - 2015-03-06 19:42 - 00000000 ____D () C:\Program Files (x86)\Etron Technology
2015-03-06 19:42 - 2012-10-25 10:01 - 00022680 _____ () C:\Windows\system32\Drivers\AppleCharger.sys
2015-03-06 19:42 - 2012-08-07 03:09 - 00088832 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronXHCI.sys
2015-03-06 19:42 - 2012-08-07 03:09 - 00065152 _____ (Etron Technology Inc) C:\Windows\system32\Drivers\EtronHub3.sys
2015-03-06 19:42 - 2010-04-06 17:30 - 00031272 _____ () C:\Windows\system32\AppleChargerSrv.exe
2015-03-06 19:41 - 2015-03-08 19:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 19:41 - 2015-03-06 19:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-06 19:41 - 2012-04-10 21:40 - 00082560 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-03-06 19:41 - 2012-04-10 21:40 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-03-06 19:41 - 2011-08-23 09:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-03-06 19:41 - 2011-08-23 09:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-03-06 19:41 - 2011-08-23 09:57 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll
2015-03-06 19:40 - 2015-03-06 19:40 - 00000000 ____D () C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2015-03-06 19:40 - 2015-03-06 19:40 - 00000000 ____D () C:\Program Files (x86)\Marvell
2015-03-06 19:38 - 2015-03-06 19:38 - 00000010 _____ () C:\Windows\GSetup.ini
2015-03-06 19:36 - 2015-03-06 21:23 - 00001417 _____ () C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-06 19:36 - 2015-03-06 19:36 - 00000020 ___SH () C:\Users\Gemini II\ntuser.ini
2015-03-06 19:36 - 2015-03-06 19:36 - 00000000 ____D () C:\Users\Gemini II\AppData\Local\VirtualStore
2015-03-06 19:36 - 2015-03-06 19:36 - 00000000 ____D () C:\Users\Gemini II
2015-03-06 19:36 - 2015-03-06 19:36 - 00000000 ____D () C:\Recovery
2015-03-06 19:36 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 19:36 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-19 20:59 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-19 20:59 - 2009-07-14 00:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:59 - 2009-07-14 00:45 - 00016832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-19 20:12 - 2009-07-14 01:13 - 00792712 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-19 20:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-19 20:02 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-17 19:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-15 18:05 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-10 18:27 - 2009-07-14 00:45 - 00276096 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-07 11:33 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-06 22:31 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-06 22:31 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 22:31 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-06 22:30 - 2010-11-21 03:16 - 00000000 ____D () C:\Windows\CSC
2015-03-06 22:29 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-03-06 22:29 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-03-06 22:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2015-03-06 21:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-03-06 21:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-03-06 21:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-03-06 21:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-03-06 21:14 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-03-06 19:41 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2015-03-06 19:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-24 04:17 - 2010-11-20 23:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Gemini II\AppData\Local\Temp\Quarantine.exe
C:\Users\Gemini II\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-15 12:48

==================== End Of Log ============================

 

 

And the Attach log results for FARBAR:
 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Gemini II at 2015-03-19 21:03:15
Running from C:\Users\Gemini II\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3TB+Unlock B12.1102.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.6410 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.7.40.126 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.0.306 - Foxit Software Inc.)
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Viber (HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\...\Viber) (Version: 5.0.1.42 - Viber Media Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

06-03-2015 19:41:22 Installed Realtek Ethernet Controller Driver
06-03-2015 19:42:45 Installed Etron USB3.0 Host Controller
06-03-2015 19:43:38 Windows Update
06-03-2015 19:44:26 Windows Update
06-03-2015 19:49:31 Installed 3TB+Unlock B12.1102.1
06-03-2015 19:58:14 Windows Update
06-03-2015 21:11:15 Windows Modules Installer
06-03-2015 22:25:29 Installed DirectX
06-03-2015 22:42:39 avast! antivirus system restore point
07-03-2015 11:43:39 Installed Adobe Photoshop Lightroom 5.2 64-bit.
07-03-2015 14:23:19 Installed Adobe Photoshop Lightroom 5.7 64-bit.
08-03-2015 17:41:02 Revo Uninstaller's restore point - Java 8 Update 40
08-03-2015 17:41:12 Removed Java 8 Update 40
08-03-2015 18:43:34 Installed Suite2
15-03-2015 18:01:41 ComboFix created restore point
15-03-2015 20:32:42 Windows Update
17-03-2015 22:22:07 Windows Update
18-03-2015 21:17:47 Windows Update
18-03-2015 22:19:42 Windows Update
19-03-2015 20:08:28 Windows Update
19-03-2015 20:52:54 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-03-17 19:51 - 00000835 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {8AA84959-FF94-4FC7-BFE0-50B99759EB4C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {EC6B298E-0123-4720-9602-71E93C58B0D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-06] (Avast Software s.r.o.)

==================== Loaded Modules (whitelisted) ==============

2015-03-06 22:25 - 2015-02-05 15:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-17 20:55 - 2015-02-25 09:37 - 00776400 _____ () C:\Users\Gemini II\AppData\Local\Viber\Viber.exe
2015-03-06 22:59 - 2015-03-06 22:59 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-06 22:59 - 2015-03-06 22:59 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-19 19:59 - 2015-03-19 19:59 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031901\algo.dll
2015-03-17 20:55 - 2015-02-25 09:36 - 49469440 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\libViber.dll
2015-03-17 20:55 - 2015-01-09 07:54 - 00769024 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\libGLESv2.dll
2015-03-17 20:55 - 2015-02-25 09:13 - 00104448 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\qfacebook.dll
2015-03-17 20:55 - 2015-02-25 09:13 - 00171008 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\exif.dll
2015-03-17 20:55 - 2014-06-30 03:11 - 00047104 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\libEGL.dll
2015-03-17 20:55 - 2014-08-20 11:13 - 00875008 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\platforms\qwindows.dll
2015-03-17 20:55 - 2014-06-30 03:17 - 00021504 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qgif.dll
2015-03-17 20:55 - 2014-06-30 03:17 - 00020992 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qico.dll
2015-03-17 20:55 - 2014-06-30 03:17 - 00204800 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qjpeg.dll
2015-03-17 20:55 - 2014-06-30 03:20 - 00218112 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qmng.dll
2015-03-17 20:55 - 2014-06-30 03:18 - 00015872 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qsvg.dll
2015-03-17 20:55 - 2014-06-30 03:20 - 00015360 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qtga.dll
2015-03-17 20:55 - 2014-06-30 03:21 - 00307712 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qtiff.dll
2015-03-17 20:55 - 2014-06-30 03:20 - 00014848 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\imageformats\qwbmp.dll
2015-03-17 20:55 - 2014-06-30 03:17 - 00635392 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\sqldrivers\qsqlite.dll
2015-03-17 20:55 - 2014-06-30 03:18 - 00026624 _____ () C:\Users\Gemini II\AppData\Local\Viber\5.0.1.42\iconengines\qsvgicon.dll
2015-03-06 22:59 - 2015-03-06 22:59 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-06 22:59 - 2015-03-06 22:59 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-06 22:59 - 2015-03-06 22:59 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gemini II\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: LGODDFU => C:\Program Files (x86)\lg_fwupdate\lgfw.exe blrun
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Viber => "C:\Users\Gemini II\AppData\Local\Viber\Viber.exe" StartMinimized

==================== Accounts: =============================

Administrator (S-1-5-21-3920217327-2861913480-2558560243-500 - Administrator - Disabled)
Gemini II (S-1-5-21-3920217327-2861913480-2558560243-1000 - Administrator - Enabled) => C:\Users\Gemini II
Guest (S-1-5-21-3920217327-2861913480-2558560243-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: G19 Gaming Keyboard (Display interface)
Description: G19 Gaming Keyboard (Display interface)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/19/2015 09:00:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 08:05:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 08:02:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 07:59:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 10:07:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:14:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:11:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:09:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:06:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2862152).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2736422).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB3031432).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2835361).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB3006226).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2564958).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2511455).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2973351).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB2976627).

Error: (03/19/2015 09:02:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Security Update for Windows 7 for x64-based Systems (KB2813430).

Microsoft Office Sessions:
=========================
Error: (03/19/2015 09:00:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 08:05:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 08:02:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 07:59:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 10:07:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:14:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:11:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:09:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:06:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 09:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: AMD FX™-8350 Eight-Core Processor
Percentage of memory in use: 20%
Total physical RAM: 16344.73 MB
Available physical RAM: 13035.3 MB
Total Pagefile: 32687.64 MB
Available Pagefile: 29542.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.84 GB) (Free:386.67 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:659.58 GB) NTFS
Drive f: () (Fixed) (Total:298.09 GB) (Free:297.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FECAEB6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: C949F634)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: B134B134)
Partition 2: (Not Active) - (Size=298.1 GB) - (Type=OF Extended)

==================== End Of Log ============================

Computer seems to be running fine but that's also how it's reacted before until suddenly it seems to be able to shut off or disconnect my router at random. I've had the router checked and the incoming lines checked as well.

 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 20 March 2015 - 08:35 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

Download Farbar's Service Scanner utility
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/
and Save to your Desktop.
If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Administrator.
If using XP, double-click to start.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender


Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.

How is the computer running?

Wait for further instructions.

#5 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 20 March 2015 - 06:05 PM

Ok here's the first one the fixlog file results:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Gemini II at 2015-03-20 18:52:57 Run:1
Running from C:\Users\Gemini II\Desktop
Loaded Profiles: Gemini II (Available profiles: Gemini II)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-06]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3920217327-2861913480-2558560243-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => Key deleted successfully.
Could not move "C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => Scheduled to move on reboot.
gdrv => Service deleted successfully.
VGPU => Service deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-20 18:54:45)<=

"C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx" => File could not move.

==== End of Fixlog 18:54:45 ====

 

 

And now the FSS logfile results:
 

 

Farbar Service Scanner Version: 17-01-2015
Ran by Gemini II (administrator) on 20-03-2015 at 18:58:09
Running from "C:\Users\Gemini II\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is set to Demand. The default start type is Auto.
The ImagePath of bfe: ".".
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

 

Seems to be running ok so far.


 



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 21 March 2015 - 08:28 AM

Before you proceed with these instructions create a restore point. Windows 7.
http://windows.microsoft.com/en-ca/windows7/create-a-restore-point
===

Go to this Windows 7 service files page.

http://download.bleepingcomputer.com/win-services/7/

Download the BFE.reg file to your desktop.

Right click on the file and run as and administrator.

Restart the computer normally.

Run the Farbar Service Scanner and post a fresh log for my review.

#7 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 21 March 2015 - 06:16 PM

Downloaded the BFE.reg file on my desktop but right clicking on it doe snot give me the option to run as Administrator?

 

When I try to run it by double clicking I get the error message:
 

Registry Editor

Cannot Import C:\Users\Gemini II\Desktop\BFE.reg: Error accessing the registry.

 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 22 March 2015 - 07:45 AM

Your PATH variable may need to be changed.

Navigate to this page.
http://geekswithblogs.net/renso/archive/2009/10/21/how-to-set-the-windows-path-in-windows-7.aspx

Follow the instructions, but in item 4 do the following.

4 - Finally, in the Environment Variables window (as shown below), highlight the Path variable in the Systems Variable section and click the Edit button.
Right click on the path string and copy it to the clipboad, save it to notepad.

Post the results on your next reply

#9 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 23 March 2015 - 06:52 PM

%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 24 March 2015 - 07:57 AM

Copy or move the BFE.reg to the C:\ drive (the systemRoot).

Navigaet to the MyComputer > Local C drive.
Double click on the BFE.reg file and merge it to the registry.

Restart the computer normally.

Run the Farbar Service Scanner and post a fresh log for my review.

#11 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 24 March 2015 - 08:31 PM

Merge it to the registry? How?

I opened C: drive and have a list of things but registry is not any of them, even blown out.

I did try merging it into the C: drive but received the following error message:
Cannot import C:BFE.reg: Error accessing the registry.
 



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 25 March 2015 - 07:57 AM


I think we are dealing with some restrictions issues.


Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Click Next at the Welcome Screen, Click Next on Step 1 Screen
  • Click Next on Step 2 Screen, Click Do it on Step 3 Screen, After is has completed click Next
  • On Step 4 Under System Restore Click Create, Then under registry back-up Click Backup When you have completed this click Next
  • Click on Repairs
  • Click Open repairs - Icon in the bottom right corner
  • Click the Unselect All button then select just the item(s) below

  • 01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    06 - Repair Windows Firewall
    10 - Remove Policies Set By Infections
    17 - Repair Windows Updates
    26 - Restore Important Windows Services
    27 - Set Windows Service to Default Startup
    
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.

  • ===

    How is it now?
From the Start run menu enter CMD in the search box.
Right click on the CMD.EXE file and select run as an Administrator.

From the C:\ drive double click on the BFE.REG file and merge it to the registry.

Run the Farbar Service Scanner and post a fresh log for my review

#13 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 25 March 2015 - 07:58 PM

Received no errors from Tweaking.com's Window Repair.

 

Still cannot merge the BFE.REG file into the registry. Coming up with the same last issue:


Cannot import C:\BFE.reg: Error accessing the registry.
 

FSS logfile:
 

Farbar Service Scanner Version: 17-01-2015
Ran by Gemini II (administrator) on 25-03-2015 at 20:57:50
Running from "C:\Users\Gemini II\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is set to Demand. The default start type is Auto.
The ImagePath of bfe: ".".
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****



 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,926 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 PM

Posted 26 March 2015 - 08:16 AM

I'm checking with the experts on this problem.

I will get back to you.

Stay with me.

#15 sh4rkbyt3

sh4rkbyt3
  • Topic Starter

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:18 PM

Posted 26 March 2015 - 04:06 PM

Ok thank you nasdaq.

So far I cannot get Microsoft Updates nor can I update Adobe Flash Player.

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users