Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Undetected trojan and im infected with it!


  • This topic is locked This topic is locked
2 replies to this topic

#1 ikickyour

ikickyour

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 PM

Posted 02 May 2015 - 06:20 AM

Here are the two logs, I've scanned with just about every anti-virus and anti-malware there is and no luck on finding it but it's shown that it's still in my computer. I've multiple times gave it to virustotal.com and to my emsisoft internet security but they haven't detected it yet. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015 Ran by MH (administrator) on MARTY on 02-05-2015 04:16:46 Running from C:\Users\MH\Downloads Loaded Profiles: MH (Available profiles: MH) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe (Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe (AMD) C:\Windows\System32\atieclxx.exe (Camshare, Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (PureVPN) C:\Program Files (x86)\PureVPN\purevpn.exe (www.chrismc.de) C:\Program Files (x86)\XArp\xarp.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2guard.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2start.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [XArp] => C:\Program Files (x86)\XArp\xarp.exe [10413568 2011-04-01] (www.chrismc.de) HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4918056 2015-05-02] (Emsisoft GmbH) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-4195745053-2269876303-545142189-1001\...\Run: [Camfrog] => C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe [15019536 2015-02-16] (Camshare, Inc.) HKU\S-1-5-21-4195745053-2269876303-545142189-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-13] (Valve Corporation) Startup: C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PureVPN.lnk [2015-05-02] ShortcutTarget: PureVPN.lnk -> C:\Program Files (x86)\PureVPN\purevpn.exe (PureVPN) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4195745053-2269876303-545142189-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 FireFox: ======== FF ProfilePath: C:\Users\MH\AppData\Roaming\Mozilla\Firefox\Profiles\0t217onm.default FF Extension: NoScript - C:\Users\MH\AppData\Roaming\Mozilla\Firefox\Profiles\0t217onm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-02] FF Extension: Adblock Plus - C:\Users\MH\AppData\Roaming\Mozilla\Firefox\Profiles\0t217onm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [5513384 2015-05-02] (Emsisoft GmbH) R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1032680 2014-10-02] (Camshare Inc.) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-05-02] (SurfRight B.V.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [32568 2015-01-28] (The OpenVPN Project) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH) R3 fwndis; C:\Windows\system32\DRIVERS\fwndis64.sys [491632 2015-01-01] () R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414936 2015-01-01] () R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-02 04:16 - 2015-05-02 04:16 - 02101248 _____ (Farbar) C:\Users\MH\Downloads\FRST64.exe 2015-05-02 04:16 - 2015-05-02 04:16 - 00006929 _____ () C:\Users\MH\Downloads\FRST.txt 2015-05-02 04:16 - 2015-05-02 04:16 - 00000000 ____D () C:\FRST 2015-05-02 04:14 - 2015-05-02 04:14 - 05198336 _____ (AVAST Software) C:\Users\MH\Downloads\aswMBR.exe 2015-05-02 04:14 - 2015-05-02 04:14 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\MH\Downloads\rkill.com 2015-05-02 04:14 - 2015-05-02 04:14 - 00002188 _____ () C:\Users\MH\Desktop\Rkill.txt 2015-05-02 04:13 - 2015-05-02 04:14 - 119275136 _____ (Sophos Limited) C:\Users\MH\Downloads\Sophos Virus Removal Tool.exe 2015-05-02 04:13 - 2015-05-02 04:13 - 08656400 _____ (Trend Micro Inc.) C:\Users\MH\Downloads\RootkitBuster_v5_1061.exe 2015-05-02 04:13 - 2015-05-02 04:13 - 00000000 ____D () C:\Users\MH\Downloads\TMRBLog 2015-05-02 04:11 - 2015-05-02 04:11 - 00000000 ____D () C:\Users\MH\AppData\Local\Steam 2015-05-02 04:10 - 2015-05-02 04:11 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-05-02 04:10 - 2015-05-02 04:10 - 00000975 _____ () C:\Users\Public\Desktop\Steam.lnk 2015-05-02 04:10 - 2015-05-02 04:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-05-02 03:59 - 2015-05-02 04:00 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-05-02 03:59 - 2015-05-02 03:59 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\MH\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-02 03:59 - 2015-05-02 03:59 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-05-02 03:59 - 2015-05-02 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-02 03:59 - 2015-05-02 03:59 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-02 03:59 - 2015-05-02 03:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-05-02 03:59 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-05-02 03:59 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-05-02 03:59 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-05-02 03:40 - 2015-05-02 03:40 - 12290974 _____ (ImageWriter Developers ) C:\Users\MH\Downloads\Win32DiskImager-0.9.5-install(1).exe 2015-05-02 03:40 - 2015-05-02 03:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer 2015-05-02 03:40 - 2015-05-02 03:40 - 00000000 ____D () C:\Program Files (x86)\ImageWriter 2015-05-02 03:39 - 2015-05-02 03:57 - 3063349248 _____ () C:\Users\MH\Downloads\kali-linux-1.1.0a-amd64(1).iso 2015-05-02 03:29 - 2015-05-02 03:29 - 00000000 ____D () C:\Users\MH\AppData\Roaming\ATI 2015-05-02 03:29 - 2015-05-02 03:29 - 00000000 ____D () C:\Users\MH\AppData\Local\ATI 2015-05-02 03:29 - 2015-05-02 03:29 - 00000000 ____D () C:\ProgramData\ATI 2015-05-02 03:26 - 2015-05-02 03:28 - 00000000 ___SD () C:\WINDOWS\system32\GWX 2015-05-02 03:26 - 2015-05-02 03:26 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX 2015-05-02 03:26 - 2015-05-02 03:26 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2015-05-02 03:26 - 2015-05-02 03:26 - 00000000 ____D () C:\WINDOWS\system32\appraiser 2015-05-02 02:25 - 2015-05-02 02:25 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Gaming Club.lnk 2015-05-02 02:25 - 2015-05-02 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Club 2015-05-02 02:24 - 2015-05-02 02:24 - 00904240 _____ () C:\Users\MH\Downloads\gamingclub.exe 2015-05-02 02:21 - 2015-05-02 02:23 - 00001797 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Spin Palace Casino.lnk 2015-05-02 02:21 - 2015-05-02 02:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spin Palace Casino 2015-05-02 02:21 - 2015-05-02 02:21 - 00965424 _____ () C:\Users\MH\Downloads\SpinPalace.exe 2015-05-02 02:21 - 2015-05-02 02:21 - 00000000 ____D () C:\ProgramData\MGS 2015-05-02 02:21 - 2015-05-02 02:21 - 00000000 ____D () C:\Microgaming 2015-05-02 02:19 - 2015-05-02 01:56 - 00000000 ___DC () C:\WINDOWS\Panther 2015-05-02 02:18 - 2015-05-02 02:19 - 00000000 ____D () C:\Windows.old 2015-05-02 02:18 - 2015-05-02 02:18 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2015-05-02 02:12 - 2015-05-02 02:12 - 00000000 ____D () C:\$WINDOWS.~BT 2015-05-02 02:11 - 2015-05-02 02:11 - 10819232 _____ (Camshare, Inc.) C:\Users\MH\Downloads\camfrog(1).exe 2015-05-02 02:11 - 2015-05-02 02:11 - 00002199 _____ () C:\Users\MH\Desktop\Camfrog Video Chat.lnk 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Camfrog 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\Users\MH\AppData\Local\CrashRpt 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\Users\MH\AppData\Local\Camfrog 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\ProgramData\Camfrog Update 2015-05-02 02:11 - 2015-05-02 02:11 - 00000000 ____D () C:\Program Files (x86)\Camfrog 2015-05-02 02:06 - 2015-05-02 02:07 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-05-02 02:06 - 2015-04-01 11:16 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-05-02 02:00 - 2015-05-02 02:00 - 00008067 _____ () C:\WINDOWS\system32\lvcoinst.log 2015-05-02 02:00 - 2015-05-02 02:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd 2015-05-02 01:57 - 2015-05-02 01:57 - 06216032 _____ (Microsoft Corporation) C:\Users\MH\Downloads\windowsupdateagent30-x86.exe 2015-05-02 01:47 - 2015-01-29 20:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2015-05-02 01:47 - 2014-12-19 01:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2015-05-02 01:47 - 2014-12-19 01:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2015-05-02 01:47 - 2014-10-30 16:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2015-05-02 01:47 - 2014-10-30 16:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2015-05-02 01:46 - 2015-05-02 03:29 - 00000000 ____D () C:\Program Files (x86)\Razer 2015-05-02 01:46 - 2015-05-02 01:46 - 00000000 ____D () C:\ProgramData\Razer 2015-05-02 01:45 - 2014-12-08 20:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll 2015-05-02 01:45 - 2014-12-08 18:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll 2015-05-02 01:45 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-05-02 01:45 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-05-02 01:45 - 2014-03-19 21:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2015-05-02 01:45 - 2014-03-19 20:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-05-02 01:45 - 2014-03-19 20:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2015-05-02 01:45 - 2014-03-19 18:29 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2015-05-02 01:45 - 2014-03-19 17:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-05-02 01:45 - 2014-03-19 17:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-05-02 01:45 - 2014-03-19 16:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2015-05-02 01:45 - 2014-03-19 16:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-05-02 01:45 - 2014-03-19 16:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-05-02 01:45 - 2014-03-19 00:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2015-05-02 01:45 - 2014-03-18 22:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2015-05-02 01:45 - 2014-03-18 22:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe 2015-05-02 01:45 - 2014-03-18 22:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-05-02 01:45 - 2014-03-18 22:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe 2015-05-02 01:45 - 2014-03-18 22:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-05-02 01:45 - 2014-03-18 21:41 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2015-05-02 01:45 - 2014-03-18 21:17 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2015-05-02 01:45 - 2014-03-13 05:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2015-05-02 01:45 - 2014-03-11 08:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2015-05-02 01:45 - 2014-03-11 07:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2015-05-02 01:45 - 2014-03-08 13:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-05-02 01:45 - 2014-03-08 13:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-05-02 01:45 - 2014-03-08 13:35 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2015-05-02 01:45 - 2014-03-08 08:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-05-02 01:45 - 2014-03-08 04:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-05-02 01:45 - 2014-03-08 02:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll 2015-05-02 01:45 - 2014-03-08 01:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll 2015-05-02 01:45 - 2014-03-08 01:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll 2015-05-02 01:45 - 2014-03-08 01:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll 2015-05-02 01:45 - 2014-03-08 00:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2015-05-02 01:45 - 2014-03-08 00:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-05-02 01:45 - 2014-03-08 00:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll 2015-05-02 01:45 - 2014-03-08 00:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2015-05-02 01:45 - 2014-03-08 00:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-05-02 01:45 - 2014-03-08 00:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-05-02 01:45 - 2014-03-07 23:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-05-02 01:45 - 2014-03-07 23:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-05-02 01:45 - 2014-03-07 23:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-05-02 01:45 - 2014-03-07 23:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-05-02 01:45 - 2014-03-07 23:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-05-02 01:45 - 2014-03-07 23:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-05-02 01:45 - 2014-03-07 23:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-05-02 01:45 - 2014-03-07 23:09 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-05-02 01:45 - 2014-03-07 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-05-02 01:45 - 2014-03-07 23:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-05-02 01:45 - 2014-03-07 22:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-05-02 01:45 - 2014-03-07 22:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-05-02 01:45 - 2014-03-07 22:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-05-02 01:45 - 2014-03-06 07:35 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2015-05-02 01:45 - 2014-03-06 07:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-05-02 01:45 - 2014-03-06 07:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2015-05-02 01:45 - 2014-03-06 05:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2015-05-02 01:45 - 2014-03-06 05:40 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-05-02 01:45 - 2014-03-06 04:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2015-05-02 01:45 - 2014-03-06 04:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2015-05-02 01:45 - 2014-03-06 04:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2015-05-02 01:45 - 2014-03-06 03:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-05-02 01:45 - 2014-03-06 03:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-05-02 01:45 - 2014-03-06 02:29 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2015-05-02 01:45 - 2014-03-06 02:24 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2015-05-02 01:45 - 2014-03-06 02:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2015-05-02 01:45 - 2014-03-06 02:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2015-05-02 01:45 - 2014-03-06 02:22 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2015-05-02 01:45 - 2014-03-06 02:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2015-05-02 01:45 - 2014-03-06 02:20 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2015-05-02 01:45 - 2014-03-06 02:20 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-05-02 01:45 - 2014-03-06 02:20 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2015-05-02 01:45 - 2014-03-06 02:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2015-05-02 01:45 - 2014-03-06 02:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll 2015-05-02 01:45 - 2014-03-06 02:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2015-05-02 01:45 - 2014-03-06 02:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2015-05-02 01:45 - 2014-03-06 02:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2015-05-02 01:45 - 2014-03-06 02:08 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2015-05-02 01:45 - 2014-03-06 02:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2015-05-02 01:45 - 2014-03-06 01:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll 2015-05-02 01:45 - 2014-03-06 01:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2015-05-02 01:45 - 2014-03-06 01:37 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2015-05-02 01:45 - 2014-03-06 01:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2015-05-02 01:45 - 2014-03-06 01:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2015-05-02 01:45 - 2014-03-06 01:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2015-05-02 01:45 - 2014-03-06 01:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe 2015-05-02 01:45 - 2014-03-06 01:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-05-02 01:45 - 2014-03-06 00:47 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2015-05-02 01:45 - 2014-03-06 00:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll 2015-05-02 01:45 - 2014-03-06 00:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2015-05-02 01:45 - 2014-03-06 00:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-05-02 01:45 - 2014-03-06 00:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2015-05-02 01:45 - 2014-03-06 00:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2015-05-02 01:45 - 2014-03-05 23:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2015-05-02 01:45 - 2014-03-05 23:33 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-05-02 01:45 - 2014-03-05 23:32 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2015-05-02 01:45 - 2014-03-05 23:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2015-05-02 01:45 - 2014-03-05 23:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-05-02 01:45 - 2014-03-05 23:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2015-05-02 01:45 - 2014-03-05 23:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2015-05-02 01:45 - 2014-03-05 23:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll 2015-05-02 01:45 - 2014-03-05 23:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2015-05-02 01:45 - 2014-03-05 23:21 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2015-05-02 01:45 - 2014-03-05 23:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-05-02 01:45 - 2014-03-05 23:16 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-05-02 01:45 - 2014-03-05 23:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2015-05-02 01:45 - 2014-03-05 23:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2015-05-02 01:45 - 2014-03-05 23:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2015-05-02 01:45 - 2014-03-05 23:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll 2015-05-02 01:45 - 2014-03-05 23:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-05-02 01:45 - 2014-03-05 23:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2015-05-02 01:45 - 2014-03-05 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-05-02 01:45 - 2014-03-05 23:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2015-05-02 01:45 - 2014-03-05 22:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-05-02 01:45 - 2014-03-05 22:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2015-05-02 01:45 - 2014-03-05 22:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2015-05-02 01:45 - 2014-03-05 22:42 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-05-02 01:45 - 2014-03-05 22:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2015-05-02 01:45 - 2014-03-05 22:35 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-05-02 01:45 - 2014-03-05 22:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-05-02 01:45 - 2014-03-05 22:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-05-02 01:45 - 2014-03-05 22:28 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-05-02 01:45 - 2014-03-05 22:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-05-02 01:45 - 2014-03-05 22:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2015-05-02 01:45 - 2014-03-05 22:20 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2015-05-02 01:45 - 2014-03-04 05:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-05-02 01:45 - 2014-03-04 04:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-05-02 01:45 - 2014-03-04 00:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2015-05-02 01:45 - 2014-03-04 00:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2015-05-02 01:45 - 2014-03-04 00:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2015-05-02 01:45 - 2014-03-04 00:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2015-05-02 01:45 - 2014-03-03 23:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2015-05-02 01:45 - 2014-03-03 23:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2015-05-02 01:45 - 2014-03-03 23:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2015-05-02 01:45 - 2014-03-03 23:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2015-05-02 01:45 - 2014-03-03 23:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2015-05-02 01:45 - 2014-03-03 23:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2015-05-02 01:45 - 2014-03-03 23:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2015-05-02 01:45 - 2014-03-03 23:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2015-05-02 01:45 - 2014-03-03 22:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2015-05-02 01:45 - 2014-03-03 22:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2015-05-02 01:45 - 2014-02-06 15:59 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2015-05-02 01:45 - 2014-02-06 14:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2015-05-02 01:45 - 2013-12-23 16:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll 2015-05-02 01:45 - 2013-12-23 16:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2015-05-02 01:44 - 2015-03-14 01:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-05-02 01:44 - 2015-03-14 01:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-05-02 01:44 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-05-02 01:44 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-05-02 01:44 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-05-02 01:44 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-05-02 01:44 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-05-02 01:44 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-05-02 01:44 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-05-02 01:44 - 2015-02-06 16:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-05-02 01:44 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-05-02 01:44 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2015-05-02 01:44 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2015-05-02 01:44 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2015-05-02 01:44 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2015-05-02 01:44 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2015-05-02 01:44 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-05-02 01:44 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-05-02 01:44 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2015-05-02 01:44 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2015-05-02 01:44 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-05-02 01:44 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2015-05-02 01:44 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-05-02 01:44 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-05-02 01:44 - 2015-01-15 15:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-05-02 01:44 - 2015-01-15 15:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-05-02 01:44 - 2015-01-13 21:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-05-02 01:44 - 2015-01-13 20:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-05-02 01:44 - 2014-12-13 14:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls 2015-05-02 01:44 - 2014-12-13 14:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls 2015-05-02 01:44 - 2014-12-11 19:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-05-02 01:44 - 2014-12-11 17:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-05-02 01:44 - 2014-12-08 18:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-05-02 01:44 - 2014-11-09 19:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2015-05-02 01:44 - 2014-11-09 18:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2015-05-02 01:44 - 2014-10-28 19:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2015-05-02 01:44 - 2014-10-28 19:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2015-05-02 01:44 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-05-02 01:44 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-05-02 01:44 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-05-02 01:44 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe 2015-05-02 01:44 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-05-02 01:44 - 2014-10-28 19:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2015-05-02 01:44 - 2014-10-28 19:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2015-05-02 01:44 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll 2015-05-02 01:44 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-05-02 01:44 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-05-02 01:44 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-05-02 01:44 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe 2015-05-02 01:44 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll 2015-05-02 01:44 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-05-02 01:44 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2015-05-02 01:44 - 2014-10-28 18:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-05-02 01:44 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2015-05-02 01:44 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-05-02 01:44 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-05-02 01:44 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-05-02 01:44 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll 2015-05-02 01:44 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-05-02 01:44 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-05-02 01:44 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2015-05-02 01:44 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2015-05-02 01:44 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2015-05-02 01:44 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2015-05-02 01:44 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-05-02 01:44 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-05-02 01:44 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-05-02 01:44 - 2014-06-16 15:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2015-05-02 01:44 - 2014-06-16 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2015-05-02 01:44 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-05-02 01:44 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-05-02 01:44 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-05-02 01:44 - 2014-05-29 20:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-05-02 01:44 - 2014-03-06 05:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-05-02 01:44 - 2014-03-06 05:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-05-02 01:44 - 2014-03-06 05:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2015-05-02 01:44 - 2014-03-06 04:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-05-02 01:43 - 2015-03-23 14:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-05-02 01:43 - 2015-03-23 14:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-05-02 01:43 - 2015-03-23 14:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2015-05-02 01:43 - 2015-03-23 14:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-05-02 01:43 - 2015-03-23 14:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2015-05-02 01:43 - 2015-03-19 21:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2015-05-02 01:43 - 2015-03-19 21:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2015-05-02 01:43 - 2015-03-19 21:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2015-05-02 01:43 - 2015-03-19 20:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe 2015-05-02 01:43 - 2015-03-19 19:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe 2015-05-02 01:43 - 2015-03-19 19:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-05-02 01:43 - 2015-03-19 19:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-05-02 01:43 - 2014-10-28 19:43 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskperf.exe 2015-05-02 01:43 - 2014-10-28 19:17 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\logman.exe 2015-05-02 01:43 - 2014-10-28 18:58 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskperf.exe 2015-05-02 01:43 - 2014-10-28 18:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-05-02 01:43 - 2014-10-28 18:38 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logman.exe 2015-05-02 01:43 - 2014-10-28 18:26 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\typeperf.exe 2015-05-02 01:43 - 2014-10-28 18:26 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\relog.exe 2015-05-02 01:43 - 2014-10-28 18:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-05-02 01:43 - 2014-10-28 18:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2015-05-02 01:43 - 2014-10-28 18:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2015-05-02 01:43 - 2014-10-28 18:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2015-05-02 01:43 - 2014-10-28 18:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2015-05-02 01:43 - 2014-10-28 18:04 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typeperf.exe 2015-05-02 01:43 - 2014-10-28 18:04 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\relog.exe 2015-05-02 01:42 - 2015-05-02 01:42 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201505020142009603.log 2015-05-02 01:42 - 2014-12-18 23:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2015-05-02 01:42 - 2014-09-03 17:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2015-05-02 01:42 - 2014-09-03 17:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2015-05-02 01:41 - 2015-05-02 01:41 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-02 01:41 - 2015-05-02 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-05-02 01:41 - 2015-05-02 01:41 - 00000000 ____D () C:\Program Files\ATI Technologies 2015-05-02 01:41 - 2015-05-02 01:41 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2015-05-02 01:41 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-05-02 01:41 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-05-02 01:36 - 2015-05-02 04:03 - 00000000 ____D () C:\ProgramData\Emsisoft 2015-05-02 01:34 - 2015-05-02 04:16 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security 2015-05-02 01:34 - 2015-05-02 03:41 - 00000000 ____D () C:\Program Files\HitmanPro 2015-05-02 01:34 - 2015-05-02 01:36 - 00000000 ____D () C:\ProgramData\HitmanPro 2015-05-02 01:34 - 2015-05-02 01:34 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk 2015-05-02 01:34 - 2015-05-02 01:34 - 00001138 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk 2015-05-02 01:34 - 2015-05-02 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2015-05-02 01:34 - 2015-05-02 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security 2015-05-02 01:34 - 2015-03-24 00:17 - 00135800 _____ (Emsisoft GmbH) C:\WINDOWS\system32\Drivers\epp64.sys 2015-05-02 01:34 - 2015-01-01 22:36 - 00491632 _____ () C:\WINDOWS\system32\Drivers\fwndis64.sys 2015-05-02 01:33 - 2015-05-02 01:34 - 11028616 _____ (SurfRight B.V.) C:\Users\MH\Downloads\HitmanPro_x64(1).exe 2015-05-02 01:33 - 2015-05-02 01:33 - 161076720 _____ (Emsisoft Ltd. ) C:\Users\MH\Downloads\EmsisoftInternetSecuritySetup(3).exe 2015-05-02 01:32 - 2015-05-02 03:56 - 00000000 ____D () C:\Users\MH\AppData\Roaming\xarp-MH 2015-05-02 01:32 - 2015-05-02 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XArp 2015-05-02 01:32 - 2015-05-02 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2015-05-02 01:32 - 2015-05-02 01:32 - 00000000 ____D () C:\Program Files (x86)\XArp 2015-05-02 01:32 - 2015-05-02 01:32 - 00000000 ____D () C:\Program Files (x86)\WinPcap 2015-05-02 01:31 - 2015-05-02 01:32 - 04290904 _____ () C:\Users\MH\Downloads\xarp-2.2.2-win(2).exe 2015-05-02 01:30 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-05-02 01:30 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-05-02 01:30 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-05-02 01:30 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-05-02 01:30 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-05-02 01:30 - 2015-03-12 19:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2015-05-02 01:30 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-05-02 01:30 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-05-02 01:30 - 2015-03-12 19:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2015-05-02 01:30 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-05-02 01:30 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-05-02 01:30 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-05-02 01:30 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-05-02 01:30 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-05-02 01:30 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-05-02 01:30 - 2015-02-20 16:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2015-05-02 01:30 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-05-02 01:30 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-05-02 01:30 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-05-02 01:30 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-05-02 01:30 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-05-02 01:30 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-05-02 01:30 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-05-02 01:30 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2015-05-02 01:30 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-05-02 01:30 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2015-05-02 01:30 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2015-05-02 01:30 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2015-05-02 01:30 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2015-05-02 01:30 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2015-05-02 01:30 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-05-02 01:30 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-05-02 01:30 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-05-02 01:30 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-05-02 01:30 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-05-02 01:30 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-05-02 01:30 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2015-05-02 01:30 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-05-02 01:30 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2015-05-02 01:30 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-05-02 01:30 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-05-02 01:30 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-05-02 01:30 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2015-05-02 01:30 - 2015-01-11 18:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-05-02 01:30 - 2015-01-11 18:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-05-02 01:30 - 2014-12-05 20:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-05-02 01:30 - 2014-12-05 18:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-05-02 01:30 - 2014-10-30 21:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-05-02 01:30 - 2014-10-30 21:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2015-05-02 01:30 - 2014-10-30 21:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2015-05-02 01:30 - 2014-10-30 20:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-05-02 01:30 - 2014-10-30 19:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2015-05-02 01:30 - 2014-10-30 19:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-05-02 01:30 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2015-05-02 01:30 - 2014-10-28 19:48 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll 2015-05-02 01:30 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2015-05-02 01:30 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2015-05-02 01:30 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2015-05-02 01:30 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll 2015-05-02 01:30 - 2014-10-28 18:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2015-05-02 01:30 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-05-02 01:30 - 2014-10-28 18:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2015-05-02 01:30 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-05-02 01:30 - 2014-10-22 22:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2015-05-02 01:30 - 2014-10-22 22:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2015-05-02 01:30 - 2014-10-12 19:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-05-02 01:30 - 2014-10-12 19:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2015-05-02 01:30 - 2014-10-12 19:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-05-02 01:30 - 2014-10-12 19:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2015-05-02 01:30 - 2014-08-22 22:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-05-02 01:30 - 2014-08-22 22:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-05-02 01:30 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2015-05-02 01:30 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2015-05-02 01:30 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-05-02 01:30 - 2014-05-31 03:07 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-05-02 01:30 - 2014-05-31 03:07 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2015-05-02 01:30 - 2014-05-31 03:07 - 00419672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-05-02 01:30 - 2014-05-31 03:07 - 00089944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2015-05-02 01:30 - 2014-05-31 03:07 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2015-05-02 01:30 - 2014-05-30 23:30 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2015-05-02 01:30 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2015-05-02 01:30 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2015-05-02 01:30 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2015-05-02 01:30 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2015-05-02 01:30 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2015-05-02 01:30 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-05-02 01:30 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2015-05-02 01:30 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2015-05-02 01:30 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-05-02 01:30 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-05-02 01:30 - 2014-04-29 21:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-05-02 01:30 - 2014-04-29 21:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-05-02 01:30 - 2014-04-29 20:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-05-02 01:30 - 2014-04-08 15:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll 2015-05-02 01:30 - 2014-04-08 15:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll 2015-05-02 01:30 - 2014-04-08 11:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll 2015-05-02 01:30 - 2014-04-08 11:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll 2015-05-02 01:30 - 2014-03-30 22:35 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2015-05-02 01:29 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-05-02 01:29 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-05-02 01:29 - 2015-03-12 20:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-05-02 01:29 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-05-02 01:29 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-05-02 01:29 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-05-02 01:29 - 2015-03-12 20:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-05-02 01:29 - 2015-03-12 20:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-05-02 01:29 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-05-02 01:29 - 2015-03-12 19:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-05-02 01:29 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-05-02 01:29 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-05-02 01:29 - 2015-03-03 06:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-05-02 01:29 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-05-02 01:29 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-05-02 01:29 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-05-02 01:29 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-05-02 01:29 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-05-02 01:29 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-05-02 01:29 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-05-02 01:29 - 2015-01-11 19:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-05-02 01:29 - 2014-11-21 19:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-05-02 01:29 - 2014-11-21 19:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-05-02 01:29 - 2014-10-30 22:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2015-05-02 01:29 - 2014-10-30 22:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2015-05-02 01:29 - 2014-10-30 22:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2015-05-02 01:29 - 2014-10-30 22:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2015-05-02 01:29 - 2014-10-30 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2015-05-02 01:29 - 2014-10-30 22:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2015-05-02 01:29 - 2014-10-30 22:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-05-02 01:29 - 2014-10-30 22:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2015-05-02 01:29 - 2014-10-30 21:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-05-02 01:29 - 2014-10-30 21:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2015-05-02 01:29 - 2014-10-30 21:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-05-02 01:29 - 2014-10-30 21:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2015-05-02 01:29 - 2014-10-30 21:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2015-05-02 01:29 - 2014-10-30 21:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2015-05-02 01:29 - 2014-10-30 21:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2015-05-02 01:29 - 2014-10-30 21:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2015-05-02 01:29 - 2014-10-30 21:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2015-05-02 01:29 - 2014-10-30 21:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2015-05-02 01:29 - 2014-10-30 21:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2015-05-02 01:29 - 2014-10-30 21:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2015-05-02 01:29 - 2014-10-30 20:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2015-05-02 01:29 - 2014-10-30 20:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2015-05-02 01:29 - 2014-10-30 20:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2015-05-02 01:29 - 2014-10-30 20:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2015-05-02 01:29 - 2014-10-30 20:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2015-05-02 01:29 - 2014-10-30 20:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2015-05-02 01:29 - 2014-10-30 20:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2015-05-02 01:29 - 2014-10-30 20:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2015-05-02 01:29 - 2014-10-30 20:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2015-05-02 01:29 - 2014-10-30 20:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-05-02 01:29 - 2014-10-30 20:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2015-05-02 01:29 - 2014-10-30 20:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2015-05-02 01:29 - 2014-10-30 20:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-05-02 01:29 - 2014-10-30 20:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2015-05-02 01:29 - 2014-10-30 20:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2015-05-02 01:29 - 2014-10-30 20:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2015-05-02 01:29 - 2014-10-30 19:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-02 01:29 - 2014-10-30 19:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2015-05-02 01:29 - 2014-10-30 19:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2015-05-02 01:29 - 2014-10-30 19:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2015-05-02 01:29 - 2014-10-30 19:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2015-05-02 01:29 - 2014-10-30 19:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2015-05-02 01:29 - 2014-10-30 19:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2015-05-02 01:29 - 2014-06-06 06:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2015-05-02 01:29 - 2014-06-06 05:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2015-05-02 01:29 - 2014-02-06 04:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-05-02 01:29 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2015-05-02 01:29 - 2014-02-06 03:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-05-02 01:28 - 2015-03-14 01:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-05-02 01:28 - 2015-03-13 18:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2015-05-02 01:28 - 2015-03-13 18:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-05-02 01:28 - 2015-03-13 18:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2015-05-02 01:28 - 2015-03-13 18:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2015-05-02 01:28 - 2015-03-13 18:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2015-05-02 01:28 - 2015-03-13 17:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-05-02 01:28 - 2015-03-13 17:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-05-02 01:28 - 2015-03-13 17:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-05-02 01:28 - 2015-03-13 17:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-05-02 01:28 - 2015-03-13 17:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-05-02 01:28 - 2015-03-13 17:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-05-02 01:28 - 2015-03-13 17:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-05-02 01:28 - 2015-03-13 17:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-05-02 01:28 - 2015-03-13 17:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-05-02 01:28 - 2015-03-13 17:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-05-02 01:28 - 2015-03-13 16:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-05-02 01:28 - 2015-03-13 16:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-05-02 01:28 - 2015-03-04 03:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2015-05-02 01:28 - 2015-03-03 20:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2015-05-02 01:28 - 2015-03-03 19:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2015-05-02 01:28 - 2015-02-24 01:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2015-05-02 01:28 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-05-02 01:28 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-05-02 01:28 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-05-02 01:28 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-05-02 01:28 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-05-02 01:28 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-05-02 01:28 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-05-02 01:28 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-05-02 01:28 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-05-02 01:28 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-05-02 01:28 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-05-02 01:28 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-05-02 01:28 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-05-02 01:28 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-05-02 01:28 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-05-02 01:28 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-05-02 01:28 - 2014-12-08 12:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-05-02 01:28 - 2014-12-08 12:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2015-05-02 01:28 - 2014-12-08 12:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2015-05-02 01:28 - 2014-12-05 18:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-05-02 01:28 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-05-02 01:28 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-05-02 01:28 - 2014-10-30 15:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2015-05-02 01:28 - 2014-10-30 15:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2015-05-02 01:28 - 2014-10-28 21:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2015-05-02 01:28 - 2014-10-28 21:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2015-05-02 01:28 - 2014-10-28 20:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-05-02 01:28 - 2014-10-28 20:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-05-02 01:28 - 2014-10-28 20:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-05-02 01:28 - 2014-10-28 20:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-05-02 01:28 - 2014-10-28 20:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2015-05-02 01:28 - 2014-10-28 20:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2015-05-02 01:28 - 2014-10-28 20:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-05-02 01:28 - 2014-10-28 20:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-05-02 01:28 - 2014-10-28 20:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-05-02 01:28 - 2014-10-28 19:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2015-05-02 01:28 - 2014-10-28 18:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2015-05-02 01:28 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll 2015-05-02 01:28 - 2014-10-28 18:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-05-02 01:28 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll 2015-05-02 01:28 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2015-05-02 01:28 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2015-05-02 01:28 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2015-05-02 01:28 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-05-02 01:28 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2015-05-02 01:28 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-05-02 01:28 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2015-05-02 01:28 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-05-02 01:26 - 2015-05-02 04:05 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4195745053-2269876303-545142189-1001 2015-05-02 01:26 - 2015-05-02 01:26 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2015-05-02 01:26 - 2015-05-02 01:26 - 00000000 ____D () C:\Program Files\AMD 2015-05-02 01:26 - 2015-05-02 01:26 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin 2015-05-02 01:26 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-05-02 01:26 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-05-02 01:26 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2015-05-02 01:26 - 2014-09-27 00:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2015-05-02 01:26 - 2014-09-26 22:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2015-05-02 01:26 - 2014-09-26 20:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-05-02 01:25 - 2015-05-02 01:26 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Mozilla 2015-05-02 01:25 - 2015-05-02 01:26 - 00000000 ____D () C:\Users\MH\AppData\Local\Mozilla 2015-05-02 01:25 - 2015-05-02 01:25 - 00001171 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-05-02 01:25 - 2015-05-02 01:25 - 00001159 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 __SHD () C:\Users\MH\AppData\Local\EmieUserList 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 __SHD () C:\Users\MH\AppData\Local\EmieSiteList 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Macromedia 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 ____D () C:\ProgramData\Mozilla 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-02 01:25 - 2015-05-02 01:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-02 01:25 - 2015-03-22 15:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-05-02 01:25 - 2015-03-22 15:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-05-02 01:25 - 2014-12-02 16:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2015-05-02 01:23 - 2015-05-02 03:29 - 00000000 ____D () C:\ProgramData\purevpn 2015-05-02 01:23 - 2015-05-02 01:40 - 00000000 ____D () C:\Program Files (x86)\PureVPN 2015-05-02 01:23 - 2015-05-02 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureVPN 2015-05-02 01:23 - 2015-05-02 01:23 - 225479968 _____ () C:\Users\MH\Desktop\saved registry 5-2-2015 1AM.reg 2015-05-02 01:23 - 2015-05-02 01:23 - 00001083 _____ () C:\Users\Public\Desktop\PureVPN.lnk 2015-05-02 01:23 - 2015-05-02 01:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-05-02 01:23 - 2015-01-28 12:36 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys 2015-05-02 01:21 - 2015-05-02 03:57 - 01477084 _____ () C:\WINDOWS\WindowsUpdate.log 2015-05-02 01:20 - 2015-05-02 03:29 - 00000000 ____D () C:\Users\MH 2015-05-02 01:20 - 2015-05-02 01:20 - 00013338 _____ () C:\WINDOWS\diagwrn.xml 2015-05-02 01:20 - 2015-05-02 01:20 - 00013338 _____ () C:\WINDOWS\diagerr.xml 2015-05-02 01:20 - 2015-05-02 01:20 - 00012630 _____ () C:\Users\MH\Desktop\Removed Apps.html 2015-05-02 01:20 - 2015-05-02 01:20 - 00000020 ___SH () C:\Users\MH\ntuser.ini 2015-05-02 01:20 - 2015-05-02 01:20 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD 2015-05-02 01:20 - 2015-05-02 01:20 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Adobe 2015-05-02 01:20 - 2015-05-02 01:20 - 00000000 ____D () C:\Users\MH\AppData\Local\VirtualStore 2015-05-02 01:20 - 2014-03-18 03:33 - 00000000 ___RD () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-05-02 01:20 - 2014-03-18 03:33 - 00000000 ___RD () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-05-02 01:20 - 2014-03-18 03:13 - 00000369 _____ () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-05-02 01:20 - 2014-03-18 03:13 - 00000369 _____ () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-05-02 01:20 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-05-02 01:20 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\MH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-05-02 01:19 - 2015-05-02 01:19 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-05-02 01:11 - 2015-05-02 02:12 - 00000000 ___HD () C:\$SysReset 2015-05-02 01:07 - 2015-05-02 01:07 - 00000845 _____ () C:\Users\MH\Desktop\hosts.txt 2015-05-02 00:38 - 2015-05-02 00:38 - 00441560 _____ (PureVPN ) C:\Users\MH\Desktop\purevpn_windows(1).exe 2015-05-02 00:31 - 2015-05-02 00:31 - 00000000 ____D () C:\Users\MH\Desktop\ANTI-MALWARE SETTINGS 2015-05-01 23:12 - 2015-05-01 23:12 - 02132816 _____ (BeeThink Software, Inc. ) C:\Users\MH\Downloads\Anti_DDoS_Guardian_setup.exe 2015-05-01 23:12 - 2015-05-01 23:12 - 00001092 _____ () C:\Users\MH\Downloads\private.txt 2015-05-01 23:12 - 2015-05-01 23:12 - 00000128 _____ () C:\Users\MH\Downloads\license.sig 2015-05-01 22:54 - 2015-05-01 22:54 - 00441560 _____ (PureVPN ) C:\Users\MH\Downloads\purevpn_windows.exe 2015-05-01 22:27 - 2015-05-01 22:27 - 04290904 _____ () C:\Users\MH\Downloads\xarp-2.2.2-win(1).exe 2015-05-01 22:18 - 2015-05-01 22:18 - 00000000 ____D () C:\2abe74bd14d5e000b125d8 2015-05-01 22:15 - 2015-05-01 22:15 - 27111830 _____ (Insecure.org) C:\Users\MH\Downloads\nmap-6.47-setup.exe 2015-05-01 22:15 - 2015-05-01 22:15 - 20002559 _____ () C:\Users\MH\Downloads\nmap-6.47-win32.zip 2015-05-01 22:09 - 2015-05-01 22:09 - 161076720 _____ (Emsisoft Ltd. ) C:\Users\MH\Downloads\EmsisoftInternetSecuritySetup(2).exe 2015-05-01 21:54 - 2015-05-01 21:54 - 161076720 _____ (Emsisoft Ltd. ) C:\Users\MH\Downloads\EmsisoftInternetSecuritySetup(1).exe 2015-05-01 20:19 - 2015-05-01 20:19 - 12290974 _____ (ImageWriter Developers ) C:\Users\MH\Downloads\Win32DiskImager-0.9.5-install.exe 2015-05-01 20:18 - 2015-05-01 20:18 - 00000000 _____ () C:\Users\MH\Downloads\kali-linux-1.1.0a-amd64.iso 2015-05-01 19:49 - 2015-05-01 19:49 - 10819232 _____ (Camshare, Inc.) C:\Users\MH\Downloads\camfrog.exe 2015-05-01 19:48 - 2015-05-01 19:48 - 74520472 _____ (Logitech, Inc.) C:\Users\MH\Downloads\lws280.exe 2015-05-01 19:43 - 2015-05-01 19:43 - 06484352 _____ (Piriform Ltd) C:\Users\MH\Downloads\ccsetup505.exe 2015-05-01 19:37 - 2015-05-01 19:40 - 206971672 _____ (Creative Technology Ltd) C:\Users\MH\Downloads\SBRP_CD_LD_1_01_26.exe 2015-05-01 19:37 - 2015-05-01 19:37 - 55099016 _____ (Creative Technology Ltd) C:\Users\MH\Downloads\XFTI_PCDRV_L11_2_40_0008.exe 2015-05-01 19:31 - 2015-05-01 19:32 - 25723531 _____ () C:\Users\MH\Downloads\installer_win.exe 2015-04-30 10:38 - 2015-04-30 10:38 - 00000222 _____ () C:\Users\MH\Desktop\Dying Light.url 2015-04-30 10:37 - 2015-04-30 10:37 - 00000222 _____ () C:\Users\MH\Desktop\The Evil Within.url 2015-04-30 10:32 - 2015-04-30 10:32 - 01142128 _____ () C:\Users\MH\Downloads\SteamSetup(1).exe 2015-04-30 10:28 - 2015-04-30 10:28 - 01142128 _____ () C:\Users\MH\Downloads\SteamSetup.exe 2015-04-30 10:24 - 2015-04-30 10:24 - 04290904 _____ () C:\Users\MH\Downloads\xarp-2.2.2-win.exe 2015-04-30 10:19 - 2015-04-30 10:19 - 00818096 _____ (Webroot) C:\Users\MH\Downloads\wsainstall.exe 2015-04-30 10:14 - 2015-04-30 10:14 - 161163784 _____ (Emsisoft Ltd. ) C:\Users\MH\Downloads\EmsisoftInternetSecuritySetup.exe 2015-04-30 10:13 - 2015-04-30 10:14 - 11028616 _____ (SurfRight B.V.) C:\Users\MH\Downloads\HitmanPro_x64.exe 2015-04-30 10:12 - 2015-04-30 10:12 - 00000000 ____D () C:\AMD 2015-04-30 10:04 - 2015-05-02 01:20 - 00000000 ____D () C:\Users\MH\AppData\Local\Packages 2015-04-27 10:10 - 2015-04-27 10:10 - 00080384 _____ (Razer Inc) C:\WINDOWS\system32\RazerCoinstaller.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-02 04:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-05-02 03:58 - 2014-03-18 03:03 - 00818914 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-05-02 03:51 - 2013-08-22 08:20 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-05-02 03:28 - 2013-08-22 07:46 - 00029500 _____ () C:\WINDOWS\setupact.log 2015-05-02 03:28 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-05-02 03:28 - 2013-08-22 07:44 - 00337808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-05-02 03:26 - 2014-03-18 02:45 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-05-02 03:26 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-05-02 02:18 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template 2015-05-02 01:40 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-05-02 01:36 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2015-05-02 01:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\tracing 2015-05-02 01:29 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-05-02 01:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore 2015-05-02 01:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-05-02 01:20 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries 2015-05-02 01:20 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2015-05-02 01:19 - 2014-03-18 02:54 - 00001032 _____ () C:\WINDOWS\PFRO.log 2015-05-02 01:19 - 2013-08-22 08:37 - 00002664 _____ () C:\WINDOWS\DtcInstall.log 2015-04-13 16:24 - 2013-08-22 08:38 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-04-13 16:24 - 2013-08-22 08:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-02 01:19 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015 Ran by MH at 2015-05-02 04:17:10 Running from C:\Users\MH\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4195745053-2269876303-545142189-500 - Administrator - Disabled) Guest (S-1-5-21-4195745053-2269876303-545142189-501 - Limited - Disabled) MH (S-1-5-21-4195745053-2269876303-545142189-1001 - Administrator - Enabled) => C:\Users\MH psych_000 (S-1-5-21-4195745053-2269876303-545142189-1004 - Administrator - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} FW: Emsisoft Internet Security (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Camfrog Video Chat 6.10 (HKLM-x32\...\Camfrog) (Version: 6.10.454 - Camshare, Inc.) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.) Gaming Club (HKLM-x32\...\gamingclub) (Version: 16.10.3.2234 - ) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla) PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 4.0.0.0 - PureVPN) Spin Palace Casino (HKLM-x32\...\spinpalace) (Version: 16.10.3.2234 - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) XArp 2.2.2 (HKLM-x32\...\XArp) (Version: 2.2.2 - Christoph Mayer) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 02-05-2015 01:27:00 Windows Modules Installer ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3A522858-557F-45C4-9D40-B0207BDB4730} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation) Task: {3C4ECEB7-856D-4B8E-BBC9-0B252A59CA9A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-01] (Microsoft Corporation) Task: {5E93044C-11AA-421C-A41D-2D52EDF1C8D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {C2D114B4-3CF2-40F7-BC95-B37E3F23A317} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {D613FF50-438C-4285-BB29-0A1B96CD2674} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) ==================== Loaded Modules (whitelisted) ============== 2015-05-02 04:10 - 2015-03-09 23:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-05-02 04:10 - 2014-12-01 17:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-05-02 04:10 - 2015-04-13 16:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll 2015-05-02 04:10 - 2014-12-01 17:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-05-02 04:10 - 2014-12-01 17:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-05-02 04:10 - 2014-12-01 14:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-05-02 04:10 - 2014-12-01 14:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-05-02 04:10 - 2014-12-01 14:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-05-02 04:10 - 2014-12-01 14:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-05-02 04:10 - 2014-12-01 14:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-05-02 04:10 - 2015-04-13 16:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-05-02 04:10 - 2015-02-24 18:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-05-02 04:10 - 2015-02-24 18:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4195745053-2269876303-545142189-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 68.105.28.11 - 68.105.29.11 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F19A337F-1F6E-4888-A4FE-99DB1932F389}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3EA53313-9AC5-450A-AAA0-D16A49E378C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{62300921-4C10-4596-9D85-D1D507850BFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E27ECC90-6A20-4FC2-A91E-DB6C20447568}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Controller Description: High Definition Audio Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI Simple Communications Controller Description: PCI Simple Communications Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/02/2015 03:28:17 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider ProtectionManagement attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored. Error: (05/02/2015 03:28:17 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored. Error: (05/02/2015 03:27:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 6.3.9600.16384, time stamp: 0x5215dfe3 Faulting module name: gpsvc.dll, version: 6.3.9600.16520, time stamp: 0x52e691b0 Exception code: 0xc0000005 Fault offset: 0x00000000000360b2 Faulting process id: 0x464 Faulting application start time: 0xsvchost.exe0 Faulting application path: svchost.exe1 Faulting module path: svchost.exe2 Report Id: svchost.exe3 Faulting package full name: svchost.exe4 Faulting package-relative application ID: svchost.exe5 Error: (05/02/2015 01:51:29 AM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x800700c1, %1 is not a valid Win32 application. ]. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:29 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x800700c1, %1 is not a valid Win32 application. ] Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:24 AM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x800700c1, %1 is not a valid Win32 application. ]. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:24 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x800700c1, %1 is not a valid Win32 application. ] Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:50 AM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x800700c1, %1 is not a valid Win32 application. ]. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:50 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x800700c1, %1 is not a valid Win32 application. ] Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:41 AM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x800700c1, %1 is not a valid Win32 application. ]. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} System errors: ============= Error: (05/02/2015 04:11:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (05/02/2015 04:11:12 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (05/02/2015 04:10:19 AM) (Source: DCOM) (EventID: 10001) (User: Marty) Description: C:\WINDOWS\WinStore\WSHost.exe -Embedding193{03E64E17-B220-4052-9B9B-155F9CB8E016}UnavailableUnavailable Error: (05/02/2015 04:10:19 AM) (Source: DCOM) (EventID: 10001) (User: Marty) Description: C:\WINDOWS\WinStore\WSHost.exe -Embedding193{03E64E17-B220-4052-9B9B-155F9CB8E016}UnavailableUnavailable Error: (05/02/2015 04:10:19 AM) (Source: DCOM) (EventID: 10001) (User: Marty) Description: C:\WINDOWS\WinStore\WSHost.exe -Embedding193{03E64E17-B220-4052-9B9B-155F9CB8E016}UnavailableUnavailable Error: (05/02/2015 04:10:19 AM) (Source: DCOM) (EventID: 10001) (User: Marty) Description: C:\WINDOWS\WinStore\WSHost.exe -Embedding193{03E64E17-B220-4052-9B9B-155F9CB8E016}UnavailableUnavailable Error: (05/02/2015 03:40:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Diagnostic System Host service terminated with the following error: %%1052 Error: (05/02/2015 03:39:46 AM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{48ED5318-899E-4E96-B8F4-DCFF89C9F24A} because another computer on the network has the same name. The server could not start. Error: (05/02/2015 03:39:36 AM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{48ED5318-899E-4E96-B8F4-DCFF89C9F24A} because another computer on the network has the same name. The server could not start. Error: (05/02/2015 03:37:28 AM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{48ED5318-899E-4E96-B8F4-DCFF89C9F24A} because another computer on the network has the same name. The server could not start. Microsoft Office Sessions: ========================= Error: (05/02/2015 03:28:17 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement Error: (05/02/2015 03:28:17 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement Error: (05/02/2015 03:27:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe6.3.9600.163845215dfe3gpsvc.dll6.3.9600.1652052e691b0c000000500000000000360b246401d084c2912ee84dC:\WINDOWS\system32\svchost.exec:\windows\system32\gpsvc.dlld0c1d9f3-f0b5-11e4-8252-10c37b6f461d Error: (05/02/2015 01:51:29 AM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:29 AM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:24 AM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:51:24 AM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:50 AM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:50 AM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Error: (05/02/2015 01:50:41 AM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x800700c1, %1 is not a valid Win32 application. Operation: Obtain a callable interface for this provider Obtaining provider management interface Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {00000000-0000-0000-0000-000000000000} Snapshot Context: -1 Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} ==================== Memory info =========================== Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz Percentage of memory in use: 14% Total physical RAM: 24511.02 MB Available physical RAM: 20853.04 MB Total Pagefile: 28479.02 MB Available Pagefile: 23987.38 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.24 GB) (Free:406.31 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0004F89D) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: D314B44B) Partition: GPT Partition Type. ======================================================== Disk: 2 (Size: 29.8 GB) (Disk ID: 34B1494D) Partition 1: (Active) - (Size=2.8 GB) - (Type=17) Partition 2: (Not Active) - (Size=63 MB) - (Type=01) ==================== End Of Log ============================

BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:14 PM

Posted 07 May 2015 - 06:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/575033 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:14 PM

Posted 12 May 2015 - 06:30 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users