Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cassiopesa


  • This topic is locked This topic is locked
7 replies to this topic

#1 scorpiokll

scorpiokll

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 09 June 2015 - 08:24 PM

I got this problem when downloading something and have now removed them. I read other forums and did what they suggested they do so i already have my scans and logs. 

Frst log

 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015

Ran by Joyce (administrator) on LARSON on 09-06-2015 19:53:11
Running from C:\Users\Joyce\Downloads
Loaded Profiles: Joyce (Available Profiles: Joyce & Administrator)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Joyce\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-07] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [  ISSetupPrerequisistes] => "c:\ProgramData\Dell\Digital Delivery\Downloads\Software\PocketCloud\PocketCloud_v2.6.21.exe" /S /v/qn
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-07] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2012-06-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2012-06-02] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3841187756-268693642-1618518556-1001 -> {722F62ED-8B50-4655-99E6-844380727AF4} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-07] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-07] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 64.233.207.8 64.233.207.9
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK [2013-08-28]
 
Chrome: 
=======
CHR Profile: C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-07] (Avast Software s.r.o.)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [125440 2013-04-30] (Dell Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-07] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 19:52 - 2015-06-09 19:53 - 02108928 _____ (Farbar) C:\Users\Joyce\Downloads\FRST64 (1).exe
2015-06-09 19:40 - 2015-05-05 12:49 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 19:40 - 2015-05-05 12:49 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 19:37 - 2015-06-09 19:37 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
2015-06-09 19:36 - 2015-06-09 19:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-09 19:36 - 2015-06-09 19:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-09 19:25 - 2015-06-09 19:27 - 00000000 ____D C:\AdwCleaner
2015-06-09 19:25 - 2015-06-09 19:25 - 02231296 _____ C:\Users\Joyce\Downloads\AdwCleaner.exe
2015-06-09 19:14 - 2015-06-09 19:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Joyce\Downloads\revosetup.exe
2015-06-09 19:14 - 2015-06-09 19:14 - 00001266 _____ C:\Users\Joyce\Desktop\Revo Uninstaller.lnk
2015-06-09 19:14 - 2015-06-09 19:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-09 19:10 - 2015-06-09 19:12 - 00019851 _____ C:\Users\Joyce\Downloads\Addition.txt
2015-06-09 19:09 - 2015-06-09 19:53 - 00011481 _____ C:\Users\Joyce\Downloads\FRST.txt
2015-06-09 19:09 - 2015-06-09 19:53 - 00000000 ____D C:\FRST
2015-06-09 19:09 - 2015-06-09 19:09 - 02108928 _____ (Farbar) C:\Users\Joyce\Downloads\FRST64.exe
2015-06-09 17:52 - 2015-06-09 18:52 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Skype
2015-06-09 17:52 - 2015-06-09 17:52 - 00000000 ____D C:\Users\Joyce\AppData\Local\Skype
2015-06-08 14:14 - 2015-03-04 02:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-06-08 14:14 - 2015-03-04 02:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-06-08 14:14 - 2015-03-04 02:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
2015-06-08 14:14 - 2015-03-04 01:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-06-08 14:14 - 2015-03-04 01:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-08 14:14 - 2015-03-03 23:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-06-08 14:14 - 2015-03-03 23:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-08 14:14 - 2014-10-21 20:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-06-08 14:14 - 2014-10-21 20:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-08 10:21 - 2014-10-08 23:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-06-08 10:21 - 2014-10-08 23:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-06-08 10:21 - 2014-10-08 23:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-06-08 10:21 - 2014-10-08 22:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-06-08 10:21 - 2014-10-08 22:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-06-08 10:16 - 2015-06-08 10:18 - 00000000 ____D C:\Windows\system32\MRT
2015-06-08 10:16 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 09:57 - 2015-01-09 01:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-06-08 09:57 - 2015-01-09 00:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-06-08 09:57 - 2015-01-08 18:52 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-06-08 09:57 - 2015-01-08 18:52 - 00478296 _____ C:\Windows\system32\locale.nls
2015-06-08 09:53 - 2015-04-30 08:07 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-08 09:53 - 2015-04-30 08:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-08 09:52 - 2014-07-15 17:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-06-08 09:23 - 2014-06-10 17:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-06-08 09:23 - 2014-06-10 17:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-06-08 08:47 - 2013-08-10 00:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-06-08 08:47 - 2013-08-10 00:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-06-08 08:47 - 2013-08-09 22:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-06-08 08:47 - 2013-08-02 01:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-06-08 08:47 - 2013-08-02 00:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-06-08 08:47 - 2013-07-24 18:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-06-08 08:47 - 2013-07-24 18:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-06-08 08:46 - 2015-03-12 00:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-06-08 08:46 - 2015-01-29 03:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-06-08 08:46 - 2015-01-29 01:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-06-08 08:46 - 2014-02-03 18:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-06-08 08:46 - 2014-02-03 18:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-06-08 08:46 - 2014-01-30 19:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-06-08 08:46 - 2014-01-30 19:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-06-08 08:46 - 2014-01-26 22:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-06-08 08:46 - 2014-01-15 18:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-06-08 08:46 - 2014-01-02 18:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-06-08 08:46 - 2014-01-02 18:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-06-08 08:46 - 2013-08-03 00:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-06-08 08:46 - 2013-08-03 00:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-06-08 08:46 - 2013-08-03 00:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-06-08 08:44 - 2013-08-16 00:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-06-08 08:44 - 2013-08-16 00:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-06-08 08:44 - 2013-08-16 00:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-06-08 08:44 - 2013-08-16 00:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-06-08 08:44 - 2013-08-15 17:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-06-08 08:44 - 2013-08-15 17:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-06-08 08:42 - 2013-06-01 06:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-06-08 08:42 - 2013-06-01 06:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-06-08 08:42 - 2013-06-01 05:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-06-08 08:42 - 2013-06-01 04:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-06-08 08:42 - 2013-06-01 04:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-08 08:42 - 2013-06-01 04:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-06-08 08:42 - 2013-06-01 04:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-06-08 08:42 - 2013-06-01 04:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-06-08 08:42 - 2013-06-01 04:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-06-08 08:42 - 2013-06-01 04:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-06-08 08:42 - 2013-06-01 04:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-06-08 08:42 - 2013-05-31 22:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-06-08 08:42 - 2013-05-24 17:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-06-08 08:42 - 2013-05-24 17:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-06-08 08:42 - 2013-05-24 17:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-06-08 08:42 - 2013-05-24 17:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-06-08 08:41 - 2014-07-31 18:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-06-08 08:40 - 2013-06-16 17:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-06-08 08:39 - 2014-06-12 20:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-06-08 08:39 - 2014-06-12 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-06-08 08:38 - 2015-01-24 01:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-06-08 08:38 - 2015-01-24 00:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-06-08 08:38 - 2014-09-02 21:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-06-08 08:38 - 2014-09-02 21:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-06-08 08:35 - 2013-07-05 19:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-08 08:35 - 2013-07-03 21:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-08 08:34 - 2014-11-15 01:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-08 08:34 - 2014-11-15 00:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-08 08:34 - 2014-11-15 00:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-06-08 08:34 - 2014-11-14 22:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-08 08:34 - 2014-11-14 22:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-08 08:34 - 2014-11-14 22:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-08 08:34 - 2014-11-14 22:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-08 08:34 - 2014-11-05 01:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-06-08 08:34 - 2014-11-05 01:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-08 08:34 - 2014-10-29 09:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-06-08 08:34 - 2014-08-28 01:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-06-08 08:34 - 2014-03-24 18:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-06-08 08:34 - 2014-03-24 17:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-06-08 08:34 - 2013-10-19 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-06-08 08:34 - 2013-10-18 23:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-06-08 08:33 - 2015-03-23 00:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-08 08:33 - 2015-03-22 17:04 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-08 08:33 - 2014-12-02 20:48 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-08 08:33 - 2014-06-04 20:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-06-08 08:33 - 2014-06-03 18:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-06-08 08:32 - 2015-03-17 02:00 - 06971712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-08 08:32 - 2015-03-17 01:52 - 01822696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-08 08:32 - 2015-03-16 23:45 - 01409496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-08 08:32 - 2014-12-11 01:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-08 08:32 - 2014-06-17 18:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-06-08 08:32 - 2014-06-17 18:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-06-08 08:31 - 2014-09-13 01:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-06-08 08:31 - 2014-09-02 21:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-06-08 08:31 - 2014-09-02 21:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-06-08 08:31 - 2014-08-28 23:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-06-08 08:31 - 2014-08-28 23:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-06-08 08:31 - 2014-08-28 23:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-06-08 08:31 - 2014-08-28 23:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-06-08 08:31 - 2014-08-28 01:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-06-08 08:31 - 2014-08-28 01:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-06-08 08:31 - 2014-07-24 08:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-06-08 08:30 - 2015-04-13 00:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-08 08:30 - 2015-02-20 08:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-06-08 08:30 - 2015-02-20 06:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-06-08 08:30 - 2015-02-20 03:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-06-08 08:30 - 2015-02-20 02:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-06-08 08:30 - 2013-10-05 01:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-06-08 08:30 - 2013-08-30 00:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-06-08 08:30 - 2013-08-30 00:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-06-08 08:30 - 2013-08-29 18:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-06-08 08:30 - 2013-08-29 18:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-06-08 08:29 - 2015-01-31 08:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-06-08 08:29 - 2015-01-31 00:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-06-08 08:29 - 2013-06-22 00:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-06-08 08:29 - 2013-06-22 00:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-06-08 08:26 - 2013-08-30 00:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-06-08 08:26 - 2013-08-30 00:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-08 08:26 - 2013-08-29 18:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-08 08:26 - 2013-08-21 01:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-06-08 08:26 - 2013-08-10 01:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-06-08 08:26 - 2013-07-24 18:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-06-08 08:26 - 2013-07-24 18:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-06-08 08:18 - 2014-10-08 22:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-06-08 08:18 - 2014-10-08 22:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-06-08 08:18 - 2014-10-08 22:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-06-08 08:18 - 2014-09-22 00:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-06-08 08:18 - 2014-09-21 22:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-06-08 08:16 - 2015-04-13 00:30 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-08 08:16 - 2015-04-13 00:30 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-08 08:16 - 2015-04-12 23:05 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-08 08:16 - 2015-04-12 22:25 - 04063744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-08 08:12 - 2015-06-08 08:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-06-07 20:24 - 2015-02-24 02:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-06-07 20:24 - 2013-07-02 19:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-07 20:24 - 2013-07-02 19:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-07 20:23 - 2015-06-07 20:23 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-07 20:23 - 2015-06-07 20:23 - 00001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\AVAST Software
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-07 20:23 - 2013-07-09 03:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-06-07 20:23 - 2013-07-08 22:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-06-07 20:23 - 2013-07-08 17:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-06-07 20:23 - 2013-07-02 19:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-06-07 20:23 - 2013-07-02 19:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-06-07 20:23 - 2013-06-30 17:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-06-07 20:23 - 2013-06-30 17:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-06-07 20:23 - 2013-06-29 01:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-06-07 20:23 - 2013-06-29 01:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-06-07 20:23 - 2013-06-25 22:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-06-07 20:23 - 2013-06-25 21:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-06-07 20:23 - 2013-06-24 17:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-06-07 20:23 - 2013-06-24 17:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-06-07 20:23 - 2013-06-24 17:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-06-07 20:23 - 2013-06-19 00:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-06-07 20:23 - 2013-06-19 00:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-06-07 20:23 - 2013-06-18 17:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-06-07 20:23 - 2013-06-18 17:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-06-07 20:23 - 2013-06-11 18:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-06-07 20:23 - 2013-06-11 18:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-06-07 20:23 - 2013-06-06 03:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-06-07 20:22 - 2015-06-09 19:18 - 00000000 ____D C:\ProgramData\Skype
2015-06-07 20:22 - 2015-06-07 20:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-07 20:22 - 2015-06-07 20:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-07 20:21 - 2015-06-07 20:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-07 20:21 - 2014-07-07 00:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-06-07 20:21 - 2014-07-07 00:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-06-07 20:21 - 2014-07-07 00:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-06-07 20:21 - 2014-07-07 00:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-07 20:21 - 2014-07-06 23:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-06-07 20:21 - 2014-07-06 23:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-06-07 20:21 - 2014-07-06 23:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-07 20:21 - 2014-07-06 22:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-06-07 20:20 - 2015-06-07 20:20 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-07 20:20 - 2014-07-23 22:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-06-07 20:20 - 2014-07-23 22:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-06-07 20:19 - 2015-06-07 20:19 - 05499984 _____ (Avast Software s.r.o.) C:\Users\Joyce\Downloads\avast_free_antivirus_setup_online.exe
2015-06-07 20:19 - 2015-06-07 20:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\hygsjiku.sys
2015-06-07 20:19 - 2015-06-07 20:19 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-07 20:19 - 2015-03-04 02:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-06-07 20:19 - 2015-03-04 01:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-06-07 20:19 - 2015-03-03 23:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-06-07 20:19 - 2014-12-08 01:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-06-07 20:19 - 2014-12-08 00:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-06-07 20:18 - 2015-03-14 03:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-07 20:18 - 2015-03-14 01:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-07 20:18 - 2014-10-11 02:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-06-07 20:18 - 2014-10-11 02:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-06-07 20:18 - 2014-10-11 02:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-06-07 20:18 - 2014-10-11 02:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-06-07 20:18 - 2014-10-11 00:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-06-07 20:18 - 2014-10-11 00:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-06-07 20:18 - 2014-10-11 00:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-06-07 20:18 - 2014-10-11 00:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-06-07 20:18 - 2014-06-02 17:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-07 20:17 - 2015-04-21 09:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-07 20:17 - 2015-04-21 08:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-07 20:17 - 2015-04-21 08:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-07 20:17 - 2015-04-21 08:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-07 20:17 - 2015-04-21 08:52 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-07 20:17 - 2015-04-17 21:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-07 20:17 - 2015-04-17 21:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-07 20:17 - 2015-02-23 05:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-07 20:17 - 2015-02-23 05:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-07 20:17 - 2015-02-23 05:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-07 20:17 - 2015-02-23 05:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-07 20:17 - 2015-02-23 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-07 20:17 - 2015-02-23 04:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-06-07 20:17 - 2015-02-21 00:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-07 20:17 - 2015-02-21 00:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-07 20:17 - 2015-02-21 00:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-06-07 20:17 - 2015-02-20 22:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-06-07 20:16 - 2014-12-06 01:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-06-07 20:16 - 2014-04-29 17:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-06-07 20:16 - 2014-04-29 17:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-06-07 20:16 - 2014-01-30 19:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-06-07 20:16 - 2012-10-23 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2015-06-07 20:16 - 2012-10-23 21:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2015-06-07 20:15 - 2014-03-10 19:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-06-07 20:15 - 2014-03-10 19:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-06-07 20:15 - 2014-03-09 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-07 20:14 - 2014-12-06 02:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-06-07 20:14 - 2014-12-06 02:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-06-07 20:14 - 2014-12-06 02:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-06-07 20:14 - 2014-12-06 02:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-06-07 20:14 - 2014-12-06 02:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-06-07 20:14 - 2014-12-06 01:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-06-07 20:14 - 2014-12-06 01:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-06-07 20:14 - 2014-12-06 01:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-06-07 20:14 - 2014-10-02 20:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-06-07 20:14 - 2014-10-02 17:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-06-07 20:14 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-06-07 20:14 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-06-07 20:14 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-06-07 20:14 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-06-07 20:14 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-06-07 20:14 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-06-07 20:14 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-06-07 20:14 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-06-07 20:14 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-06-07 20:14 - 2013-07-09 01:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-06-07 20:14 - 2013-07-08 23:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-06-07 20:13 - 2014-11-26 01:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-06-07 20:13 - 2014-11-25 23:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-06-07 20:13 - 2014-07-15 18:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-06-07 20:13 - 2014-07-11 21:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-06-07 20:13 - 2013-12-04 18:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-06-07 20:13 - 2013-12-04 18:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-06-07 20:12 - 2013-10-10 04:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-06-07 20:12 - 2013-10-10 04:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-06-07 20:12 - 2013-10-10 04:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-06-07 20:12 - 2013-10-10 04:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-06-07 20:12 - 2013-10-10 04:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-06-07 20:12 - 2013-10-10 04:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-06-07 20:12 - 2013-10-10 04:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-06-07 20:12 - 2013-05-04 01:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-06-07 20:12 - 2013-05-03 23:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-06-07 20:11 - 2015-03-13 19:55 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-07 20:11 - 2014-12-18 03:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-06-07 20:11 - 2014-12-18 01:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-06-07 20:11 - 2014-12-18 01:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-06-07 20:11 - 2014-12-18 01:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-06-07 20:11 - 2014-12-18 01:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-06-07 20:11 - 2013-07-13 01:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-07 20:11 - 2013-07-13 01:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-07 20:11 - 2013-07-13 01:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-06-07 20:11 - 2013-07-13 01:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-06-07 20:11 - 2013-07-12 23:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-07 20:11 - 2013-07-12 23:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-06-07 20:11 - 2013-07-12 23:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-06-07 20:11 - 2013-06-10 14:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-06-07 20:11 - 2013-06-10 14:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-06-07 20:10 - 2015-06-07 20:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-07 20:10 - 2015-03-12 00:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-07 20:10 - 2015-03-12 00:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-06-07 20:10 - 2015-03-11 22:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-07 20:10 - 2015-01-23 23:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-07 20:10 - 2014-10-11 02:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-07 20:10 - 2014-01-12 18:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-06-07 20:10 - 2014-01-12 18:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-06-07 20:10 - 2013-11-19 19:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-06-07 20:10 - 2013-11-19 18:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-06-07 20:09 - 2015-03-04 01:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-07 20:09 - 2015-03-04 01:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-07 20:09 - 2015-03-04 01:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-06-07 20:09 - 2015-03-03 23:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-07 20:09 - 2015-03-03 23:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-07 20:09 - 2013-08-23 02:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-06-07 20:09 - 2013-08-22 20:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-06-07 20:08 - 2015-06-09 18:17 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-07 20:08 - 2015-06-07 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-07 20:08 - 2014-05-29 17:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-06-07 20:08 - 2013-03-21 22:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-06-07 20:08 - 2013-03-21 17:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-06-07 20:07 - 2015-06-09 19:43 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 20:07 - 2015-06-09 19:17 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 20:07 - 2015-06-07 20:12 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-07 20:07 - 2015-06-07 20:12 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-07 20:07 - 2015-06-07 20:08 - 00000000 ____D C:\Users\Joyce\AppData\Local\Google
2015-06-07 20:07 - 2015-06-07 20:08 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-07 20:07 - 2015-06-07 20:07 - 00000000 ____D C:\Users\Joyce\AppData\Local\Deployment
2015-06-07 20:07 - 2015-06-07 20:07 - 00000000 ____D C:\Users\Joyce\AppData\Local\Apps\2.0
2015-06-07 20:07 - 2014-12-18 23:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-06-07 20:07 - 2014-07-24 08:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-06-07 20:07 - 2014-07-16 18:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-06-07 20:07 - 2014-07-16 17:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-06-07 20:07 - 2014-07-16 17:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-06-07 20:07 - 2014-07-12 01:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-06-07 20:07 - 2014-07-11 23:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-06-07 20:07 - 2014-07-11 23:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-06-07 20:07 - 2014-07-11 23:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-06-07 20:07 - 2014-07-11 23:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-06-07 20:07 - 2014-06-28 01:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-06-07 20:07 - 2014-06-27 21:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-06-07 20:07 - 2014-06-12 18:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-07 20:07 - 2014-06-12 18:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-07 20:06 - 2015-05-02 01:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-07 20:06 - 2015-05-01 22:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-07 20:06 - 2015-05-01 22:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-07 20:06 - 2015-04-13 17:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-06-07 20:06 - 2015-03-06 02:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-06-07 20:06 - 2015-03-06 00:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-06-07 20:06 - 2015-01-15 06:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-06-07 20:06 - 2015-01-15 06:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-07 20:06 - 2015-01-15 05:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-06-07 20:06 - 2015-01-15 04:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-07 20:06 - 2015-01-15 04:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-07 20:06 - 2014-09-24 18:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-06-07 20:06 - 2014-09-24 18:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-06-07 20:06 - 2014-03-10 19:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-07 20:06 - 2014-03-10 19:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-07 20:06 - 2014-03-10 19:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-07 20:06 - 2014-03-09 20:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-07 20:05 - 2015-01-24 01:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-06-07 20:05 - 2015-01-24 00:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-06-07 20:05 - 2014-06-06 09:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-06-07 20:05 - 2014-06-06 05:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-06-07 20:05 - 2014-06-05 12:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-06-07 20:04 - 2015-02-18 02:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-07 20:04 - 2015-02-18 02:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-06-07 20:04 - 2014-11-08 06:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-06-07 20:04 - 2014-11-08 01:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-06-07 20:04 - 2014-06-19 18:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-06-07 20:04 - 2014-06-19 17:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-06-07 20:04 - 2013-09-27 22:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-06-07 20:03 - 2015-02-17 01:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-06-07 20:03 - 2015-02-17 00:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-06-07 20:03 - 2014-12-19 01:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-06-07 20:03 - 2014-10-23 07:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-06-07 20:03 - 2014-10-23 06:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-06-07 20:02 - 2014-11-08 06:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-07 20:02 - 2014-11-08 01:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-07 20:02 - 2014-10-11 03:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-07 20:02 - 2014-10-11 00:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-07 20:02 - 2014-10-11 00:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-07 20:02 - 2014-05-29 18:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-06-07 20:02 - 2014-04-12 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-06-07 20:02 - 2014-04-12 04:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-07 20:02 - 2014-04-12 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-07 20:02 - 2014-04-12 04:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-07 20:02 - 2014-04-12 04:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-07 20:02 - 2014-04-12 02:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-07 20:02 - 2014-04-12 01:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-06-07 20:01 - 2015-04-06 00:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-06-07 20:01 - 2015-04-05 23:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-06-07 20:01 - 2014-08-21 18:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-06-07 20:01 - 2014-08-21 18:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-06-07 20:01 - 2014-05-28 23:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-06-07 20:01 - 2014-03-01 04:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-07 20:01 - 2014-03-01 04:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-06-07 20:01 - 2014-03-01 03:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-06-07 20:01 - 2014-03-01 01:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-07 20:01 - 2014-02-14 23:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-06-07 20:01 - 2013-11-25 18:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-06-07 20:00 - 2014-10-30 02:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-07 20:00 - 2014-10-30 00:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-07 20:00 - 2013-11-01 00:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-06-07 20:00 - 2013-10-31 22:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-06-07 19:29 - 2015-06-09 19:43 - 00003610 _____ C:\Users\Public\CAFADEBUG.log
2015-06-07 19:28 - 2015-06-09 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 19:20 - 2013-08-16 00:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-07 19:20 - 2013-08-16 00:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-07 19:20 - 2013-08-15 17:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-07 19:04 - 2015-06-09 19:48 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3841187756-268693642-1618518556-1001
2015-06-07 19:04 - 2015-06-07 19:04 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-07 19:04 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 19:04 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 19:04 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 19:02 - 2013-07-05 17:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-06-07 19:02 - 2013-07-01 20:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-07 19:02 - 2013-07-01 20:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-06-07 19:01 - 2013-07-01 17:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-06-07 19:01 - 2013-06-28 22:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-06-07 19:01 - 2013-06-28 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-06-07 19:01 - 2013-06-28 22:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-06-07 18:58 - 2015-06-07 18:58 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Intel Corporation
2015-06-07 18:57 - 2015-06-07 18:57 - 00011794 _____ C:\Users\Joyce\Desktop\Removed Apps.html
2015-06-07 18:57 - 2015-06-07 18:57 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-07 18:57 - 2015-06-07 18:57 - 00000000 ____D C:\Users\Joyce\AppData\Local\Conexant
2015-06-07 18:56 - 2015-06-07 18:56 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Macromedia
2015-06-07 18:55 - 2015-06-07 18:55 - 00001432 _____ C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Leadertech
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Adobe
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Local\Power2Go8
2015-06-07 18:54 - 2015-06-07 18:54 - 00003980 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-06-07 18:54 - 2015-06-07 18:54 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-06-07 18:54 - 2015-06-07 18:54 - 00003192 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-07 18:52 - 2015-06-07 18:56 - 00000000 ____D C:\ProgramData\PRICache
2015-06-07 18:52 - 2015-06-07 18:52 - 00000020 ___SH C:\Users\Joyce\ntuser.ini
2015-06-07 18:52 - 2015-06-07 18:52 - 00000000 ____D C:\Users\Joyce\AppData\Local\VirtualStore
2015-06-07 18:39 - 2015-06-07 18:56 - 00000000 ____D C:\Users\Joyce
2015-06-07 18:39 - 2015-06-07 18:51 - 00060963 _____ C:\Windows\diagwrn.xml
2015-06-07 18:39 - 2015-06-07 18:51 - 00060963 _____ C:\Windows\diagerr.xml
2015-06-07 18:39 - 2015-06-07 18:39 - 00002510 _____ C:\Users\Administrator\AppData\Local\Application.xml
2015-06-07 18:39 - 2013-08-28 13:53 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-07 18:39 - 2013-06-26 17:14 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-07 18:39 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-07 18:39 - 2012-07-26 03:13 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-07 18:25 - 2015-06-08 09:30 - 00000000 ____D C:\Windows.old
2015-06-07 18:25 - 2015-06-07 18:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-06-07 18:13 - 2015-06-07 19:47 - 00000000 ___HD C:\$SysReset
2015-06-01 22:18 - 2015-06-01 22:18 - 00460868 _____ C:\Users\Joyce\Desktop\2002 Nissan Maxima Fuel Level problem - Maxima Forums.html
2015-06-01 22:18 - 2015-06-01 22:18 - 00000000 ____D C:\Users\Joyce\Desktop\2002 Nissan Maxima Fuel Level problem - Maxima Forums_files
2015-05-29 22:30 - 2015-05-29 22:30 - 00000000 ____D C:\Users\Joyce\Documents\Wondershare Video Converter Ultimate
2015-05-29 22:27 - 2015-05-29 22:27 - 00000000 ____D C:\Users\Joyce\Documents\Wondershare MediaServer
2015-05-29 22:22 - 2015-05-29 22:25 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2015-05-29 22:21 - 2015-05-29 22:22 - 00000572 _____ C:\Users\Joyce\Downloads\vlcmediaplayer-setup.website
2015-05-29 22:19 - 2015-05-29 22:20 - 00805960 _____ C:\Users\Joyce\Downloads\video-converter-ultimate-bing_setup_full975.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 19:44 - 2012-07-26 02:28 - 00850046 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 19:41 - 2013-08-28 13:24 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-06-09 19:39 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 19:38 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-09 19:37 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\WinStore
2015-06-09 19:37 - 2012-07-26 00:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-09 19:35 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ToastData
2015-06-09 19:35 - 2012-07-26 03:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 19:35 - 2012-07-26 00:38 - 00000000 ____D C:\Windows\system32\oobe
2015-06-09 19:34 - 2012-07-26 02:52 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-09 19:28 - 2013-08-28 13:27 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-06-09 19:28 - 2013-08-28 13:04 - 01774000 _____ C:\Windows\WindowsUpdate.log
2015-06-09 19:28 - 2013-08-28 12:56 - 00004564 _____ C:\Windows\PFRO.log
2015-06-09 19:23 - 2012-07-26 03:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-06-09 19:00 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\sru
2015-06-09 17:51 - 2012-07-26 02:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-08 10:16 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-08 09:31 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\rescache
2015-06-08 08:50 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-06-08 08:24 - 2013-08-28 13:27 - 00000000 ____D C:\ProgramData\McAfee
2015-06-08 08:12 - 2012-07-26 02:21 - 00024127 _____ C:\Windows\setupact.log
2015-06-07 20:11 - 2014-12-14 20:03 - 00000000 ____D C:\Users\Joyce\Desktop\kelsey baptism
2015-06-07 19:57 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\schemas
2015-06-07 19:17 - 2013-08-28 13:27 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-06-07 19:02 - 2013-08-28 13:26 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2015-06-07 19:02 - 2013-08-28 13:26 - 00000000 ____D C:\Program Files (x86)\System Registration
2015-06-07 19:02 - 2013-08-28 13:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-07 18:57 - 2013-08-28 13:17 - 00000000 ____D C:\ProgramData\Intel
2015-06-07 18:55 - 2013-09-24 20:36 - 00000000 ____D C:\Users\Joyce\AppData\Local\Packages
2015-06-07 18:54 - 2013-08-28 13:19 - 00000000 ____D C:\ProgramData\PCDr
2015-06-07 18:52 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-07 18:51 - 2012-07-26 03:12 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-07 18:40 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\Recovery
2015-06-07 18:39 - 2012-07-26 00:37 - 00000000 __RHD C:\Users\Default
2015-06-07 18:25 - 2012-07-26 03:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-06-01 22:18 - 2013-10-28 21:45 - 00097280 ___SH C:\Users\Joyce\Desktop\Thumbs.db
2015-05-27 22:51 - 2013-12-15 15:22 - 00044544 ___SH C:\Users\Joyce\Documents\Thumbs.db
2015-05-27 22:51 - 2013-12-12 10:18 - 00142336 ___SH C:\Users\Joyce\Downloads\Thumbs.db
 
==================== Files in the root of some directories =======
 
2013-08-28 13:24 - 2013-08-28 13:24 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-08-28 13:21 - 2013-08-28 13:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-08-28 13:22 - 2013-08-28 13:22 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-08-28 13:20 - 2013-08-28 13:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-08-28 13:23 - 2013-08-28 13:24 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 
Some files in TEMP:
====================
C:\Users\Joyce\AppData\Local\Temp\0184821433895731mcinst.exe
C:\Users\Joyce\AppData\Local\Temp\Quarantine.exe
C:\Users\Joyce\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-08-28 12:56
 
==================== End of log ============================


BC AdBot (Login to Remove)

 


#2 scorpiokll

scorpiokll
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 09 June 2015 - 08:26 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Joyce at 2015-06-09 19:53:30
Running from C:\Users\Joyce\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3841187756-268693642-1618518556-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3841187756-268693642-1618518556-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3841187756-268693642-1618518556-1003 - Limited - Enabled)
Joyce (S-1-5-21-3841187756-268693642-1618518556-1001 - Administrator - Enabled) => C:\Users\Joyce
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{C0C47F85-F48F-4709-9150-3FA62FA2DEAF}) (Version: 2.6.1000.0 - Dell Products, LP)
Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2849 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
07-06-2015 19:04:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
09-06-2015 19:18:18 Revo Uninstaller's restore point - Skype™ 7.5
09-06-2015 19:18:33 Removed Skype™ 7.5
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0D8DD4F3-398C-4982-85C2-D8ABA3DA1F56} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-23] (Microsoft Corporation)
Task: {0DC62C68-1FAB-4769-9ADF-B604E4280ADD} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {7A4B5B36-F1FC-4407-A3E6-9DCE1A9C1FC5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-07] (Avast Software s.r.o.)
Task: {7BA1D0F2-3DE9-46DF-88D9-CB7414346439} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {85AB241C-CF5E-455C-A58C-D96110D036EE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {9FFEF991-3BF9-46BC-9286-C2B397B10E8E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {D8894A72-35E7-4D27-BAA6-7D122B2EA8CE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {E3008377-5B42-4743-9D50-A7432D81470B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {EF0803E9-16A6-4346-9809-900B0554BCB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {FE8A9B4E-50CF-485A-B0DF-60E59F262DB0} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-08-28 13:22 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-08-28 13:25 - 2013-04-19 17:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-08-28 13:25 - 2013-04-19 17:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-08-28 13:25 - 2013-04-19 17:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-08-28 13:29 - 2013-06-05 18:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-08-28 13:32 - 2012-07-25 15:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-25 15:44 - 2012-07-25 15:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 00036864 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 00022016 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2015-06-07 20:21 - 2015-06-07 20:21 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-07 20:21 - 2015-06-07 20:21 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-09 12:14 - 2015-06-09 12:14 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060901\algo.dll
2013-06-25 17:18 - 2013-06-25 17:18 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-08-28 13:16 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-06-07 20:21 - 2015-06-07 20:21 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-28 13:21 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-06-09 18:17 - 2015-06-05 13:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 18:17 - 2015-06-05 13:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-09 18:17 - 2015-06-05 13:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 64.233.207.8 - 64.233.207.9
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2DDBC653-ABE7-45FE-981D-0E4FE0A2A96E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{35F0B051-2B6F-45B7-858A-47CDFB56BA7F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{2FF3BF4D-7B5E-4724-9693-F984C2FB30FA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{7BA77440-8917-422E-AD53-45285B41B634}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64237F0C-E2C2-4E07-AD56-687B16BCF5A8}] => (Allow) LPort=2869
FirewallRules: [{95AB7B10-77F2-49DD-88C3-D0D92DEA698E}] => (Allow) LPort=1900
FirewallRules: [{01826AA0-C37C-4DA0-9537-0DE5D6037F8B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{ECBB03A0-6139-4130-9EE6-3F80D9968D90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{976735E8-FCC2-490C-86E3-8D44D883BB21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/09/2015 09:20:58 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/09/2015 09:17:33 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/08/2015 06:23:13 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/08/2015 09:04:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 299c
 
Start Time: 01d0a1f22eb26adb
 
Termination Time: 118
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 35204225-0de7-11e5-be73-c81f66025c81
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/07/2015 08:00:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SftService.exe, version: 3.0.0.6, time stamp: 0x5050999a
Faulting module name: SftService.exe, version: 3.0.0.6, time stamp: 0x5050999a
Exception code: 0xc0000005
Fault offset: 0x00123faf
Faulting process id: 0xc30
Faulting application start time: 0xSftService.exe0
Faulting application path: SftService.exe1
Faulting module path: SftService.exe2
Report Id: SftService.exe3
Faulting package full name: SftService.exe4
Faulting package-relative application ID: SftService.exe5
 
 
System errors:
=============
Error: (06/09/2015 07:38:37 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (06/09/2015 07:28:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAtheros Wlan Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
 
Microsoft Office:
=========================
Error: (06/09/2015 09:20:58 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/09/2015 09:17:33 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/08/2015 06:23:13 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/08/2015 09:04:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16537299c01d0a1f22eb26adb118C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE35204225-0de7-11e5-be73-c81f66025c81
 
Error: (06/07/2015 08:00:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SftService.exe3.0.0.65050999aSftService.exe3.0.0.65050999ac000000500123fafc3001d0a186899e98aeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exec91750e9-0d79-11e5-be73-c81f66025c81
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8063.54 MB
Available physical RAM: 5789.62 MB
Total Pagefile: 12671.54 MB
Available Pagefile: 10359.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:918.71 GB) (Free:858.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A97F6E31)
 
Partition: GPT Partition Type.
 
==================== End of log ============================


#3 scorpiokll

scorpiokll
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 09 June 2015 - 08:28 PM

adwcleaner

 

# AdwCleaner v4.206 - Logfile created 09/06/2015 at 19:27:36
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [Server]
# Operating system : Windows 8  (x64)
# Username : Joyce - LARSON
# Running from : C:\Users\Joyce\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : 0184821433895731mcinstcleanup
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf
Folder Deleted : C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA9E4BBC4-77C0-4565-B168-378B57CBB9EB&SearchSource=55&CUI=&UM=5&UP=SPE1F1255C-FC5C-4BFC-ABA0-27F12379A029&SSPV=
[C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 8E24195C623CD78F67A4956E54757BD12670EF76A21160670F61BC32FBC06026"},"software_reporter":{"prompt_reason":"23E8DE2D6A0156B7B7CF8355EA880FA73C5DE77C34B7FCC6EEC4EC2537EBBD48","prompt_seed":"31A75BCF44D292DDDAE2D7F8B2414DBF912C064277C78C5F9AA06A1BFC031097","prompt_version":"8342CFC9A12E5766B315EE536C86AD9517075702004448A91865E38DA275FF71"},"sync":{"remaining_rollback_tries":"81A08FC7F355E3AA117783A49EE34CDAAA818C99E365343ADDA9F53FA886FC63"}},"super_mac":"296CF510FA9920C51E4B9F444AEEECABA9154B7E4B34D21D2E96BA9ED7F7BA3D"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA9E4BBC4-77C0-4565-B168-378B57CBB9EB&SearchSource=55&CUI=&UM=5&UP=SPE1F1255C-FC5C-4BFC-ABA0-27F12379A029&SSPV=
 
*************************
 
AdwCleaner[R0].txt - [3042 bytes] - [09/06/2015 19:26:22]
AdwCleaner[S0].txt - [2993 bytes] - [09/06/2015 19:27:36]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3052  bytes] ##########

# AdwCleaner v4.206 - Logfile created 09/06/2015 at 19:26:22
# Updated 01/06/2015 by Xplode
# Database : 2015-06-09.1 [Server]
# Operating system : Windows 8  (x64)
# Username : Joyce - LARSON
# Running from : C:\Users\Joyce\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : 0184821433895731mcinstcleanup
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf
Folder Found : C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Google Chrome v43.0.2357.124
 
[C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA9E4BBC4-77C0-4565-B168-378B57CBB9EB&SearchSource=55&CUI=&UM=5&UP=SPE1F1255C-FC5C-4BFC-ABA0-27F12379A029&SSPV=
[C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : 8E24195C623CD78F67A4956E54757BD12670EF76A21160670F61BC32FBC06026"},"software_reporter":{"prompt_reason":"23E8DE2D6A0156B7B7CF8355EA880FA73C5DE77C34B7FCC6EEC4EC2537EBBD48","prompt_seed":"31A75BCF44D292DDDAE2D7F8B2414DBF912C064277C78C5F9AA06A1BFC031097","prompt_version":"8342CFC9A12E5766B315EE536C86AD9517075702004448A91865E38DA275FF71"},"sync":{"remaining_rollback_tries":"81A08FC7F355E3AA117783A49EE34CDAAA818C99E365343ADDA9F53FA886FC63"}},"super_mac":"296CF510FA9920C51E4B9F444AEEECABA9154B7E4B34D21D2E96BA9ED7F7BA3D"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MA9E4BBC4-77C0-4565-B168-378B57CBB9EB&SearchSource=55&CUI=&UM=5&UP=SPE1F1255C-FC5C-4BFC-ABA0-27F12379A029&SSPV=
 
*************************
 
AdwCleaner[R0].txt - [2900 bytes] - [09/06/2015 19:26:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2959 bytes] ##########


#4 scorpiokll

scorpiokll
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 09 June 2015 - 08:35 PM

had nothing in malware but ran that yesterday.

Here is the frst second scan. it isnt showing cassiopesa but it still comes up on my browser

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Joyce (administrator) on LARSON on 09-06-2015 20:31:17
Running from C:\Users\Joyce\Desktop\virus logs
Loaded Profiles: Joyce (Available Profiles: Joyce & Administrator)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-28] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-07] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18\...\RunOnce: [  ISSetupPrerequisistes] => "c:\ProgramData\Dell\Digital Delivery\Downloads\Software\PocketCloud\PocketCloud_v2.6.21.exe" /S /v/qn
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-07] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2012-06-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2012-06-02] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3841187756-268693642-1618518556-1001 -> {722F62ED-8B50-4655-99E6-844380727AF4} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-07] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-07] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 64.233.207.8 64.233.207.9
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-07] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK [2013-08-28]
 
Chrome: 
=======
CHR Profile: C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-08]
CHR Extension: (Avast Online Security) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-07] (Avast Software s.r.o.)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [125440 2013-04-30] (Dell Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-07] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 19:40 - 2015-05-05 12:49 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 19:40 - 2015-05-05 12:49 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 19:37 - 2015-06-09 19:37 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
2015-06-09 19:36 - 2015-06-09 19:36 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-09 19:36 - 2015-06-09 19:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-09 19:25 - 2015-06-09 19:56 - 00000000 ____D C:\AdwCleaner
2015-06-09 19:25 - 2015-06-09 19:25 - 02231296 _____ C:\Users\Joyce\Downloads\AdwCleaner.exe
2015-06-09 19:14 - 2015-06-09 19:14 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Joyce\Downloads\revosetup.exe
2015-06-09 19:14 - 2015-06-09 19:14 - 00001266 _____ C:\Users\Joyce\Desktop\Revo Uninstaller.lnk
2015-06-09 19:14 - 2015-06-09 19:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-09 19:09 - 2015-06-09 20:31 - 00000000 ____D C:\FRST
2015-06-09 17:52 - 2015-06-09 18:52 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Skype
2015-06-09 17:52 - 2015-06-09 17:52 - 00000000 ____D C:\Users\Joyce\AppData\Local\Skype
2015-06-08 14:14 - 2015-03-04 02:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-06-08 14:14 - 2015-03-04 02:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-06-08 14:14 - 2015-03-04 02:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
2015-06-08 14:14 - 2015-03-04 01:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-06-08 14:14 - 2015-03-04 01:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-08 14:14 - 2015-03-03 23:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-06-08 14:14 - 2015-03-03 23:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-08 14:14 - 2014-10-21 20:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-06-08 14:14 - 2014-10-21 20:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-08 10:21 - 2014-10-08 23:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-06-08 10:21 - 2014-10-08 23:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-06-08 10:21 - 2014-10-08 23:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-06-08 10:21 - 2014-10-08 22:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-06-08 10:21 - 2014-10-08 22:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-06-08 10:16 - 2015-06-08 10:18 - 00000000 ____D C:\Windows\system32\MRT
2015-06-08 10:16 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 09:57 - 2015-01-09 01:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-06-08 09:57 - 2015-01-09 00:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-06-08 09:57 - 2015-01-08 18:52 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-06-08 09:57 - 2015-01-08 18:52 - 00478296 _____ C:\Windows\system32\locale.nls
2015-06-08 09:53 - 2015-04-30 08:07 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-08 09:53 - 2015-04-30 08:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-08 09:52 - 2014-07-15 17:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-06-08 09:23 - 2014-06-10 17:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-06-08 09:23 - 2014-06-10 17:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-06-08 08:47 - 2013-08-10 00:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-06-08 08:47 - 2013-08-10 00:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-06-08 08:47 - 2013-08-09 22:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-06-08 08:47 - 2013-08-02 01:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-06-08 08:47 - 2013-08-02 00:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-06-08 08:47 - 2013-07-24 18:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-06-08 08:47 - 2013-07-24 18:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-06-08 08:46 - 2015-03-12 00:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-06-08 08:46 - 2015-01-29 03:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-06-08 08:46 - 2015-01-29 01:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-06-08 08:46 - 2014-02-03 18:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-06-08 08:46 - 2014-02-03 18:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-06-08 08:46 - 2014-01-30 19:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-06-08 08:46 - 2014-01-30 19:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-06-08 08:46 - 2014-01-26 22:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-06-08 08:46 - 2014-01-15 18:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-06-08 08:46 - 2014-01-02 18:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-06-08 08:46 - 2014-01-02 18:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-06-08 08:46 - 2013-08-03 01:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-06-08 08:46 - 2013-08-03 00:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-06-08 08:46 - 2013-08-03 00:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-06-08 08:46 - 2013-08-03 00:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-06-08 08:44 - 2013-08-16 00:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-06-08 08:44 - 2013-08-16 00:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-06-08 08:44 - 2013-08-16 00:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-06-08 08:44 - 2013-08-16 00:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-06-08 08:44 - 2013-08-16 00:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-06-08 08:44 - 2013-08-15 17:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-06-08 08:44 - 2013-08-15 17:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-06-08 08:44 - 2013-08-15 17:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-06-08 08:42 - 2013-06-01 06:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-06-08 08:42 - 2013-06-01 06:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-06-08 08:42 - 2013-06-01 05:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-06-08 08:42 - 2013-06-01 04:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-06-08 08:42 - 2013-06-01 04:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-06-08 08:42 - 2013-06-01 04:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-08 08:42 - 2013-06-01 04:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-06-08 08:42 - 2013-06-01 04:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-06-08 08:42 - 2013-06-01 04:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-06-08 08:42 - 2013-06-01 04:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-06-08 08:42 - 2013-06-01 04:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-06-08 08:42 - 2013-06-01 04:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-06-08 08:42 - 2013-06-01 04:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-06-08 08:42 - 2013-05-31 22:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-06-08 08:42 - 2013-05-24 17:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-06-08 08:42 - 2013-05-24 17:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-06-08 08:42 - 2013-05-24 17:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-06-08 08:42 - 2013-05-24 17:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-06-08 08:41 - 2014-07-31 18:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-06-08 08:40 - 2013-06-16 17:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-06-08 08:39 - 2014-06-12 20:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-06-08 08:39 - 2014-06-12 20:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-06-08 08:38 - 2015-01-24 01:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-06-08 08:38 - 2015-01-24 00:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-06-08 08:38 - 2014-09-02 21:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-06-08 08:38 - 2014-09-02 21:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-06-08 08:35 - 2013-07-05 19:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-08 08:35 - 2013-07-03 21:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-08 08:34 - 2014-11-15 01:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-08 08:34 - 2014-11-15 00:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-08 08:34 - 2014-11-15 00:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-08 08:34 - 2014-11-15 00:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-06-08 08:34 - 2014-11-14 22:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-08 08:34 - 2014-11-14 22:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-08 08:34 - 2014-11-14 22:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-08 08:34 - 2014-11-14 22:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-08 08:34 - 2014-11-05 01:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-06-08 08:34 - 2014-11-05 01:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-08 08:34 - 2014-10-29 09:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-06-08 08:34 - 2014-08-28 01:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-06-08 08:34 - 2014-03-24 18:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-06-08 08:34 - 2014-03-24 17:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-06-08 08:34 - 2013-10-19 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-06-08 08:34 - 2013-10-18 23:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-06-08 08:33 - 2015-03-23 00:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-08 08:33 - 2015-03-23 00:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-08 08:33 - 2015-03-22 17:04 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-08 08:33 - 2014-12-02 20:48 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-08 08:33 - 2014-06-04 20:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-06-08 08:33 - 2014-06-03 18:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-06-08 08:32 - 2015-03-17 02:00 - 06971712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-08 08:32 - 2015-03-17 01:52 - 01822696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-08 08:32 - 2015-03-16 23:45 - 01409496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-08 08:32 - 2014-12-11 01:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-06-08 08:32 - 2014-06-17 18:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-06-08 08:32 - 2014-06-17 18:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-06-08 08:31 - 2014-09-13 01:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-06-08 08:31 - 2014-09-02 21:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-06-08 08:31 - 2014-09-02 21:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-06-08 08:31 - 2014-08-28 23:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-06-08 08:31 - 2014-08-28 23:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-06-08 08:31 - 2014-08-28 23:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-06-08 08:31 - 2014-08-28 23:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-06-08 08:31 - 2014-08-28 01:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-06-08 08:31 - 2014-08-28 01:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-06-08 08:31 - 2014-08-28 00:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-06-08 08:31 - 2014-07-24 08:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-06-08 08:30 - 2015-04-13 00:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-06-08 08:30 - 2015-02-20 08:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-06-08 08:30 - 2015-02-20 06:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-06-08 08:30 - 2015-02-20 03:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-06-08 08:30 - 2015-02-20 02:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-06-08 08:30 - 2013-10-05 01:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-06-08 08:30 - 2013-08-30 00:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-06-08 08:30 - 2013-08-30 00:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-06-08 08:30 - 2013-08-29 18:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-06-08 08:30 - 2013-08-29 18:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-06-08 08:29 - 2015-01-31 08:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-06-08 08:29 - 2015-01-31 00:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-06-08 08:29 - 2013-06-22 00:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-06-08 08:29 - 2013-06-22 00:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-06-08 08:26 - 2013-08-30 00:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-06-08 08:26 - 2013-08-30 00:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-08 08:26 - 2013-08-29 18:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-08 08:26 - 2013-08-21 01:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-06-08 08:26 - 2013-08-10 01:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-06-08 08:26 - 2013-07-24 18:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-06-08 08:26 - 2013-07-24 18:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-06-08 08:18 - 2014-10-08 22:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-06-08 08:18 - 2014-10-08 22:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-06-08 08:18 - 2014-10-08 22:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-06-08 08:18 - 2014-09-22 00:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-06-08 08:18 - 2014-09-21 22:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-06-08 08:16 - 2015-04-13 00:30 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-06-08 08:16 - 2015-04-13 00:30 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-06-08 08:16 - 2015-04-12 23:05 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-06-08 08:16 - 2015-04-12 22:25 - 04063744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-08 08:12 - 2015-06-08 08:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-06-07 20:24 - 2015-02-24 02:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-06-07 20:24 - 2013-07-02 19:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-07 20:24 - 2013-07-02 19:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-07 20:23 - 2015-06-07 20:23 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-07 20:23 - 2015-06-07 20:23 - 00001924 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\AVAST Software
2015-06-07 20:23 - 2015-06-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-07 20:23 - 2013-07-09 03:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-06-07 20:23 - 2013-07-08 22:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-06-07 20:23 - 2013-07-08 17:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-06-07 20:23 - 2013-07-08 17:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-06-07 20:23 - 2013-07-02 19:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-06-07 20:23 - 2013-07-02 19:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-06-07 20:23 - 2013-06-30 17:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-06-07 20:23 - 2013-06-30 17:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-06-07 20:23 - 2013-06-29 01:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-06-07 20:23 - 2013-06-29 01:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-06-07 20:23 - 2013-06-25 22:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-06-07 20:23 - 2013-06-25 21:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-06-07 20:23 - 2013-06-24 17:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-06-07 20:23 - 2013-06-24 17:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-06-07 20:23 - 2013-06-24 17:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-06-07 20:23 - 2013-06-19 00:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-06-07 20:23 - 2013-06-19 00:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-06-07 20:23 - 2013-06-18 17:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-06-07 20:23 - 2013-06-18 17:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-06-07 20:23 - 2013-06-11 18:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-06-07 20:23 - 2013-06-11 18:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-06-07 20:23 - 2013-06-06 03:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-06-07 20:22 - 2015-06-09 19:18 - 00000000 ____D C:\ProgramData\Skype
2015-06-07 20:22 - 2015-06-07 20:21 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-07 20:22 - 2015-06-07 20:21 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-06-07 20:22 - 2015-06-07 20:21 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-06-07 20:21 - 2015-06-07 20:21 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-06-07 20:21 - 2014-07-07 00:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-06-07 20:21 - 2014-07-07 00:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-06-07 20:21 - 2014-07-07 00:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-06-07 20:21 - 2014-07-07 00:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-06-07 20:21 - 2014-07-06 23:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-06-07 20:21 - 2014-07-06 23:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-06-07 20:21 - 2014-07-06 23:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-06-07 20:21 - 2014-07-06 22:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-06-07 20:20 - 2015-06-07 20:20 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-07 20:20 - 2014-07-23 22:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-06-07 20:20 - 2014-07-23 22:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-06-07 20:19 - 2015-06-07 20:19 - 05499984 _____ (Avast Software s.r.o.) C:\Users\Joyce\Downloads\avast_free_antivirus_setup_online.exe
2015-06-07 20:19 - 2015-06-07 20:19 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\hygsjiku.sys
2015-06-07 20:19 - 2015-06-07 20:19 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-07 20:19 - 2015-03-04 02:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-06-07 20:19 - 2015-03-04 01:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-06-07 20:19 - 2015-03-03 23:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-06-07 20:19 - 2014-12-08 01:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-06-07 20:19 - 2014-12-08 00:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-06-07 20:18 - 2015-03-14 03:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-07 20:18 - 2015-03-14 01:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-07 20:18 - 2014-10-11 02:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-06-07 20:18 - 2014-10-11 02:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-06-07 20:18 - 2014-10-11 02:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-06-07 20:18 - 2014-10-11 02:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-06-07 20:18 - 2014-10-11 00:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-06-07 20:18 - 2014-10-11 00:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-06-07 20:18 - 2014-10-11 00:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-06-07 20:18 - 2014-10-11 00:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-06-07 20:18 - 2014-06-02 17:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-07 20:17 - 2015-04-21 09:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-07 20:17 - 2015-04-21 09:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-07 20:17 - 2015-04-21 08:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-07 20:17 - 2015-04-21 08:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-07 20:17 - 2015-04-21 08:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-07 20:17 - 2015-04-21 08:52 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-07 20:17 - 2015-04-21 08:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-07 20:17 - 2015-04-17 21:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-07 20:17 - 2015-04-17 21:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-07 20:17 - 2015-02-23 05:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-07 20:17 - 2015-02-23 05:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-07 20:17 - 2015-02-23 05:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-07 20:17 - 2015-02-23 05:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-07 20:17 - 2015-02-23 05:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-07 20:17 - 2015-02-23 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-07 20:17 - 2015-02-23 04:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-06-07 20:17 - 2015-02-21 00:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-07 20:17 - 2015-02-21 00:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-07 20:17 - 2015-02-21 00:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-07 20:17 - 2015-02-21 00:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-06-07 20:17 - 2015-02-20 22:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-06-07 20:16 - 2014-12-06 02:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-06-07 20:16 - 2014-12-06 01:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-06-07 20:16 - 2014-04-29 17:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-06-07 20:16 - 2014-04-29 17:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-06-07 20:16 - 2014-01-30 19:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-06-07 20:16 - 2012-10-23 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2015-06-07 20:16 - 2012-10-23 21:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2015-06-07 20:15 - 2014-03-10 19:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-06-07 20:15 - 2014-03-10 19:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-06-07 20:15 - 2014-03-10 19:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-06-07 20:15 - 2014-03-09 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-07 20:14 - 2014-12-06 02:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-06-07 20:14 - 2014-12-06 02:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-06-07 20:14 - 2014-12-06 02:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-06-07 20:14 - 2014-12-06 02:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-06-07 20:14 - 2014-12-06 02:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-06-07 20:14 - 2014-12-06 01:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-06-07 20:14 - 2014-12-06 01:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-06-07 20:14 - 2014-12-06 01:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-06-07 20:14 - 2014-10-02 20:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-06-07 20:14 - 2014-10-02 17:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-06-07 20:14 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-06-07 20:14 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-06-07 20:14 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-06-07 20:14 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-06-07 20:14 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-06-07 20:14 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-06-07 20:14 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-06-07 20:14 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-06-07 20:14 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-06-07 20:14 - 2013-07-09 01:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-06-07 20:14 - 2013-07-08 23:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-06-07 20:13 - 2014-11-26 01:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-06-07 20:13 - 2014-11-25 23:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-06-07 20:13 - 2014-07-15 18:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-06-07 20:13 - 2014-07-11 21:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-06-07 20:13 - 2013-12-04 18:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-06-07 20:13 - 2013-12-04 18:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-06-07 20:12 - 2013-10-10 04:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-06-07 20:12 - 2013-10-10 04:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-06-07 20:12 - 2013-10-10 04:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-06-07 20:12 - 2013-10-10 04:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-06-07 20:12 - 2013-10-10 04:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-06-07 20:12 - 2013-10-10 04:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-06-07 20:12 - 2013-10-10 04:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-06-07 20:12 - 2013-05-04 01:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-06-07 20:12 - 2013-05-03 23:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-06-07 20:11 - 2015-03-13 19:55 - 00410017 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-07 20:11 - 2014-12-18 03:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-06-07 20:11 - 2014-12-18 01:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-06-07 20:11 - 2014-12-18 01:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-06-07 20:11 - 2014-12-18 01:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-06-07 20:11 - 2014-12-18 01:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-06-07 20:11 - 2013-07-13 01:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-07 20:11 - 2013-07-13 01:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-07 20:11 - 2013-07-13 01:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-06-07 20:11 - 2013-07-13 01:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-06-07 20:11 - 2013-07-12 23:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-07 20:11 - 2013-07-12 23:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-06-07 20:11 - 2013-07-12 23:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-06-07 20:11 - 2013-06-10 14:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-06-07 20:11 - 2013-06-10 14:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-06-07 20:10 - 2015-06-07 20:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-07 20:10 - 2015-03-12 00:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-07 20:10 - 2015-03-12 00:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-06-07 20:10 - 2015-03-11 22:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-07 20:10 - 2015-01-23 23:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-06-07 20:10 - 2014-10-11 02:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-06-07 20:10 - 2014-01-12 18:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-06-07 20:10 - 2014-01-12 18:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-06-07 20:10 - 2013-11-19 19:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-06-07 20:10 - 2013-11-19 18:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-06-07 20:09 - 2015-03-04 01:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-07 20:09 - 2015-03-04 01:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-06-07 20:09 - 2015-03-04 01:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-06-07 20:09 - 2015-03-03 23:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-07 20:09 - 2015-03-03 23:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-06-07 20:09 - 2013-08-23 02:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-06-07 20:09 - 2013-08-22 20:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-06-07 20:08 - 2015-06-09 18:17 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-07 20:08 - 2015-06-07 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-07 20:08 - 2014-05-29 17:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-06-07 20:08 - 2013-03-21 22:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-06-07 20:08 - 2013-03-21 17:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-06-07 20:07 - 2015-06-09 20:17 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 20:07 - 2015-06-09 20:17 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 20:07 - 2015-06-07 20:12 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-07 20:07 - 2015-06-07 20:12 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-07 20:07 - 2015-06-07 20:08 - 00000000 ____D C:\Users\Joyce\AppData\Local\Google
2015-06-07 20:07 - 2015-06-07 20:08 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-07 20:07 - 2015-06-07 20:07 - 00000000 ____D C:\Users\Joyce\AppData\Local\Deployment
2015-06-07 20:07 - 2015-06-07 20:07 - 00000000 ____D C:\Users\Joyce\AppData\Local\Apps\2.0
2015-06-07 20:07 - 2014-12-18 23:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-06-07 20:07 - 2014-07-24 08:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-06-07 20:07 - 2014-07-16 18:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-06-07 20:07 - 2014-07-16 17:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-06-07 20:07 - 2014-07-16 17:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-06-07 20:07 - 2014-07-12 01:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-06-07 20:07 - 2014-07-11 23:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-06-07 20:07 - 2014-07-11 23:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-06-07 20:07 - 2014-07-11 23:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-06-07 20:07 - 2014-07-11 23:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-06-07 20:07 - 2014-06-28 01:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-06-07 20:07 - 2014-06-27 21:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-06-07 20:07 - 2014-06-12 18:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-07 20:07 - 2014-06-12 18:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-07 20:06 - 2015-05-02 01:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-07 20:06 - 2015-05-01 22:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-07 20:06 - 2015-05-01 22:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-07 20:06 - 2015-04-13 17:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-06-07 20:06 - 2015-03-06 02:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-06-07 20:06 - 2015-03-06 00:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-06-07 20:06 - 2015-01-15 06:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-06-07 20:06 - 2015-01-15 06:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-07 20:06 - 2015-01-15 05:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-06-07 20:06 - 2015-01-15 04:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-07 20:06 - 2015-01-15 04:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-07 20:06 - 2014-09-24 18:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-06-07 20:06 - 2014-09-24 18:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-06-07 20:06 - 2014-03-10 19:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-07 20:06 - 2014-03-10 19:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-07 20:06 - 2014-03-10 19:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-07 20:06 - 2014-03-09 20:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-07 20:05 - 2015-01-24 01:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-06-07 20:05 - 2015-01-24 00:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-06-07 20:05 - 2014-06-06 09:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-06-07 20:05 - 2014-06-06 05:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-06-07 20:05 - 2014-06-05 12:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-06-07 20:04 - 2015-02-18 02:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-07 20:04 - 2015-02-18 02:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-06-07 20:04 - 2014-11-08 06:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-06-07 20:04 - 2014-11-08 01:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-06-07 20:04 - 2014-06-19 18:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-06-07 20:04 - 2014-06-19 17:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-06-07 20:04 - 2013-09-27 22:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-06-07 20:03 - 2015-02-17 01:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-06-07 20:03 - 2015-02-17 00:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-06-07 20:03 - 2014-12-19 01:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-06-07 20:03 - 2014-10-23 07:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-06-07 20:03 - 2014-10-23 06:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-06-07 20:02 - 2014-11-08 06:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-07 20:02 - 2014-11-08 01:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-07 20:02 - 2014-10-11 03:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-07 20:02 - 2014-10-11 00:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-07 20:02 - 2014-10-11 00:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-07 20:02 - 2014-05-29 18:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-06-07 20:02 - 2014-04-12 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-06-07 20:02 - 2014-04-12 04:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-07 20:02 - 2014-04-12 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-07 20:02 - 2014-04-12 04:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-07 20:02 - 2014-04-12 04:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-07 20:02 - 2014-04-12 02:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-07 20:02 - 2014-04-12 02:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-07 20:02 - 2014-04-12 01:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-06-07 20:01 - 2015-04-06 00:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-06-07 20:01 - 2015-04-05 23:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-06-07 20:01 - 2014-08-21 18:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-06-07 20:01 - 2014-08-21 18:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-06-07 20:01 - 2014-05-28 23:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-06-07 20:01 - 2014-03-01 04:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-07 20:01 - 2014-03-01 04:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-06-07 20:01 - 2014-03-01 03:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-06-07 20:01 - 2014-03-01 01:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-07 20:01 - 2014-02-14 23:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-06-07 20:01 - 2013-11-25 18:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-06-07 20:00 - 2014-10-30 02:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-07 20:00 - 2014-10-30 00:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-07 20:00 - 2013-11-01 00:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-06-07 20:00 - 2013-10-31 22:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-06-07 19:29 - 2015-06-09 19:43 - 00003610 _____ C:\Users\Public\CAFADEBUG.log
2015-06-07 19:28 - 2015-06-09 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 19:20 - 2013-08-16 00:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-07 19:20 - 2013-08-16 00:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-07 19:20 - 2013-08-15 17:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-07 19:04 - 2015-06-09 20:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3841187756-268693642-1618518556-1001
2015-06-07 19:04 - 2015-06-07 19:04 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-07 19:04 - 2015-06-07 19:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-07 19:04 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 19:04 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 19:04 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 19:02 - 2013-07-05 17:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-06-07 19:02 - 2013-07-01 20:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-07 19:02 - 2013-07-01 20:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-06-07 19:01 - 2013-07-01 17:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-06-07 19:01 - 2013-06-30 20:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-06-07 19:01 - 2013-06-28 22:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-06-07 19:01 - 2013-06-28 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-06-07 19:01 - 2013-06-28 22:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-06-07 18:58 - 2015-06-07 18:58 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Intel Corporation
2015-06-07 18:57 - 2015-06-07 18:57 - 00011794 _____ C:\Users\Joyce\Desktop\Removed Apps.html
2015-06-07 18:57 - 2015-06-07 18:57 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-07 18:57 - 2015-06-07 18:57 - 00000000 ____D C:\Users\Joyce\AppData\Local\Conexant
2015-06-07 18:56 - 2015-06-07 18:56 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Macromedia
2015-06-07 18:55 - 2015-06-07 18:55 - 00001432 _____ C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Leadertech
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Adobe
2015-06-07 18:55 - 2015-06-07 18:55 - 00000000 ____D C:\Users\Joyce\AppData\Local\Power2Go8
2015-06-07 18:54 - 2015-06-07 18:54 - 00003980 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-06-07 18:54 - 2015-06-07 18:54 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-06-07 18:54 - 2015-06-07 18:54 - 00003192 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-07 18:52 - 2015-06-07 18:56 - 00000000 ____D C:\ProgramData\PRICache
2015-06-07 18:52 - 2015-06-07 18:52 - 00000020 ___SH C:\Users\Joyce\ntuser.ini
2015-06-07 18:52 - 2015-06-07 18:52 - 00000000 ____D C:\Users\Joyce\AppData\Local\VirtualStore
2015-06-07 18:39 - 2015-06-07 18:56 - 00000000 ____D C:\Users\Joyce
2015-06-07 18:39 - 2015-06-07 18:51 - 00060963 _____ C:\Windows\diagwrn.xml
2015-06-07 18:39 - 2015-06-07 18:51 - 00060963 _____ C:\Windows\diagerr.xml
2015-06-07 18:39 - 2015-06-07 18:39 - 00002510 _____ C:\Users\Administrator\AppData\Local\Application.xml
2015-06-07 18:39 - 2013-08-28 13:53 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-07 18:39 - 2013-06-26 17:14 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-07 18:39 - 2012-07-26 03:13 - 00000000 ___RD C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-07 18:39 - 2012-07-26 03:13 - 00000000 ____D C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-07 18:25 - 2015-06-08 09:30 - 00000000 ____D C:\Windows.old
2015-06-07 18:25 - 2015-06-07 18:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-06-07 18:13 - 2015-06-07 19:47 - 00000000 ___HD C:\$SysReset
2015-06-01 22:18 - 2015-06-01 22:18 - 00460868 _____ C:\Users\Joyce\Desktop\2002 Nissan Maxima Fuel Level problem - Maxima Forums.html
2015-06-01 22:18 - 2015-06-01 22:18 - 00000000 ____D C:\Users\Joyce\Desktop\2002 Nissan Maxima Fuel Level problem - Maxima Forums_files
2015-05-29 22:30 - 2015-05-29 22:30 - 00000000 ____D C:\Users\Joyce\Documents\Wondershare Video Converter Ultimate
2015-05-29 22:27 - 2015-05-29 22:27 - 00000000 ____D C:\Users\Joyce\Documents\Wondershare MediaServer
2015-05-29 22:22 - 2015-05-29 22:25 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2015-05-29 22:21 - 2015-05-29 22:22 - 00000572 _____ C:\Users\Joyce\Downloads\vlcmediaplayer-setup.website
2015-05-29 22:19 - 2015-05-29 22:20 - 00805960 _____ C:\Users\Joyce\Downloads\video-converter-ultimate-bing_setup_full975.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-09 20:24 - 2013-08-28 13:04 - 01911951 _____ C:\Windows\WindowsUpdate.log
2015-06-09 20:11 - 2012-07-26 02:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-09 20:00 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\sru
2015-06-09 19:44 - 2012-07-26 02:28 - 00850046 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 19:41 - 2013-08-28 13:24 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-06-09 19:39 - 2012-07-26 02:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 19:38 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-09 19:37 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\WinStore
2015-06-09 19:37 - 2012-07-26 00:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-09 19:36 - 2012-07-26 03:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-09 19:35 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ToastData
2015-06-09 19:35 - 2012-07-26 03:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 19:35 - 2012-07-26 00:38 - 00000000 ____D C:\Windows\system32\oobe
2015-06-09 19:34 - 2012-07-26 02:52 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-09 19:28 - 2013-08-28 13:27 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-06-09 19:28 - 2013-08-28 12:56 - 00004564 _____ C:\Windows\PFRO.log
2015-06-09 19:23 - 2012-07-26 03:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-06-08 10:16 - 2012-07-26 00:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-08 09:31 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\rescache
2015-06-08 08:50 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-06-08 08:24 - 2013-08-28 13:27 - 00000000 ____D C:\ProgramData\McAfee
2015-06-08 08:12 - 2012-07-26 02:21 - 00024127 _____ C:\Windows\setupact.log
2015-06-07 20:11 - 2014-12-14 20:03 - 00000000 ____D C:\Users\Joyce\Desktop\kelsey baptism
2015-06-07 19:57 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\schemas
2015-06-07 19:17 - 2013-08-28 13:27 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-06-07 19:02 - 2013-08-28 13:26 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2015-06-07 19:02 - 2013-08-28 13:26 - 00000000 ____D C:\Program Files (x86)\System Registration
2015-06-07 19:02 - 2013-08-28 13:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-07 18:57 - 2013-08-28 13:17 - 00000000 ____D C:\ProgramData\Intel
2015-06-07 18:55 - 2013-09-24 20:36 - 00000000 ____D C:\Users\Joyce\AppData\Local\Packages
2015-06-07 18:54 - 2013-08-28 13:19 - 00000000 ____D C:\ProgramData\PCDr
2015-06-07 18:52 - 2012-07-26 03:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-06-07 18:51 - 2012-07-26 03:12 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-07 18:40 - 2012-07-26 03:12 - 00000000 ____D C:\Windows\system32\Recovery
2015-06-07 18:39 - 2012-07-26 00:37 - 00000000 __RHD C:\Users\Default
2015-06-07 18:25 - 2012-07-26 03:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-06-01 22:18 - 2013-10-28 21:45 - 00097280 ___SH C:\Users\Joyce\Desktop\Thumbs.db
2015-05-27 22:51 - 2013-12-15 15:22 - 00044544 ___SH C:\Users\Joyce\Documents\Thumbs.db
2015-05-27 22:51 - 2013-12-12 10:18 - 00142336 ___SH C:\Users\Joyce\Downloads\Thumbs.db
 
==================== Files in the root of some directories =======
 
2013-08-28 13:24 - 2013-08-28 13:24 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-08-28 13:21 - 2013-08-28 13:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-08-28 13:22 - 2013-08-28 13:22 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-08-28 13:20 - 2013-08-28 13:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-08-28 13:23 - 2013-08-28 13:24 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 
Some files in TEMP:
====================
C:\Users\Joyce\AppData\Local\Temp\0184821433895731mcinst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-08-28 12:56


#5 scorpiokll

scorpiokll
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 09 June 2015 - 08:36 PM

frst addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Joyce at 2015-06-09 20:31:37
Running from C:\Users\Joyce\Desktop\virus logs
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3841187756-268693642-1618518556-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3841187756-268693642-1618518556-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3841187756-268693642-1618518556-1003 - Limited - Enabled)
Joyce (S-1-5-21-3841187756-268693642-1618518556-1001 - Administrator - Enabled) => C:\Users\Joyce
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{C0C47F85-F48F-4709-9150-3FA62FA2DEAF}) (Version: 2.6.1000.0 - Dell Products, LP)
Dell Update (HKLM-x32\...\{713A4123-9417-4FF7-AC14-F000D6C0C7AD}) (Version: 0.9.1115.0 - Dell Inc.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2849 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
07-06-2015 19:04:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
09-06-2015 19:18:18 Revo Uninstaller's restore point - Skype™ 7.5
09-06-2015 19:18:33 Removed Skype™ 7.5
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0D8DD4F3-398C-4982-85C2-D8ABA3DA1F56} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-23] (Microsoft Corporation)
Task: {0DC62C68-1FAB-4769-9ADF-B604E4280ADD} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {7A4B5B36-F1FC-4407-A3E6-9DCE1A9C1FC5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-07] (Avast Software s.r.o.)
Task: {7BA1D0F2-3DE9-46DF-88D9-CB7414346439} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {85AB241C-CF5E-455C-A58C-D96110D036EE} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {9FFEF991-3BF9-46BC-9286-C2B397B10E8E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {D8894A72-35E7-4D27-BAA6-7D122B2EA8CE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {E3008377-5B42-4743-9D50-A7432D81470B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {EF0803E9-16A6-4346-9809-900B0554BCB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {FE8A9B4E-50CF-485A-B0DF-60E59F262DB0} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-08-28 13:22 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-08-28 13:25 - 2013-04-19 17:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-08-28 13:25 - 2013-04-19 17:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-08-28 13:25 - 2013-04-19 17:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-08-28 13:25 - 2013-04-19 17:51 - 00034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-08-28 13:29 - 2013-06-05 18:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-08-28 13:32 - 2012-07-25 15:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-25 15:44 - 2012-07-25 15:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 00036864 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 15:44 - 2012-07-25 15:35 - 00022016 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2015-06-07 20:21 - 2015-06-07 20:21 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-07 20:21 - 2015-06-07 20:21 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-09 12:14 - 2015-06-09 12:14 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060901\algo.dll
2013-06-25 17:18 - 2013-06-25 17:18 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-08-28 13:16 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-06-07 20:21 - 2015-06-07 20:21 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-28 13:21 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-06-09 18:17 - 2015-06-05 13:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 18:17 - 2015-06-05 13:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3841187756-268693642-1618518556-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 64.233.207.8 - 64.233.207.9
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2DDBC653-ABE7-45FE-981D-0E4FE0A2A96E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{35F0B051-2B6F-45B7-858A-47CDFB56BA7F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{2FF3BF4D-7B5E-4724-9693-F984C2FB30FA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{7BA77440-8917-422E-AD53-45285B41B634}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64237F0C-E2C2-4E07-AD56-687B16BCF5A8}] => (Allow) LPort=2869
FirewallRules: [{95AB7B10-77F2-49DD-88C3-D0D92DEA698E}] => (Allow) LPort=1900
FirewallRules: [{01826AA0-C37C-4DA0-9537-0DE5D6037F8B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{ECBB03A0-6139-4130-9EE6-3F80D9968D90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{976735E8-FCC2-490C-86E3-8D44D883BB21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/09/2015 09:20:58 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/09/2015 09:17:33 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/08/2015 06:23:13 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x88980406)
 
Error: (06/08/2015 09:04:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 299c
 
Start Time: 01d0a1f22eb26adb
 
Termination Time: 118
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 35204225-0de7-11e5-be73-c81f66025c81
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/07/2015 08:00:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SftService.exe, version: 3.0.0.6, time stamp: 0x5050999a
Faulting module name: SftService.exe, version: 3.0.0.6, time stamp: 0x5050999a
Exception code: 0xc0000005
Fault offset: 0x00123faf
Faulting process id: 0xc30
Faulting application start time: 0xSftService.exe0
Faulting application path: SftService.exe1
Faulting module path: SftService.exe2
Report Id: SftService.exe3
Faulting package full name: SftService.exe4
Faulting package-relative application ID: SftService.exe5
 
 
System errors:
=============
Error: (06/09/2015 07:38:37 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (06/09/2015 07:28:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAtheros Wlan Agent service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/09/2015 07:27:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
 
Microsoft Office:
=========================
Error: (06/09/2015 09:20:58 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/09/2015 09:17:33 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/08/2015 06:23:13 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x88980406
 
Error: (06/08/2015 09:04:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16537299c01d0a1f22eb26adb118C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE35204225-0de7-11e5-be73-c81f66025c81
 
Error: (06/07/2015 08:00:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SftService.exe3.0.0.65050999aSftService.exe3.0.0.65050999ac000000500123fafc3001d0a186899e98aeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exeC:\Program Files (x86)\Dell Backup and Recovery\SftService.exec91750e9-0d79-11e5-be73-c81f66025c81
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 8063.54 MB
Available physical RAM: 5807.22 MB
Total Pagefile: 12671.54 MB
Available Pagefile: 10262.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:918.71 GB) (Free:855.2 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A97F6E31)
 
Partition: GPT Partition Type.
 
==================== End of log ============================


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:58 AM

Posted 13 June 2015 - 09:22 PM

Greetings scorpiokll and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please cut and paste FRST.exe directly onto your Desktop.

Is Cassiopesa showing up in other browsers besides Chrome?

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3841187756-268693642-1618518556-1001 -> {722F62ED-8B50-4655-99E6-844380727AF4} URL = 
2013-08-28 13:24 - 2013-08-28 13:24 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-08-28 13:21 - 2013-08-28 13:21 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-08-28 13:22 - 2013-08-28 13:22 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-08-28 13:20 - 2013-08-28 13:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-08-28 13:23 - 2013-08-28 13:24 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
C:\Users\Joyce\AppData\Local\Temp\0184821433895731mcinst.exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary Information
  • Junkware log
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:58 AM

Posted 16 June 2015 - 09:23 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:58 AM

Posted 18 June 2015 - 08:50 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users