Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ESET found in memory: "a variant of MSIL/Injector.YT trojan" unable to clean


  • This topic is locked This topic is locked
2 replies to this topic

#1 whatishappening

whatishappening

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:40 PM

Posted 22 June 2015 - 10:51 PM

Hi i apologize for my bad english in advance but i haven't found a solution to my problem while browsing the internet so that's why i'm making this post.
 
Today when i turned on my computer ESET NOD32 ANTIVIRUS 8 detected a threat, i am using Windows 7 64bit
 
24b327130b.png
 
I ran a complete computer scan to check what was going on and it didn't detect anything
 
Then i ran Malwarebytes Anti-Malware and it didn't detect anything either, 
 
Then i ran SUPERAntiSpyware and it detected Trojan.Agent/Gen-ScriptKD that any of the programs mentioned before didn't detect and got rid of them
 
ed2d30d972.png
 
 
Then i restarted my computer and i still got the same warning msg about the "a variant of MSIL/Injector.YT trojan" threat
 
I ran another pc check on SUPERAntiSpyware and the trojans that it detected earlier were gone, so i restarted my PC
 
But ESET NOD32 ANTIVIRUS 8 gave me the same "a variant of MSIL/Injector.YT trojan" threat msj that's when i decided to make a post in here cause i didn't know what to do
 
i don't know much about computers and i'm scared this virus might take bank information, hotmail, games, etc and stuff from my computer is that a possibility in here? thanks for the help
 
EDIT: i'm sorry i don't see the option to attach Addition.txt file
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by user (administrator) on USER-PC on 22-06-2015 22:36:53
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Español (España,

internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-

frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will

not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision

\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer

\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer

\CLMSServer.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service

\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService

\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv

\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam64.bin
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core

\NvBackend.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
() C:\Program Files (x86)\puush\puush.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Flux Software LLC) C:\Users\user\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared

\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to

default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows

\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032

2014-01-23] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core

\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-

12-19] (Pixart Imaging Inc)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848

2015-01-28] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java

\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [RemoteControl11] => C:\Program Files (x86)\CyberLink

\PowerDVD11\PDVD11Serv.exe [234792 2011-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM

\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [SUPERAntiSpyware] => C:

\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-06-22]

(SUPERAntiSpyware)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [Steam] => C:\Program Files

(x86)\Steam\steam.exe [2892992 2015-06-19] (Valve Corporation)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [puush] => C:\Program Files

(x86)\puush\puush.exe [568904 2015-05-28] ()
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [Gyazo] => C:\Program Files

(x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [f.lux] => C:\Users\user

\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [Spotify Web Helper] => C:

\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-19]

(Spotify Ltd)
HKU\S-1-5-21-2630936845-936601936-197391806-1000\...\Run: [Spotify] => C:\Users\user

\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-19] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries

Engine 3.lnk [2015-02-14]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries

Engine 3\SteelSeriesEngine3.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed

or restored to default.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:

\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft

Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:

\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft

Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:

\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-

06-06] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:

\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-21] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} ->

C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft

Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->

C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-21] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles

\o0ki3sjr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash

\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:

\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java

\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java

\jre7\bin\plugin2\npjp2.dll [2014-08-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:

\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:

\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2014-

08-16] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D

Vision\npnv3dv.dll [2014-10-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA

Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files

(x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files

(x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR

\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2630936845-936601936-197391806-1000:

thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application

\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-2630936845-936601936-197391806-1000: ubisoft.com/uplaypc ->

C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-15] ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins

\mercadolibre-mx.xml [2014-07-17]
FF Extension: MEGA - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles

\o0ki3sjr.default\Extensions\firefox@mega.co.nz.xpi [2015-03-29]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles

\o0ki3sjr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET

NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET

\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-01]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
CHR Extension: (Steam inventory helper) - C:\Users\user\AppData\Local\Google\Chrome

\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-05-24]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-01]
CHR Extension: (Twitch Live) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google

\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-22]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data

\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default

\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The

file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22]

(SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin

\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP

\CLHNServiceForPowerDVD.exe [83240 2011-04-19] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink

\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink

\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-04-21]

(EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28]

(ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience

Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

[1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService

\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

[23007376 2015-06-03] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-15] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27]

(Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The

file will not be moved unless listed separately.)

S3 cpuz138; C:\Users\user\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2015-06-

22] (CPUID)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-01-30] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-01-30] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-01-30] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159480 2015-01-30] (ESET)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK

Computer Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14]

(Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14]

(Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

[19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18]

(NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11]

()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22]

(SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12]

(SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink

\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-04-12] (CyberLink Corp.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The

file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-22 22:36 - 2015-06-22 22:37 - 00016514 _____ C:\Users\user\Downloads\FRST.txt
2015-06-22 22:35 - 2015-06-22 22:36 - 00000000 ____D C:\FRST
2015-06-22 22:34 - 2015-06-22 22:34 - 02109952 _____ (Farbar) C:\Users\user

\Downloads\FRST64.exe
2015-06-22 21:18 - 2015-06-22 21:18 - 00000000 ____D C:\SUPERDelete
2015-06-22 19:21 - 2015-05-01 08:17 - 00124112 _____ (Microsoft Corporation) C:

\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-22 19:21 - 2015-05-01 08:16 - 00102608 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-22 19:17 - 2015-02-02 22:31 - 04121600 _____ (Microsoft Corporation) C:

\Windows\system32\mf.dll
2015-06-22 19:17 - 2015-02-02 22:31 - 00782848 _____ (Microsoft Corporation) C:

\Windows\system32\wmdrmsdk.dll
2015-06-22 19:17 - 2015-02-02 22:31 - 00500224 _____ (Microsoft Corporation) C:

\Windows\system32\AUDIOKSE.dll
2015-06-22 19:17 - 2015-02-02 22:30 - 01202176 _____ (Microsoft Corporation) C:

\Windows\system32\drmv2clt.dll
2015-06-22 19:17 - 2015-02-02 22:30 - 00842240 _____ (Microsoft Corporation) C:

\Windows\system32\blackbox.dll
2015-06-22 19:17 - 2015-02-02 22:30 - 00497664 _____ (Microsoft Corporation) C:

\Windows\system32\drmmgrtn.dll
2015-06-22 19:17 - 2015-02-02 22:12 - 03209728 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mf.dll
2015-06-22 19:17 - 2015-02-02 22:12 - 00988160 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\drmv2clt.dll
2015-06-22 19:17 - 2015-02-02 22:12 - 00744960 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\blackbox.dll
2015-06-22 19:17 - 2015-02-02 22:12 - 00617984 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmdrmsdk.dll
2015-06-22 19:16 - 2015-06-01 14:16 - 00389840 _____ (Microsoft Corporation) C:

\Windows\system32\iedkcs32.dll
2015-06-22 19:16 - 2015-06-01 13:07 - 00342736 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\iedkcs32.dll
2015-06-22 19:16 - 2015-05-27 09:35 - 24917504 _____ (Microsoft Corporation) C:

\Windows\system32\mshtml.dll
2015-06-22 19:16 - 2015-05-27 09:08 - 19607040 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mshtml.dll
2015-06-22 19:16 - 2015-05-22 22:28 - 02724864 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mshtml.tlb
2015-06-22 19:16 - 2015-05-22 22:15 - 00503808 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\vbscript.dll
2015-06-22 19:16 - 2015-05-22 22:15 - 00062464 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\iesetup.dll
2015-06-22 19:16 - 2015-05-22 22:15 - 00047616 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ieetwproxystub.dll
2015-06-22 19:16 - 2015-05-22 22:14 - 00341504 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\html.iec
2015-06-22 19:16 - 2015-05-22 22:13 - 00064000 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\MshtmlDac.dll
2015-06-22 19:16 - 2015-05-22 22:10 - 02278912 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\iertutil.dll
2015-06-22 19:16 - 2015-05-22 22:09 - 00047104 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\jsproxy.dll
2015-06-22 19:16 - 2015-05-22 22:08 - 00030720 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\iernonce.dll
2015-06-22 19:16 - 2015-05-22 22:06 - 00478208 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ieui.dll
2015-06-22 19:16 - 2015-05-22 22:05 - 00664064 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\jscript.dll
2015-06-22 19:16 - 2015-05-22 22:05 - 00115712 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ieUnatt.exe
2015-06-22 19:16 - 2015-05-22 22:04 - 00620032 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\jscript9diag.dll
2015-06-22 19:16 - 2015-05-22 21:57 - 00418304 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dxtmsft.dll
2015-06-22 19:16 - 2015-05-22 21:52 - 00060416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-22 19:16 - 2015-05-22 21:49 - 00168960 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msrating.dll
2015-06-22 19:16 - 2015-05-22 21:48 - 00076288 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mshtmled.dll
2015-06-22 19:16 - 2015-05-22 21:47 - 04305920 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\jscript9.dll
2015-06-22 19:16 - 2015-05-22 21:47 - 00285696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dxtrans.dll
2015-06-22 19:16 - 2015-05-22 21:38 - 00689152 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msfeeds.dll
2015-06-22 19:16 - 2015-05-22 21:37 - 02052608 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\inetcpl.cpl
2015-06-22 19:16 - 2015-05-22 21:37 - 01155072 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mshtmlmedia.dll
2015-06-22 19:16 - 2015-05-22 21:28 - 12829696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ieframe.dll
2015-06-22 19:16 - 2015-05-22 21:20 - 01950720 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wininet.dll
2015-06-22 19:16 - 2015-05-22 21:16 - 01309696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\urlmon.dll
2015-06-22 19:16 - 2015-05-22 21:14 - 00710144 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ieapfltr.dll
2015-06-22 19:16 - 2015-05-22 14:16 - 02724864 _____ (Microsoft Corporation) C:

\Windows\system32\mshtml.tlb
2015-06-22 19:16 - 2015-05-22 14:16 - 00004096 _____ (Microsoft Corporation) C:

\Windows\system32\ieetwcollectorres.dll
2015-06-22 19:16 - 2015-05-22 14:01 - 00066560 _____ (Microsoft Corporation) C:

\Windows\system32\iesetup.dll
2015-06-22 19:16 - 2015-05-22 14:00 - 02885632 _____ (Microsoft Corporation) C:

\Windows\system32\iertutil.dll
2015-06-22 19:16 - 2015-05-22 14:00 - 00584192 _____ (Microsoft Corporation) C:

\Windows\system32\vbscript.dll
2015-06-22 19:16 - 2015-05-22 14:00 - 00417792 _____ (Microsoft Corporation) C:

\Windows\system32\html.iec
2015-06-22 19:16 - 2015-05-22 14:00 - 00048640 _____ (Microsoft Corporation) C:

\Windows\system32\ieetwproxystub.dll
2015-06-22 19:16 - 2015-05-22 13:59 - 00088064 _____ (Microsoft Corporation) C:

\Windows\system32\MshtmlDac.dll
2015-06-22 19:16 - 2015-05-22 13:53 - 00054784 _____ (Microsoft Corporation) C:

\Windows\system32\jsproxy.dll
2015-06-22 19:16 - 2015-05-22 13:52 - 06026240 _____ (Microsoft Corporation) C:

\Windows\system32\jscript9.dll
2015-06-22 19:16 - 2015-05-22 13:52 - 00034304 _____ (Microsoft Corporation) C:

\Windows\system32\iernonce.dll
2015-06-22 19:16 - 2015-05-22 13:48 - 00633856 _____ (Microsoft Corporation) C:

\Windows\system32\ieui.dll
2015-06-22 19:16 - 2015-05-22 13:47 - 00816640 _____ (Microsoft Corporation) C:

\Windows\system32\jscript.dll
2015-06-22 19:16 - 2015-05-22 13:47 - 00814080 _____ (Microsoft Corporation) C:

\Windows\system32\jscript9diag.dll
2015-06-22 19:16 - 2015-05-22 13:47 - 00144384 _____ (Microsoft Corporation) C:

\Windows\system32\ieUnatt.exe
2015-06-22 19:16 - 2015-05-22 13:47 - 00114688 _____ (Microsoft Corporation) C:

\Windows\system32\ieetwcollector.exe
2015-06-22 19:16 - 2015-05-22 13:40 - 00968704 _____ (Microsoft Corporation) C:

\Windows\system32\MsSpellCheckingFacility.exe
2015-06-22 19:16 - 2015-05-22 13:36 - 00490496 _____ (Microsoft Corporation) C:

\Windows\system32\dxtmsft.dll
2015-06-22 19:16 - 2015-05-22 13:29 - 00077824 _____ (Microsoft Corporation) C:

\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-22 19:16 - 2015-05-22 13:25 - 00199680 _____ (Microsoft Corporation) C:

\Windows\system32\msrating.dll
2015-06-22 19:16 - 2015-05-22 13:24 - 00092160 _____ (Microsoft Corporation) C:

\Windows\system32\mshtmled.dll
2015-06-22 19:16 - 2015-05-22 13:21 - 00316928 _____ (Microsoft Corporation) C:

\Windows\system32\dxtrans.dll
2015-06-22 19:16 - 2015-05-22 13:07 - 00720384 _____ (Microsoft Corporation) C:

\Windows\system32\ie4uinit.exe
2015-06-22 19:16 - 2015-05-22 13:06 - 00801280 _____ (Microsoft Corporation) C:

\Windows\system32\msfeeds.dll
2015-06-22 19:16 - 2015-05-22 13:05 - 02125824 _____ (Microsoft Corporation) C:

\Windows\system32\inetcpl.cpl
2015-06-22 19:16 - 2015-05-22 13:05 - 01359360 _____ (Microsoft Corporation) C:

\Windows\system32\mshtmlmedia.dll
2015-06-22 19:16 - 2015-05-22 12:57 - 14404096 _____ (Microsoft Corporation) C:

\Windows\system32\ieframe.dll
2015-06-22 19:16 - 2015-05-22 12:50 - 02426880 _____ (Microsoft Corporation) C:

\Windows\system32\wininet.dll
2015-06-22 19:16 - 2015-05-22 12:38 - 01545728 _____ (Microsoft Corporation) C:

\Windows\system32\urlmon.dll
2015-06-22 19:16 - 2015-05-22 12:26 - 00800768 _____ (Microsoft Corporation) C:

\Windows\system32\ieapfltr.dll
2015-06-22 19:16 - 2015-04-19 22:17 - 01647104 _____ (Microsoft Corporation) C:

\Windows\system32\DWrite.dll
2015-06-22 19:16 - 2015-04-19 22:17 - 01179136 _____ (Microsoft Corporation) C:

\Windows\system32\FntCache.dll
2015-06-22 19:16 - 2015-04-19 21:56 - 01250816 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\DWrite.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 03298816 _____ (Microsoft Corporation) C:

\Windows\system32\wucltux.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 02553856 _____ (Microsoft Corporation) C:

\Windows\system32\wuaueng.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00696320 _____ (Microsoft Corporation) C:

\Windows\system32\wuapi.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00191488 _____ (Microsoft Corporation) C:

\Windows\system32\wuwebv.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00098304 _____ (Microsoft Corporation) C:

\Windows\system32\wudriver.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00060416 _____ (Microsoft Corporation) C:

\Windows\system32\WinSetupUI.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00037376 _____ (Microsoft Corporation) C:

\Windows\system32\wups2.dll
2015-06-22 19:16 - 2015-03-24 22:24 - 00035328 _____ (Microsoft Corporation) C:

\Windows\system32\wups.dll
2015-06-22 19:16 - 2015-03-24 22:23 - 00135168 _____ (Microsoft Corporation) C:

\Windows\system32\wuauclt.exe
2015-06-22 19:16 - 2015-03-24 22:23 - 00036864 _____ (Microsoft Corporation) C:

\Windows\system32\wuapp.exe
2015-06-22 19:16 - 2015-03-24 22:23 - 00012288 _____ (Microsoft Corporation) C:

\Windows\system32\wu.upgrade.ps.dll
2015-06-22 19:16 - 2015-03-24 22:00 - 00566784 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuapi.dll
2015-06-22 19:16 - 2015-03-24 22:00 - 00173056 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuwebv.dll
2015-06-22 19:16 - 2015-03-24 22:00 - 00092672 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wudriver.dll
2015-06-22 19:16 - 2015-03-24 22:00 - 00033792 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wuapp.exe
2015-06-22 19:16 - 2015-03-24 22:00 - 00029696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wups.dll
2015-06-22 19:16 - 2015-02-02 22:34 - 00693176 _____ (Microsoft Corporation) C:

\Windows\system32\winload.efi
2015-06-22 19:16 - 2015-02-02 22:34 - 00094656 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mountmgr.sys
2015-06-22 19:16 - 2015-02-02 22:33 - 00616360 _____ (Microsoft Corporation) C:

\Windows\system32\winresume.efi
2015-06-22 19:16 - 2015-02-02 22:31 - 01574400 _____ (Microsoft Corporation) C:

\Windows\system32\quartz.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00641024 _____ (Microsoft Corporation) C:

\Windows\system32\msscp.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00432128 _____ (Microsoft Corporation) C:

\Windows\system32\mfplat.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00371712 _____ (Microsoft Corporation) C:

\Windows\system32\qdvd.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00325632 _____ (Microsoft Corporation) C:

\Windows\system32\msnetobj.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00229376 _____ (Microsoft Corporation) C:

\Windows\system32\wintrust.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00206848 _____ (Microsoft Corporation) C:

\Windows\system32\mfps.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00188416 _____ (Microsoft Corporation) C:

\Windows\system32\pcasvc.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00063488 _____ (Microsoft Corporation) C:

\Windows\system32\setbcdlocale.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00037376 _____ (Microsoft Corporation) C:

\Windows\system32\pcadm.dll
2015-06-22 19:16 - 2015-02-02 22:31 - 00011264 _____ (Microsoft Corporation) C:

\Windows\system32\msmmsp.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 01480192 _____ (Microsoft Corporation) C:

\Windows\system32\crypt32.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 01069056 _____ (Microsoft Corporation) C:

\Windows\system32\cryptui.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00680960 _____ (Microsoft Corporation) C:

\Windows\system32\audiosrv.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00631808 _____ (Microsoft Corporation) C:

\Windows\system32\evr.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00440832 _____ (Microsoft Corporation) C:

\Windows\system32\AudioEng.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00296448 _____ (Microsoft Corporation) C:

\Windows\system32\AudioSes.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00284672 _____ (Microsoft Corporation) C:

\Windows\system32\EncDump.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00187904 _____ (Microsoft Corporation) C:

\Windows\system32\cryptsvc.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00146944 _____ (Microsoft Corporation) C:

\Windows\system32\appidpolicyconverter.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00140288 _____ (Microsoft Corporation) C:

\Windows\system32\cryptnet.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00126464 _____ (Microsoft Corporation) C:

\Windows\system32\audiodg.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00082432 _____ (Microsoft Corporation) C:

\Windows\system32\cryptsp.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00058880 _____ (Microsoft Corporation) C:

\Windows\system32\appidapi.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00055808 _____ (Microsoft Corporation) C:

\Windows\system32\rrinstaller.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00032256 _____ (Microsoft Corporation) C:

\Windows\system32\appidsvc.dll
2015-06-22 19:16 - 2015-02-02 22:30 - 00024576 _____ (Microsoft Corporation) C:

\Windows\system32\mfpmp.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00017920 _____ (Microsoft Corporation) C:

\Windows\system32\appidcertstorecheck.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00011264 _____ (Microsoft Corporation) C:

\Windows\system32\pcawrk.exe
2015-06-22 19:16 - 2015-02-02 22:30 - 00009728 _____ (Microsoft Corporation) C:

\Windows\system32\pcalua.exe
2015-06-22 19:16 - 2015-02-02 22:29 - 00008704 _____ (Microsoft Corporation) C:

\Windows\system32\pcaevts.dll
2015-06-22 19:16 - 2015-02-02 22:28 - 00002048 _____ (Microsoft Corporation) C:

\Windows\system32\mferror.dll
2015-06-22 19:16 - 2015-02-02 22:19 - 00663552 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\PEAuth.sys
2015-06-22 19:16 - 2015-02-02 22:12 - 01329664 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\quartz.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 01174528 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\crypt32.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 01005056 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\cryptui.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00519680 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\qdvd.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00504320 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msscp.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00489984 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\evr.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00442880 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\AUDIOKSE.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00406016 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\drmmgrtn.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00374784 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\AudioEng.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00354816 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfplat.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00265216 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msnetobj.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00195584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\AudioSes.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00179200 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wintrust.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00143872 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\cryptsvc.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00103936 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\cryptnet.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00103424 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfps.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00081408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\cryptsp.dll
2015-06-22 19:16 - 2015-02-02 22:12 - 00050688 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\appidapi.dll
2015-06-22 19:16 - 2015-02-02 22:11 - 00050176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\rrinstaller.exe
2015-06-22 19:16 - 2015-02-02 22:11 - 00023040 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mfpmp.exe
2015-06-22 19:16 - 2015-02-02 22:09 - 00002048 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mferror.dll
2015-06-22 19:16 - 2015-02-02 21:32 - 00061440 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\appid.sys
2015-06-22 19:16 - 2014-10-31 17:24 - 00619056 _____ (Microsoft Corporation) C:

\Windows\system32\winload.exe
2015-06-22 19:16 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:

\Windows\system32\winresume.exe
2015-06-22 19:16 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:

\Windows\system32\ci.dll
2015-06-22 19:15 - 2015-05-04 20:29 - 00342016 _____ (Microsoft Corporation) C:

\Windows\system32\schannel.dll
2015-06-22 19:15 - 2015-05-04 20:12 - 00248832 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\schannel.dll
2015-06-22 19:15 - 2015-04-29 13:22 - 14635008 _____ (Microsoft Corporation) C:

\Windows\system32\wmp.dll
2015-06-22 19:15 - 2015-04-29 13:21 - 00009728 _____ (Microsoft Corporation) C:

\Windows\system32\spwmp.dll
2015-06-22 19:15 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:

\Windows\system32\msdxm.ocx
2015-06-22 19:15 - 2015-04-29 13:21 - 00005120 _____ (Microsoft Corporation) C:

\Windows\system32\dxmasf.dll
2015-06-22 19:15 - 2015-04-29 13:19 - 12625920 _____ (Microsoft Corporation) C:

\Windows\system32\wmploc.DLL
2015-06-22 19:15 - 2015-04-29 13:07 - 11411456 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmp.dll
2015-06-22 19:15 - 2015-04-29 13:07 - 00008192 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\spwmp.dll
2015-06-22 19:15 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msdxm.ocx
2015-06-22 19:15 - 2015-04-29 13:07 - 00004096 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dxmasf.dll
2015-06-22 19:15 - 2015-04-29 13:05 - 12625408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wmploc.DLL
2015-06-22 19:15 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:

\Windows\system32\comctl32.dll
2015-06-22 19:15 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\comctl32.dll
2015-06-22 19:15 - 2015-04-17 22:10 - 00460800 _____ (Microsoft Corporation) C:

\Windows\system32\certcli.dll
2015-06-22 19:15 - 2015-04-17 21:56 - 00342016 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\certcli.dll
2015-06-22 19:15 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:

\Windows\system32\services.exe
2015-06-22 19:15 - 2015-04-07 22:29 - 00275456 _____ (Microsoft Corporation) C:

\Windows\system32\InkEd.dll
2015-06-22 19:15 - 2015-04-07 22:29 - 00024576 _____ (Microsoft Corporation) C:

\Windows\system32\jnwmon.dll
2015-06-22 19:15 - 2015-04-07 22:14 - 00216064 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\InkEd.dll
2015-06-22 19:15 - 2015-04-03 22:29 - 00155576 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecpkg.sys
2015-06-22 19:15 - 2015-04-03 22:29 - 00095680 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecdd.sys
2015-06-22 19:15 - 2015-04-03 22:22 - 01461760 _____ (Microsoft Corporation) C:

\Windows\system32\lsasrv.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00728064 _____ (Microsoft Corporation) C:

\Windows\system32\kerberos.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00314880 _____ (Microsoft Corporation) C:

\Windows\system32\msv1_0.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00309760 _____ (Microsoft Corporation) C:

\Windows\system32\ncrypt.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00210944 _____ (Microsoft Corporation) C:

\Windows\system32\wdigest.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00136192 _____ (Microsoft Corporation) C:

\Windows\system32\sspicli.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00086528 _____ (Microsoft Corporation) C:

\Windows\system32\TSpkg.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00029184 _____ (Microsoft Corporation) C:

\Windows\system32\sspisrv.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00028160 _____ (Microsoft Corporation) C:

\Windows\system32\secur32.dll
2015-06-22 19:15 - 2015-04-03 22:22 - 00022016 _____ (Microsoft Corporation) C:

\Windows\system32\credssp.dll
2015-06-22 19:15 - 2015-04-03 22:20 - 00064000 _____ (Microsoft Corporation) C:

\Windows\system32\auditpol.exe
2015-06-22 19:15 - 2015-04-03 22:20 - 00031232 _____ (Microsoft Corporation) C:

\Windows\system32\lsass.exe
2015-06-22 19:15 - 2015-04-03 22:17 - 00146432 _____ (Microsoft Corporation) C:

\Windows\system32\msaudite.dll
2015-06-22 19:15 - 2015-04-03 22:17 - 00060416 _____ (Microsoft Corporation) C:

\Windows\system32\msobjs.dll
2015-06-22 19:15 - 2015-04-03 22:15 - 00686080 _____ (Microsoft Corporation) C:

\Windows\system32\adtschema.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00550912 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\kerberos.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00259584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msv1_0.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00221184 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ncrypt.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00172032 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wdigest.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00065536 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\TSpkg.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00022016 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\secur32.dll
2015-06-22 19:15 - 2015-04-03 22:05 - 00017408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\credssp.dll
2015-06-22 19:15 - 2015-04-03 22:04 - 00096768 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\sspicli.dll
2015-06-22 19:15 - 2015-04-03 22:04 - 00050176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\auditpol.exe
2015-06-22 19:15 - 2015-04-03 22:01 - 00146432 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msaudite.dll
2015-06-22 19:15 - 2015-04-03 22:01 - 00060416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msobjs.dll
2015-06-22 19:15 - 2015-04-03 21:59 - 00686080 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\adtschema.dll
2015-06-22 19:15 - 2015-03-17 00:22 - 05557696 _____ (Microsoft Corporation) C:

\Windows\system32\ntoskrnl.exe
2015-06-22 19:15 - 2015-03-17 00:19 - 01727904 _____ (Microsoft Corporation) C:

\Windows\system32\ntdll.dll
2015-06-22 19:15 - 2015-03-17 00:16 - 00503808 _____ (Microsoft Corporation) C:

\Windows\system32\srcore.dll
2015-06-22 19:15 - 2015-03-17 00:16 - 00296960 _____ (Microsoft Corporation) C:

\Windows\system32\rstrui.exe
2015-06-22 19:15 - 2015-03-17 00:16 - 00112640 _____ (Microsoft Corporation) C:

\Windows\system32\smss.exe
2015-06-22 19:15 - 2015-03-17 00:16 - 00050176 _____ (Microsoft Corporation) C:

\Windows\system32\srclient.dll
2015-06-22 19:15 - 2015-03-17 00:16 - 00043520 _____ (Microsoft Corporation) C:

\Windows\system32\csrsrv.dll
2015-06-22 19:15 - 2015-03-17 00:11 - 00006656 _____ (Microsoft Corporation) C:

\Windows\system32\apisetschema.dll
2015-06-22 19:15 - 2015-03-17 00:01 - 03976632 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntkrnlpa.exe
2015-06-22 19:15 - 2015-03-17 00:01 - 03920824 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntoskrnl.exe
2015-06-22 19:15 - 2015-03-16 23:59 - 01309696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntdll.dll
2015-06-22 19:15 - 2015-03-16 23:57 - 00043008 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\srclient.dll
2015-06-22 19:15 - 2015-03-16 23:50 - 00006656 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\apisetschema.dll
2015-06-22 19:15 - 2015-02-19 23:41 - 00041984 _____ (Microsoft Corporation) C:

\Windows\system32\lpk.dll
2015-06-22 19:15 - 2015-02-19 23:40 - 00100864 _____ (Microsoft Corporation) C:

\Windows\system32\fontsub.dll
2015-06-22 19:15 - 2015-02-19 23:40 - 00046080 _____ (Adobe Systems) C:\Windows

\system32\atmlib.dll
2015-06-22 19:15 - 2015-02-19 23:40 - 00014336 _____ (Microsoft Corporation) C:

\Windows\system32\dciman32.dll
2015-06-22 19:15 - 2015-02-19 23:13 - 00070656 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\fontsub.dll
2015-06-22 19:15 - 2015-02-19 23:13 - 00034304 _____ (Adobe Systems) C:\Windows

\SysWOW64\atmlib.dll
2015-06-22 19:15 - 2015-02-19 23:13 - 00010240 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dciman32.dll
2015-06-22 19:15 - 2015-02-19 23:12 - 00025600 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\lpk.dll
2015-06-22 19:15 - 2015-02-19 22:29 - 00372224 _____ (Adobe Systems Incorporated) C:

\Windows\system32\atmfd.dll
2015-06-22 19:15 - 2015-02-19 22:09 - 00299008 _____ (Adobe Systems Incorporated) C:

\Windows\SysWOW64\atmfd.dll
2015-06-22 19:15 - 2015-02-13 00:26 - 12875264 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\shell32.dll
2015-06-22 19:15 - 2015-02-13 00:22 - 14177280 _____ (Microsoft Corporation) C:

\Windows\system32\shell32.dll
2015-06-22 19:15 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:

\Windows\system32\ubpm.dll
2015-06-22 19:15 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ubpm.dll
2015-06-22 19:15 - 2015-01-30 18:56 - 00459336 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\cng.sys
2015-06-22 19:15 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:

\Windows\system32\profsvc.dll
2015-06-22 19:15 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\mrxdav.sys
2015-06-22 19:15 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:

\Windows\system32\TSWbPrxy.exe
2015-06-22 19:15 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:

\Windows\system32\nlasvc.dll
2015-06-22 19:15 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ncsi.dll
2015-06-22 19:15 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\nlaapi.dll
2015-06-22 19:15 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:

\Windows\system32\termsrv.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:

\Windows\system32\dfshim.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\dfshim.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mscorier.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:

\Windows\system32\mscorier.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mscories.dll
2015-06-22 19:15 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:

\Windows\system32\mscories.dll
2015-06-22 19:15 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:

\Windows\system32\ncsi.dll
2015-06-22 19:15 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:

\Windows\system32\nlaapi.dll
2015-06-22 19:14 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:

\Windows\system32\pku2u.dll
2015-06-22 19:14 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\pku2u.dll
2015-06-22 19:14 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:

\Windows\system32\mstscax.dll
2015-06-22 19:14 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:

\Windows\system32\mstsc.exe
2015-06-22 19:14 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:

\Windows\system32\winlogon.exe
2015-06-22 19:14 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:

\Windows\system32\winsta.dll
2015-06-22 19:14 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:

\Windows\system32\rdpcorekmts.dll
2015-06-22 19:14 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\winsta.dll
2015-06-22 19:14 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mstscax.dll
2015-06-22 19:14 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\mstsc.exe
2015-06-22 19:14 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\aaclient.dll
2015-06-22 19:14 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\rdpwd.sys
2015-06-22 19:14 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\tssecsrv.sys
2015-06-22 19:13 - 2015-05-08 22:27 - 00362496 _____ (Microsoft Corporation) C:

\Windows\system32\wow64win.dll
2015-06-22 19:13 - 2015-05-08 22:27 - 00243712 _____ (Microsoft Corporation) C:

\Windows\system32\wow64.dll
2015-06-22 19:13 - 2015-05-08 22:27 - 00215040 _____ (Microsoft Corporation) C:

\Windows\system32\winsrv.dll
2015-06-22 19:13 - 2015-05-08 22:27 - 00013312 _____ (Microsoft Corporation) C:

\Windows\system32\wow64cpu.dll
2015-06-22 19:13 - 2015-05-08 22:26 - 01162752 _____ (Microsoft Corporation) C:

\Windows\system32\kernel32.dll
2015-06-22 19:13 - 2015-05-08 22:26 - 00424960 _____ (Microsoft Corporation) C:

\Windows\system32\KernelBase.dll
2015-06-22 19:13 - 2015-05-08 22:26 - 00016384 _____ (Microsoft Corporation) C:

\Windows\system32\ntvdm64.dll
2015-06-22 19:13 - 2015-05-08 22:25 - 00338432 _____ (Microsoft Corporation) C:

\Windows\system32\conhost.exe
2015-06-22 19:13 - 2015-05-08 22:20 - 00006144 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00005120 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004608 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004608 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:20 - 00003072 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:13 - 00025600 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\setup16.exe
2015-06-22 19:13 - 2015-05-08 22:13 - 00014336 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntvdm64.dll
2015-06-22 19:13 - 2015-05-08 22:12 - 01114112 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\kernel32.dll
2015-06-22 19:13 - 2015-05-08 22:12 - 00274944 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\KernelBase.dll
2015-06-22 19:13 - 2015-05-08 22:12 - 00005120 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wow32.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00005120 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004608 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 22:08 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 21:01 - 00007680 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\instnm.exe
2015-06-22 19:13 - 2015-05-08 21:01 - 00002048 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\user.exe
2015-06-22 19:13 - 2015-05-08 20:59 - 00006144 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 20:59 - 00004608 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 20:59 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-22 19:13 - 2015-05-08 20:59 - 00003072 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-22 19:10 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\poqexec.exe
2015-06-22 19:10 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:

\Windows\system32\poqexec.exe
2015-06-22 19:10 - 2015-02-02 22:31 - 01424896 _____ (Microsoft Corporation) C:

\Windows\system32\WindowsCodecs.dll
2015-06-22 19:10 - 2015-02-02 22:12 - 01230848 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WindowsCodecs.dll
2015-06-22 19:09 - 2015-05-25 12:08 - 03206144 _____ (Microsoft Corporation) C:

\Windows\system32\win32k.sys
2015-06-22 19:09 - 2015-03-09 22:25 - 01882624 _____ (Microsoft Corporation) C:

\Windows\system32\msxml3.dll
2015-06-22 19:09 - 2015-03-09 22:21 - 00002048 _____ (Microsoft Corporation) C:

\Windows\system32\msxml3r.dll
2015-06-22 19:09 - 2015-03-09 22:08 - 01237504 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msxml3.dll
2015-06-22 19:09 - 2015-03-09 22:05 - 00002048 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msxml3r.dll
2015-06-22 19:09 - 2015-03-05 00:12 - 00404480 _____ (Microsoft Corporation) C:

\Windows\system32\gdi32.dll
2015-06-22 19:09 - 2015-03-04 23:05 - 00311808 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\gdi32.dll
2015-06-22 19:09 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:

\Windows\system32\clfs.sys
2015-06-22 19:09 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:

\Windows\system32\clfsw32.dll
2015-06-22 19:09 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\clfsw32.dll
2015-06-22 19:09 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\http.sys
2015-06-22 19:09 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:

\Windows\system32\msctf.dll
2015-06-22 19:09 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msctf.dll
2015-06-22 19:09 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:

\Windows\system32\scesrv.dll
2015-06-22 19:09 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\scesrv.dll
2015-06-22 19:09 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:

\Windows\system32\packager.dll
2015-06-22 19:09 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\packager.dll
2015-06-22 19:09 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:

\Windows\system32\oleaut32.dll
2015-06-22 19:09 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\oleaut32.dll
2015-06-22 19:09 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:

\Windows\system32\rastls.dll
2015-06-22 19:09 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\rastls.dll
2015-06-22 19:09 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:

\Windows\system32\IMJP10K.DLL
2015-06-22 19:09 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\IMJP10K.DLL
2015-06-22 19:06 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:

\Windows\system32\WMPhoto.dll
2015-06-22 19:06 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\WMPhoto.dll
2015-06-22 17:19 - 2015-06-22 20:15 - 00136408 _____ (Malwarebytes Corporation) C:

\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 17:19 - 2015-06-22 17:19 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-22 17:19 - 2015-06-22 17:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-22 17:19 - 2015-06-22 17:19 - 00000000 ____D C:\Program Files

(x86)\Malwarebytes Anti-Malware
2015-06-22 17:19 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:

\Windows\system32\Drivers\mbamchameleon.sys
2015-06-22 17:19 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:

\Windows\system32\Drivers\mwac.sys
2015-06-22 17:19 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:

\Windows\system32\Drivers\mbam.sys
2015-06-22 17:17 - 2015-06-22 17:18 - 21546080 _____ (Malwarebytes Corporation ) C:

\Users\user\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-20 13:24 - 2015-06-20 13:24 - 00000000 ____D C:\Users\user\Documents\NCSOFT
2015-06-19 11:59 - 2015-06-19 12:00 - 00000000 ____D C:\Users\user\AppData\Roaming

\Tera_Awesomium
2015-06-16 10:15 - 2015-06-16 10:15 - 00001180 _____ C:\Users\Public\Desktop

\WildStar.lnk
2015-06-16 10:15 - 2015-06-16 10:15 - 00000000 ____D C:\Users\user\AppData\Roaming

\NCSOFT
2015-06-16 10:15 - 2015-06-16 10:15 - 00000000 ____D C:\Users\user\AppData\Local

\NCSOFT
2015-06-16 10:15 - 2015-06-16 10:15 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\NCSOFT
2015-06-16 10:15 - 2015-06-16 10:15 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2015-06-16 10:14 - 2015-06-16 10:14 - 06037496 _____ (NCSOFT) C:\Users\user

\Downloads\Wildstar.exe
2015-06-15 15:24 - 2015-06-15 22:18 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-15 15:24 - 2015-06-15 15:24 - 00000000 ____D C:\Users\user\AppData\Local

\PunkBuster
2015-06-15 15:08 - 2015-06-15 22:18 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-15 15:08 - 2015-06-15 15:24 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-15 15:08 - 2015-06-15 15:20 - 00000000 ____D C:\Users\user\AppData\Local

\Ubisoft Game Launcher
2015-06-15 15:08 - 2015-06-15 15:08 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-15 15:08 - 2015-06-15 15:08 - 00000000 ____D C:\Users\user\AppData\Roaming

\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-06-15 15:08 - 2015-06-15 15:08 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-06-12 18:56 - 2015-06-12 18:56 - 00000000 ____D C:\Users\user\AppData\Local

\Risk_of_Rain
2015-06-11 19:38 - 2015-06-18 20:30 - 00000000 ____D C:\Users\user\AppData\Roaming

\FEZ
2015-06-11 19:38 - 2015-06-11 19:38 - 00466456 _____ (Creative Labs) C:\Windows

\system32\wrap_oal.dll
2015-06-11 19:38 - 2015-06-11 19:38 - 00444952 _____ (Creative Labs) C:\Windows

\SysWOW64\wrap_oal.dll
2015-06-11 19:38 - 2015-06-11 19:38 - 00122904 _____ (Portions © Creative Labs Inc.

and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-06-11 19:38 - 2015-06-11 19:38 - 00109080 _____ (Portions © Creative Labs Inc.

and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-06-11 19:38 - 2015-06-11 19:38 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-06-11 19:38 - 2015-06-11 19:19 - 00012005 _____ C:\Users\user\AppData\Roaming

\alsoft.ini
2015-06-11 18:29 - 2015-05-18 22:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows

\system32\Drivers\nvvad64v.sys
2015-06-11 18:29 - 2015-05-18 22:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows

\SysWOW64\nvaudcap32v.dll
2015-06-10 09:52 - 2015-06-10 09:52 - 00001091 _____ C:\Users\Public\Desktop

\StarCraft II.lnk
2015-06-10 09:51 - 2015-06-10 18:00 - 00000000 ____D C:\Users\user\Documents

\StarCraft II
2015-06-10 09:51 - 2015-06-10 09:52 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\StarCraft II
2015-06-10 09:49 - 2015-06-10 17:20 - 00000000 ____D C:\Program Files (x86)\StarCraft

II
2015-06-09 20:10 - 2015-06-09 20:11 - 00000000 ____D C:\Users\user\Documents\Heroes

of the Storm
2015-06-09 20:08 - 2015-06-09 20:08 - 00001189 _____ C:\Users\Public\Desktop\Heroes

of the Storm.lnk
2015-06-09 20:08 - 2015-06-09 20:08 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Heroes of the Storm
2015-06-09 19:09 - 2015-06-17 11:18 - 00000000 ____D C:\Program Files (x86)\Heroes of

the Storm
2015-06-02 14:40 - 2015-06-03 13:30 - 00000000 ____D C:\Program Files (x86)\Mozilla

Firefox
2015-05-30 01:27 - 2015-05-30 01:27 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\ESET
2015-05-30 01:27 - 2015-05-30 01:27 - 00000000 ____D C:\ProgramData\ESET
2015-05-28 16:58 - 2015-05-28 16:58 - 00000000 ____D C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\puush
2015-05-28 16:58 - 2015-05-28 16:58 - 00000000 ____D C:\Program Files (x86)\puush
2015-05-28 16:57 - 2015-05-28 16:57 - 01085440 _____ C:\Users\user\Downloads

\puush.msi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-22 22:23 - 2009-07-13 23:45 - 00031280 ____H C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-22 22:23 - 2009-07-13 23:45 - 00031280 ____H C:\Windows\system32\7B296FB0-

376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-22 22:10 - 2014-08-01 13:34 - 00000838 _____ C:\Windows\Tasks\Adobe Flash

Player Updater.job
2015-06-22 21:58 - 2015-05-01 14:25 - 00000000 ____D C:\Users\user\AppData\Roaming

\Spotify
2015-06-22 21:47 - 2014-07-31 13:50 - 01095743 _____ C:\Windows\WindowsUpdate.log
2015-06-22 21:46 - 2015-05-15 15:41 - 00001036 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineUA1d08f4f92391a7f.job
2015-06-22 21:46 - 2014-10-19 16:35 - 00001036 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineUA1cfebe48a9889ba.job
2015-06-22 21:44 - 2014-07-31 15:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-22 21:44 - 2014-07-31 15:10 - 00003510 _____ C:\Windows\System32\Tasks

\AutoKMS
2015-06-22 21:43 - 2015-05-01 14:27 - 00000000 ____D C:\Users\user\AppData\Local

\Spotify
2015-06-22 21:42 - 2015-05-15 15:41 - 00001032 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineCore1d08f4f9151c45c.job
2015-06-22 21:42 - 2015-02-04 11:42 - 00001032 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineCore1d0409993c096af.job
2015-06-22 21:42 - 2014-08-29 14:24 - 00023464 _____ C:\Windows\PFRO.log
2015-06-22 21:42 - 2014-08-29 14:12 - 00064720 _____ C:\Windows\setupact.log
2015-06-22 21:42 - 2014-07-31 15:07 - 00001032 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineCore.job
2015-06-22 21:42 - 2014-07-31 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-22 21:42 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-22 21:41 - 2014-08-01 21:13 - 00003018 _____ C:\Windows\System32\Tasks

\MSIAfterburner
2015-06-22 21:41 - 2014-08-01 13:16 - 00000000 ____D C:\Users\user\AppData\Roaming

\TS3Client
2015-06-22 21:40 - 2014-07-31 15:07 - 00001036 _____ C:\Windows\Tasks

\GoogleUpdateTaskMachineUA.job
2015-06-22 21:13 - 2014-08-03 03:36 - 00000000 ____D C:\Program Files

\SUPERAntiSpyware
2015-06-22 19:52 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-22 19:51 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft

\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-22 19:49 - 2009-07-13 23:45 - 00353952 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-22 19:47 - 2010-11-21 02:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-22 19:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-22 19:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-22 19:47 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-22 19:38 - 2014-08-01 16:25 - 01660938 _____ C:\Windows

\SysWOW64\PerfStringBackup.INI
2015-06-22 19:38 - 2010-11-21 02:09 - 00751356 _____ C:\Windows\system32\perfh00A.dat
2015-06-22 19:38 - 2010-11-21 02:09 - 00160398 _____ C:\Windows\system32\perfc00A.dat
2015-06-22 19:38 - 2009-07-14 00:13 - 01660938 _____ C:\Windows

\system32\PerfStringBackup.INI
2015-06-22 19:28 - 2014-08-01 21:52 - 00000000 ____D C:\Windows\system32\MRT
2015-06-22 13:44 - 2014-07-31 15:07 - 00002181 _____ C:\Users\Public\Desktop\Google

Chrome.lnk
2015-06-20 14:42 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-20 14:36 - 2014-08-03 05:20 - 00000000 ____D C:\Users\user\AppData\Roaming

\vlc
2015-06-19 17:56 - 2015-04-12 22:34 - 00000000 ____D C:\Users\user\AppData\Local

\Battle.net
2015-06-19 11:48 - 2015-03-06 16:59 - 00000000 ____D C:\ProgramData

\boost_interprocess
2015-06-18 16:20 - 2014-08-03 01:04 - 00000000 ____D C:\Users\user\Documents\My Games
2015-06-17 10:30 - 2014-09-05 03:11 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-06-17 10:30 - 2014-08-13 18:17 - 00000000 ____D C:\Users\user\AppData\Local

\Glyph
2015-06-17 10:30 - 2014-08-13 18:17 - 00000000 ____D C:\ProgramData\Glyph
2015-06-16 19:26 - 2015-03-30 11:23 - 00000000 ____D C:\Program Files (x86)\World of

Warcraft Classic
2015-06-16 19:25 - 2014-08-16 00:48 - 00000000 ____D C:\Nexon
2015-06-16 16:49 - 2015-04-23 03:19 - 00000000 ____D C:\Program Files

(x86)\Hearthstone
2015-06-16 10:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-15 15:07 - 2014-10-23 00:29 - 00088391 _____ C:\Windows\DirectX.log
2015-06-12 18:53 - 2014-08-09 07:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 18:30 - 2014-07-31 13:58 - 00000000 ____D C:\ProgramData\NVIDIA

Corporation
2015-06-10 09:52 - 2015-04-12 22:34 - 00000000 ____D C:\ProgramData\Blizzard

Entertainment
2015-06-09 19:11 - 2014-08-01 13:34 - 00778416 _____ (Adobe Systems Incorporated) C:

\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 19:11 - 2014-08-01 13:34 - 00142512 _____ (Adobe Systems Incorporated) C:

\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 19:11 - 2014-08-01 13:34 - 00003776 _____ C:\Windows\System32\Tasks\Adobe

Flash Player Updater
2015-06-09 18:39 - 2015-04-12 22:34 - 00000000 ____D C:\Program Files

(x86)\Battle.net
2015-06-04 12:15 - 2014-08-01 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla

Maintenance Service
2015-06-03 16:04 - 2014-08-01 16:26 - 01756424 _____ (NVIDIA Corporation) C:\Windows

\system32\nvspbridge64.dll
2015-06-03 16:04 - 2014-08-01 16:26 - 01571696 _____ (NVIDIA Corporation) C:\Windows

\system32\nvspcap64.dll
2015-06-03 16:04 - 2014-08-01 16:26 - 01320304 _____ (NVIDIA Corporation) C:\Windows

\SysWOW64\nvspcap.dll
2015-06-03 16:04 - 2014-08-01 16:26 - 01316000 _____ (NVIDIA Corporation) C:\Windows

\SysWOW64\nvspbridge.dll
2015-06-02 03:06 - 2014-08-05 19:46 - 00000000 ____D C:\Users\user\AppData\Roaming

\WizardWars
2015-05-29 18:38 - 2015-04-12 22:36 - 00000000 ____D C:\Program Files (x86)\Diablo

III
2015-05-27 18:13 - 2014-08-31 20:54 - 00001187 _____ C:\Users\user\Desktop\TELMEX.txt
2015-05-27 00:04 - 2014-08-01 21:52 - 140135120 _____ (Microsoft Corporation) C:

\Windows\system32\MRT.exe
2015-05-23 14:52 - 2014-07-31 15:26 - 00000000 ____D C:\Program Files (x86)\Guild

Wars 2

==================== Files in the root of some directories =======

2015-06-11 19:38 - 2015-06-11 19:19 - 0012005 _____ () C:\Users\user\AppData\Roaming

\alsoft.ini
2014-07-31 13:57 - 2014-07-31 13:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\user\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\user\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\user\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\user\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\user\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-13 18:21

==================== End of log ============================

Edited by computerxpds, 23 June 2015 - 07:13 AM.
Move to MRL from AII


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:40 PM

Posted 27 June 2015 - 10:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/580347 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:40 PM

Posted 02 July 2015 - 11:00 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users