Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No internet connection after virus removal


  • This topic is locked This topic is locked
5 replies to this topic

#1 senati

senati

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 01 May 2016 - 12:03 AM

Hello,

I've used malwarebytes, hitman pro, eset and other softwares to remove all the viruses which was effecting my computer. The virus would not let me download any anti-virus softwares so i used an usb stick. After removing, my internet connection was completely gone.

 

I've been trying to solve it for 2 days now and i really need help.

 

Here are the reports from FSS and MTB.

 

FSS

Farbar Service Scanner Version: 27-01-2016
Ran by Semih (administrator) on 30-04-2016 at 23:46:28
Running from "C:\Users\Semih\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
 
 
MTB:
 
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Semih (administrator) on 30-04-2016 at 23:41:54
Running from "C:\Users\Semih\Desktop"
Microsoft Windows 10 Home  (X64)
Model: Alienware 17 R3 Manufacturer: Alienware
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Killer Wireless-n/a/ac 1535 Wireless Network Adapter = Wi-Fi (Connected)
Killer e2400 Gigabit Ethernet Controller = Ethernet (Media disconnected)
TAP-Windows Adapter V9 for ZyXEL SecuExtender = Ethernet 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-GD73U1G
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 9C-B6-D0-03-EF-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...9c b6 d0 03 ef 54 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Passive Policy [2]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Critical Policy [1]
 
Error: (04/30/2016 11:36:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ESENT.dll, version: 10.0.10586.212, time stamp: 0x56fa1686
Exception code: 0xc0000602
Fault offset: 0x000000000022885f
Faulting process id: 0x984
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5
 
Error: (04/30/2016 11:36:34 PM) (Source: ESENT) (User: )
Description: svchost (2436) Terminating process due to non-recoverable failure: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)
 
Error: (04/30/2016 11:35:32 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
System errors:
=============
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2016 11:37:04 PM) (Source: Service Control Manager) (User: )
Description: The goalposts service failed to start due to the following error: 
%%2
 
Error: (04/30/2016 11:36:50 PM) (Source: Application Popup) (User: )
Description: ACPI5
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Passive Policy [2]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Critical Policy [1]
 
Error: (04/30/2016 11:36:35 PM) (Source: Application Error)(User: )
Description: svchost.exe10.0.10586.05632d7baESENT.dll10.0.10586.21256fa1686c0000602000000000022885f98401d1a36056e76cbfC:\WINDOWS\system32\svchost.exec:\windows\system32\ESENT.dll4dfe6fbc-9ee5-42b6-bc73-ef5ce06c3778
 
Error: (04/30/2016 11:36:34 PM) (Source: ESENT)(User: )
Description: svchost2436PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103)ESENT[10.0.10586.0] RETAIL RTM MBCS
 
Error: (04/30/2016 11:35:32 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-04-30 18:55:40.921
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-29 21:20:30.104
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-28 20:51:29.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-27 13:01:37.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-21 12:51:58.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-21 12:51:58.532
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-19 13:11:10.808
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-19 13:11:10.793
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-17 21:59:35.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-16 10:56:25.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Turkish (HKLM-x32\...\{AC76BA86-7AD7-1055-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Alienware Command Center (HKLM\...\{D5BC2B54-1297-4765-ABF5-FE43ED0067DD}) (Version: 4.5.16.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{D5BC2B54-1297-4765-ABF5-FE43ED0067DD}) (Version: 4.5.16.0 - Dell Inc.)
Alienware Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Alienware Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Alienware Graphics Amplifier Software Installer (HKLM\...\{6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33}) (Version: 2.0.16.0 - Dell Inc.) Hidden
Alienware Graphics Amplifier Software Installer (HKLM-x32\...\InstallShield_{6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33}) (Version: 2.0.16.0 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.19C - ) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.19C - )
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell Foundation Services (HKLM\...\{AE5E3C86-2633-4DAF-A7F4-C43D1E738BAE}) (Version: 3.1.3300.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
EMSC (HKLM-x32\...\{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.28 - Compal Electronics, Inc.) Hidden
EMSC (HKLM-x32\...\InstallShield_{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.28 - Compal Electronics, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.147 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
InternetPlus (HKLM\...\FastIn) (Version:  - Winxi)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{B2E441FA-2159-4E60-B96B-E4EFC5BF6A7D}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{41B8851B-EC69-4EE8-802B-A7FA2244DABD}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{DD801DD1-9117-4147-A319-782E85A2E25C}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1220 - Rivet Networks)
Killer Wireless Drivers (HKLM-x32\...\{18B7FD2F-D20D-42EC-BBC3-1D5C82783459}) (Version: 1.1.54.1220 - Rivet Networks)
Killer Wireless-AC 1535 Drivers (HKLM\...\{16FE2ECB-95EB-4D82-A08A-790916541014}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
LogoDesignStudio (HKLM-x32\...\{7543145B-8139-474F-94E7-0A3FF524F509}) (Version: 4.0 - Summitsoft Corporation)
M-Audio Axiom Driver 1.1.2 (x64) (HKLM\...\{15231FFA-7E2E-4289-9A9D-A87D158FA62E}) (Version: 1.1.2 - M-Audio)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MIT PHE SELECTION SOFTWARE (HKLM-x32\...\MIT PHE SELECTION SOFTWARE1.0) (Version: 1.0 - Unilab Srl)
Mozilla Firefox 43.0.4 (x86 tr) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 tr)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
NetStream 1.0 (HKCU\...\NetStream 1.0) (Version:  - )
NVIDIA 3D Vision Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{EE5FF981-6CC0-4ED1-BB01-BCE4B01EF9A4}) (Version: 1.01.00 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
SSLOptimizer (HKCU\...\SSLOptimizer) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Thunderbolt™ Software (HKLM-x32\...\{E265C71F-14DA-462C-A06A-CBA776B695F1}) (Version: 15.2.32.250 - Intel Corporation)
Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.15 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Windows Driver Package - Kionix, Inc. kxdiskprot DiskDrive  (09/09/2015 1.1.3.1) (HKLM\...\7C48956B3BC3052F5B69334CD352B95EBC640938) (Version: 09/09/2015 1.1.3.1 - Kionix, Inc.)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 8091.6 MB
Available physical RAM: 5396.04 MB
Total Virtual: 11675.6 MB
Available Virtual: 8722.32 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:106.17 GB) (Free:33.64 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:921.8 GB) NTFS
3 Drive e: () (Removable) (Total:3.74 GB) (Free:3.37 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-GD73U1G
 
Administrator            DefaultAccount           Guest                    
Semih                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
30-04-2016 02:14:44 virus
01-05-2016 03:10:59 yeni
01-05-2016 03:32:56 Restore Operation
 
**** End of log ****
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Semih (administrator) on 30-04-2016 at 23:41:54
Running from "C:\Users\Semih\Desktop"
Microsoft Windows 10 Home  (X64)
Model: Alienware 17 R3 Manufacturer: Alienware
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Killer Wireless-n/a/ac 1535 Wireless Network Adapter = Wi-Fi (Connected)
Killer e2400 Gigabit Ethernet Controller = Ethernet (Media disconnected)
TAP-Windows Adapter V9 for ZyXEL SecuExtender = Ethernet 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-GD73U1G
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 9C-B6-D0-03-EF-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 20...9c b6 d0 03 ef 54 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Passive Policy [2]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Critical Policy [1]
 
Error: (04/30/2016 11:36:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: ESENT.dll, version: 10.0.10586.212, time stamp: 0x56fa1686
Exception code: 0xc0000602
Fault offset: 0x000000000022885f
Faulting process id: 0x984
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5
 
Error: (04/30/2016 11:36:34 PM) (Source: ESENT) (User: )
Description: svchost (2436) Terminating process due to non-recoverable failure: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)
 
Error: (04/30/2016 11:35:32 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
System errors:
=============
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_4b89a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:40:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (04/30/2016 11:37:04 PM) (Source: Service Control Manager) (User: )
Description: The goalposts service failed to start due to the following error: 
%%2
 
Error: (04/30/2016 11:36:50 PM) (Source: Application Popup) (User: )
Description: ACPI5
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (04/30/2016 11:36:29 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_4a3c4 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:40:48 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 144
Executing Function:  ConfigTdpPolicy::onBindDomain
Message:  cTDP control not found in set.
Participant:  TCPU [5]
Domain:  PKG [0]
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 322
Executing Function:  ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message:  cTDP control not found in set.
Policy:  ConfigTDP Policy [0]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Passive Policy [2]
 
Error: (04/30/2016 11:37:03 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.1.10600.147) TYPE: ERROR
 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.1.10600.147
DPTF Build Date:  May 26 2015 13:35:22
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
 
Policy:  Critical Policy [1]
 
Error: (04/30/2016 11:36:35 PM) (Source: Application Error)(User: )
Description: svchost.exe10.0.10586.05632d7baESENT.dll10.0.10586.21256fa1686c0000602000000000022885f98401d1a36056e76cbfC:\WINDOWS\system32\svchost.exec:\windows\system32\ESENT.dll4dfe6fbc-9ee5-42b6-bc73-ef5ce06c3778
 
Error: (04/30/2016 11:36:34 PM) (Source: ESENT)(User: )
Description: svchost2436PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103)ESENT[10.0.10586.0] RETAIL RTM MBCS
 
Error: (04/30/2016 11:35:32 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-04-30 18:55:40.921
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-29 21:20:30.104
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-28 20:51:29.925
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-27 13:01:37.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-21 12:51:58.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-21 12:51:58.532
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-19 13:11:10.808
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-19 13:11:10.793
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-04-17 21:59:35.782
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-04-16 10:56:25.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Turkish (HKLM-x32\...\{AC76BA86-7AD7-1055-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Alienware Command Center (HKLM\...\{D5BC2B54-1297-4765-ABF5-FE43ED0067DD}) (Version: 4.5.16.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{D5BC2B54-1297-4765-ABF5-FE43ED0067DD}) (Version: 4.5.16.0 - Dell Inc.)
Alienware Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Alienware Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Alienware Graphics Amplifier Software Installer (HKLM\...\{6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33}) (Version: 2.0.16.0 - Dell Inc.) Hidden
Alienware Graphics Amplifier Software Installer (HKLM-x32\...\InstallShield_{6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33}) (Version: 2.0.16.0 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.19C - ) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.19C - )
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell Foundation Services (HKLM\...\{AE5E3C86-2633-4DAF-A7F4-C43D1E738BAE}) (Version: 3.1.3300.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
EMSC (HKLM-x32\...\{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.28 - Compal Electronics, Inc.) Hidden
EMSC (HKLM-x32\...\InstallShield_{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.28 - Compal Electronics, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.147 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
InternetPlus (HKLM\...\FastIn) (Version:  - Winxi)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{B2E441FA-2159-4E60-B96B-E4EFC5BF6A7D}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{41B8851B-EC69-4EE8-802B-A7FA2244DABD}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{DD801DD1-9117-4147-A319-782E85A2E25C}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1220 - Rivet Networks)
Killer Wireless Drivers (HKLM-x32\...\{18B7FD2F-D20D-42EC-BBC3-1D5C82783459}) (Version: 1.1.54.1220 - Rivet Networks)
Killer Wireless-AC 1535 Drivers (HKLM\...\{16FE2ECB-95EB-4D82-A08A-790916541014}) (Version: 1.1.54.1220 - Rivet Networks) Hidden
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
LogoDesignStudio (HKLM-x32\...\{7543145B-8139-474F-94E7-0A3FF524F509}) (Version: 4.0 - Summitsoft Corporation)
M-Audio Axiom Driver 1.1.2 (x64) (HKLM\...\{15231FFA-7E2E-4289-9A9D-A87D158FA62E}) (Version: 1.1.2 - M-Audio)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MIT PHE SELECTION SOFTWARE (HKLM-x32\...\MIT PHE SELECTION SOFTWARE1.0) (Version: 1.0 - Unilab Srl)
Mozilla Firefox 43.0.4 (x86 tr) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 tr)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
NetStream 1.0 (HKCU\...\NetStream 1.0) (Version:  - )
NVIDIA 3D Vision Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{EE5FF981-6CC0-4ED1-BB01-BCE4B01EF9A4}) (Version: 1.01.00 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
SSLOptimizer (HKCU\...\SSLOptimizer) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Thunderbolt™ Software (HKLM-x32\...\{E265C71F-14DA-462C-A06A-CBA776B695F1}) (Version: 15.2.32.250 - Intel Corporation)
Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.15 - Synaptics Incorporated)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Windows Driver Package - Kionix, Inc. kxdiskprot DiskDrive  (09/09/2015 1.1.3.1) (HKLM\...\7C48956B3BC3052F5B69334CD352B95EBC640938) (Version: 09/09/2015 1.1.3.1 - Kionix, Inc.)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 8091.6 MB
Available physical RAM: 5396.04 MB
Total Virtual: 11675.6 MB
Available Virtual: 8722.32 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:106.17 GB) (Free:33.64 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:921.8 GB) NTFS
3 Drive e: () (Removable) (Total:3.74 GB) (Free:3.37 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-GD73U1G
 
Administrator            DefaultAccount           Guest                    
Semih                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
30-04-2016 02:14:44 virus
01-05-2016 03:10:59 yeni
01-05-2016 03:32:56 Restore Operation
 
**** End of log ****
 
 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:27 PM

Posted 01 May 2016 - 07:07 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Download the file to a flash drive with a good computer and copy the program to the Desktop of the compromised computer.

Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Please post both the logs for my review.

Wait for further instructions.

#3 senati

senati
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 01 May 2016 - 10:05 AM

Hello and thank you very much for your reply.

 

Please see below and attachment as per your request. You will also see a folder called 'gorecki'. It appeared with the virus and now although i remove it it keeps coming back. Maybe you can help me with that too.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-04-2016
Ran by Semih (administrator) on DESKTOP-GD73U1G (01-05-2016 09:39:55)
Running from E:\
Loaded Profiles: Semih (Available Profiles: Semih)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe" -- "%1")
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(mania) C:\Windows\rowes.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Compal Inc.) C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [35576 2015-06-30] (Alienware)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795728 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3955320 2015-12-24] (Synaptics Incorporated)
HKLM\...\Run: [IDSCCOMS4V] => "C:\Program Files (x86)\EasyHotspot\idsccom_S4V.exe"
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [3746560 2015-04-02] (Compal Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-03-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [uTorrent] => C:\Users\Semih\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-11] (BitTorrent Inc.)
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [majid] => "C:\Program Files (x86)\gorecki\majid.exe"
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [streit] => "C:\Program Files (x86)\bournemouth\electable.exe"
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [cater] => "C:\Program Files (x86)\vocations\afi.exe"
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\Run: [whomever] => "C:\Program Files (x86)\gorecki\brothers.exe"
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\...\RunOnce: [Uninstall C:\Users\Semih\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Semih\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-04-30]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Semih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2016-04-30]
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <======= ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM-x32] => Proxy is enabled.
ProxyServer: [HKLM-x32] => http=127.0.0.1:8877;https=127.0.0.1:8877
AutoConfigURL: [HKLM] => http=127.0.0.1:8877;https=127.0.0.1:8877
Tcpip\..\Interfaces\{a3cfc7b4-cd3f-4557-b3c1-0cf135d785de}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c835d495-ba6d-4a0d-95d0-cb9d280db9e8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c835d495-ba6d-4a0d-95d0-cb9d280db9e8}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-us
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2529008316-725978154-3749350723-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
SearchScopes: HKU\S-1-5-21-2529008316-725978154-3749350723-1001 -> {BED5C324-4DB2-4CE6-9163-2530C1B07A47} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-03] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-03] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation)
DPF: HKLM-x32 {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} hxxps://85.97.120.36/ext-js/web-pages/portal/SecuExtender.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Semih\AppData\Roaming\Mozilla\Firefox\Profiles\qms9lsas.default
FF DefaultSearchEngine: Search Module
FF Homepage: user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-09] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Semih\AppData\Roaming\Mozilla\Firefox\Profiles\qms9lsas.default\user.js [2016-04-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=G4Uzamobl11426BO,aef8d47a-71ee-4ca5-864e-22976f748af1,&vp=ch&prd=set_ch
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shyos&prd=set_ch&q={searchTerms}&s=G4Uzamobl11426BO,aef8d47a-71ee-4ca5-864e-22976f748af1,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-24]
CHR Extension: (Google Drive) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-24]
CHR Extension: (YouTube) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-24]
CHR Extension: (Google Search) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-24]
CHR Extension: (Google Docs Offline) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Semih\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome334.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [326392 2015-12-01] (Windows ® Win 7 DDK provider)
R2 AxiomAudioDevMon; C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2838768 2016-04-03] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [588904 2015-07-25] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-29] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [133640 2015-06-05] (Creative Technology Ltd)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [119656 2016-01-15] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-05-27] (Intel Corporation)
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [36112 2015-07-23] (Alienware)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [350312 2015-07-25] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [413696 2015-07-07] (Rivet Networks) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 podge; C:\WINDOWS\rowes.exe [8192 2016-04-29] (mania) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2015-12-24] (Synaptics Incorporated)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1723048 2015-06-10] (Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [44928 2014-03-28] ()
S2 goalposts; C:\WINDOWS\cheaters.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1075496 2015-06-05] (Creative Technology Ltd)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-05-27] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43000 2015-05-27] (Intel Corporation)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [36424 2015-07-13] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [33864 2015-07-13] ()
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-05-27] (Intel Corporation)
R3 KillerEth; C:\Windows\System32\drivers\e24w10x64.sys [124464 2015-04-27] (Qualcomm Atheros, Inc.)
R3 kiox_ff_driver; C:\Windows\System32\drivers\kiox_ff_driver.sys [51304 2015-10-02] (Kionix, Inc.)
R0 kxdiskprot; C:\Windows\System32\DRIVERS\kxdiskprot.sys [40016 2015-09-18] (Kionix, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2327040 2015-10-30] (Qualcomm Atheros, Inc.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [752856 2015-05-29] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51320 2015-12-24] (Synaptics Incorporated)
R3 tap0901_zyxel; C:\Windows\System32\drivers\tap0901_zyxel.sys [36408 2014-01-15] (The OpenVPN Project)
S3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-04-30] (Webroot)
S1 bhyrvbev; \??\C:\WINDOWS\system32\drivers\bhyrvbev.sys [X]
S1 blefpaun; \??\C:\WINDOWS\system32\drivers\blefpaun.sys [X]
U2 TMAgent; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-01 07:10 - 2016-05-01 07:09 - 00891392 _____ (Farbar) C:\Users\Semih\Desktop\MiniToolBox.exe
2016-04-30 23:41 - 2016-04-30 23:42 - 00038066 _____ C:\Users\Semih\Desktop\MTB.txt
2016-04-30 23:33 - 2016-04-30 23:33 - 00000000 ____D C:\WINDOWS\ERDNT
2016-04-30 23:32 - 2016-04-30 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2016-04-30 23:32 - 2016-04-30 23:32 - 00000000 ____D C:\Program Files (x86)\ERUNT
2016-04-30 23:25 - 2016-04-30 23:46 - 00002281 _____ C:\Users\Semih\Desktop\FSS.txt
2016-04-30 23:23 - 2016-04-30 23:23 - 00000000 ____D C:\Users\Semih\AppData\Local\ElevatedDiagnostics
2016-04-30 23:19 - 2016-05-01 07:11 - 01282568 _____ (Avira Operations GmbH & Co. KG) C:\Users\Semih\Desktop\AviraDNSRepairEN.exe
2016-04-30 23:19 - 2016-05-01 07:08 - 01586165 _____ C:\Users\Semih\Desktop\ComIntRepair.exe
2016-04-30 23:19 - 2016-05-01 06:54 - 00899584 _____ (Farbar) C:\Users\Semih\Desktop\FSS.exe
2016-04-30 21:32 - 2016-04-30 21:32 - 00485272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-30 20:57 - 2016-04-30 22:43 - 00000000 ____D C:\Users\Semih\AppData\Local\Trend Micro
2016-04-30 20:02 - 2016-04-30 22:44 - 00000000 ____D C:\ProgramData\Trend Micro
2016-04-30 20:01 - 2016-04-30 20:01 - 00000036 _____ C:\Users\Semih\AppData\Local\housecall.guid.cache
2016-04-30 19:28 - 2016-04-30 19:28 - 00000000 ____D C:\Users\Semih\AppData\Local\ESET
2016-04-30 18:54 - 2016-04-30 18:54 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2016-04-30 18:54 - 2016-04-30 18:54 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-04-30 18:53 - 2016-04-30 18:53 - 00096010 _____ C:\TDSSKiller.3.1.0.9_30.04.2016_18.53.11_log.txt
2016-04-30 18:52 - 2016-04-30 18:53 - 00000000 ____D C:\ProgramData\MFAData
2016-04-30 18:52 - 2016-04-30 18:52 - 00000000 ____D C:\Users\Semih\AppData\Local\MFAData
2016-04-30 18:52 - 2016-04-30 18:52 - 00000000 ____D C:\Users\Semih\AppData\Local\Avg2015
2016-04-30 18:35 - 2016-04-30 18:41 - 00000000 ____D C:\ProgramData\Killer
2016-04-30 18:35 - 2016-04-30 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-04-30 18:35 - 2016-04-30 18:35 - 00000000 _____ C:\Users\Semih\AppData\Local\Driver_LOM_8171Present.flag
2016-04-30 18:35 - 2016-04-30 18:35 - 00000000 _____ C:\Users\Semih\AppData\Local\Driver_1535Present.flag
2016-04-30 18:12 - 2016-04-30 18:12 - 00000000 ____D C:\Program Files (x86)\gorecki
2016-04-30 17:00 - 2016-04-30 17:07 - 00004008 _____ C:\WINDOWS\System32\Tasks\a21AWduVuzzCjCeXZj0IJ-ni-2016-04-29-ni-11426-ni-1
2016-04-30 16:49 - 2016-05-01 09:39 - 00004406 _____ C:\WINDOWS\System32\Tasks\b66688983
2016-04-30 16:49 - 2016-05-01 09:39 - 00004400 _____ C:\WINDOWS\System32\Tasks\a66688983
2016-04-30 16:49 - 2016-04-30 19:55 - 00000000 ____D C:\Users\Semih\AppData\LocalLow\uTorrent
2016-04-30 16:46 - 2016-04-30 16:46 - 00005458 _____ C:\WINDOWS\system32\.crusader
2016-04-30 13:14 - 2016-04-30 13:14 - 00001851 _____ C:\Users\Public\Desktop\KKIOK.lnk
2016-04-30 12:59 - 2016-04-30 12:59 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-30 12:56 - 2016-04-30 12:56 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-30 12:56 - 2016-04-30 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-30 12:56 - 2016-04-30 12:56 - 00000000 ____D C:\Program Files\CCleaner
2016-04-30 12:52 - 2016-04-30 12:52 - 00117728 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2016-04-30 12:52 - 2016-04-30 12:52 - 00000000 ____D C:\ProgramData\WRData
2016-04-30 12:42 - 2016-04-30 16:46 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-30 12:40 - 2016-04-30 12:40 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-30 12:18 - 2016-04-30 12:22 - 00027539 _____ C:\Users\Semih\Downloads\FRST.txt
2016-04-30 12:18 - 2016-04-30 12:22 - 00000000 ____D C:\FRST
2016-04-30 12:18 - 2016-04-30 12:21 - 00043410 _____ C:\Users\Semih\Downloads\Addition.txt
2016-04-30 12:16 - 2016-04-30 12:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_kiox_ff_driver_01011.Wdf
2016-04-30 12:15 - 2016-04-30 12:15 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-04-30 12:15 - 2015-09-18 16:34 - 00040016 _____ (Kionix, Inc.) C:\WINDOWS\system32\Drivers\kxdiskprot.sys
2016-04-30 12:08 - 2016-04-30 12:08 - 00000000 ____D C:\Users\Semih\AppData\Local\Geckofx
2016-04-30 11:48 - 2016-04-30 11:48 - 00000000 ____D C:\SUPERDelete
2016-04-30 11:46 - 2016-04-30 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-04-30 11:46 - 2016-04-30 22:50 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-04-30 11:44 - 2016-04-30 11:45 - 00183640 _____ C:\TDSSKiller.3.1.0.9_30.04.2016_11.44.52_log.txt
2016-04-30 11:15 - 2016-04-30 18:03 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-30 11:09 - 2016-04-30 20:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-30 11:09 - 2016-04-30 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-30 11:08 - 2016-04-30 13:13 - 00003218 _____ C:\Users\Semih\Desktop\Rkill.txt
2016-04-30 11:08 - 2016-04-30 13:13 - 00000000 ____D C:\Users\Semih\Desktop\rkill
2016-04-30 10:25 - 2016-05-01 00:05 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5FC4575B-09D8-483C-878C-23F5879B40DE}
2016-04-29 21:29 - 2016-04-29 21:29 - 01426020 _____ C:\Users\Semih\Downloads\aesetup2.6.zip
2016-04-29 21:26 - 2016-04-29 21:27 - 00000000 ____D C:\AdwCleaner
2016-04-29 21:22 - 2016-04-29 21:26 - 03581504 _____ C:\Users\Semih\Downloads\adwcleaner_5.114.exe
2016-04-29 21:21 - 2016-04-29 21:22 - 47116504 _____ (Microsoft Corporation) C:\Users\Semih\Downloads\Windows-KB890830-x64-V5.35.exe
2016-04-29 21:15 - 2016-04-30 22:07 - 00000000 ___HD C:\$SysReset
2016-04-29 21:08 - 2016-04-29 21:08 - 00888848 _____ (Microsoft Corporation) C:\Users\Semih\Downloads\mssstool64.exe
2016-04-29 21:03 - 2016-04-30 13:00 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-04-29 21:00 - 2016-04-30 11:21 - 00000000 ____D C:\ProgramData\296a55d1-6483-1
2016-04-29 21:00 - 2016-04-30 11:21 - 00000000 ____D C:\ProgramData\296a55d1-3137-0
2016-04-29 21:00 - 2016-04-29 21:00 - 00003784 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2016-04-29 21:00 - 2016-04-29 21:00 - 00000055 _____ C:\WINDOWS\key.ini
2016-04-29 21:00 - 2016-04-29 21:00 - 00000000 ____D C:\Users\Semih\AppData\Local\CrashRpt
2016-04-29 21:00 - 2016-04-29 21:00 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2016-04-29 21:00 - 2016-04-29 21:00 - 00000000 ____D C:\Program Files (x86)\InternetPlus
2016-04-29 20:59 - 2016-04-30 17:05 - 00003918 _____ C:\WINDOWS\System32\Tasks\P221AWduVuzzCjCeXZj0IJ
2016-04-29 20:59 - 2016-04-29 21:00 - 00000000 ____D C:\a
2016-04-29 20:59 - 2016-04-29 21:00 - 00000000 _____ C:\Users\Semih\AppData\Local\stxtname.txt
2016-04-29 20:59 - 2016-04-29 20:59 - 00356864 _____ C:\ProgramData\smp2.exe
2016-04-29 20:59 - 2016-04-29 20:59 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-04-29 20:59 - 2016-04-29 20:59 - 00002560 _____ C:\Users\Semih\AppData\Local\uninstallssl.exe
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 ____H C:\WINDOWS\system32\BIT9559.tmp
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 ____D C:\Users\Semih\AppData\Local\csdi_monetize_120160429
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files\Common Files\Doobzo
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 _____ C:\Users\Semih\AppData\Local\tr5b.txt
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 _____ C:\Users\Semih\AppData\Local\run.txt
2016-04-29 20:59 - 2016-04-29 20:59 - 00000000 _____ C:\Users\Semih\AppData\Local\aatxtname.txt
2016-04-29 20:58 - 2016-04-29 20:58 - 00040448 _____ (windows) C:\WINDOWS\whigham.exe
2016-04-29 20:58 - 2016-04-29 20:58 - 00008192 _____ (mania) C:\WINDOWS\rowes.exe
2016-04-29 20:58 - 2016-04-29 20:58 - 00006144 _____ C:\WINDOWS\dll.dll
2016-04-29 20:44 - 2016-04-29 20:44 - 23932824 _____ (Foxit Corporation ) C:\Users\Semih\Downloads\FoxitAdvancedPDFEditor31_enu_Setup.exe
2016-04-27 13:04 - 2016-04-27 13:04 - 00098119 _____ C:\Users\Semih\Desktop\CV_semih-kocahasan_106180131 (3).pdf
2016-04-27 13:03 - 2016-04-27 13:03 - 01021440 _____ C:\Users\Semih\Downloads\FreePDFEditor.exe
2016-04-27 13:00 - 2016-04-27 13:00 - 00000000 ____D C:\ProgramData\TEMP
2016-04-27 12:59 - 2016-04-30 12:11 - 00000000 ____D C:\Users\Semih\Documents\Quick-PDF PDF to Word
2016-04-27 12:49 - 2016-04-27 12:49 - 00000000 ____D C:\Users\Semih\AppData\Roaming\Wondershare
2016-04-27 12:49 - 2016-04-27 12:49 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-04-27 12:48 - 2016-04-27 12:49 - 00808592 _____ C:\Users\Semih\Downloads\pdfelement_setup_full1140.exe
2016-04-27 12:44 - 2016-04-27 12:44 - 00128855 _____ C:\Users\Semih\Downloads\CV_semih-kocahasan_.pdf
2016-04-27 12:28 - 2016-04-27 12:28 - 00144939 _____ C:\Users\Semih\Downloads\CV_semih-kocahasan_106180131 (2).pdf
2016-04-26 12:55 - 2016-04-22 00:34 - 00028160 _____ C:\Users\Semih\Desktop\Bordro ŞUBAT 2016.xls
2016-04-26 12:55 - 2016-04-22 00:34 - 00028160 _____ C:\Users\Semih\Desktop\Bordro OCAK 2016.xls
2016-04-26 12:55 - 2016-04-22 00:34 - 00028160 _____ C:\Users\Semih\Desktop\Bordro MART 2016.xls
2016-04-26 12:55 - 2016-04-22 00:34 - 00028160 _____ C:\Users\Semih\Desktop\Bordro KASIM 2015.xls
2016-04-26 12:55 - 2016-04-22 00:34 - 00028160 _____ C:\Users\Semih\Desktop\Bordro ARALIK 2015.xls
2016-04-21 21:29 - 2016-04-21 21:29 - 05057792 _____ C:\Users\Semih\Desktop\Instruction Manual for PHE - Ekin Industrial.pdf
2016-04-21 19:34 - 2016-04-21 19:34 - 00028177 _____ C:\Users\Semih\Downloads\FW%3a_BORDRO.zip
2016-04-20 16:03 - 2016-04-20 16:03 - 00738368 _____ (Oracle Corporation) C:\Users\Semih\Downloads\JavaSetup8u91 (1).exe
2016-04-20 15:36 - 2016-04-20 15:38 - 00738368 _____ (Oracle Corporation) C:\Users\Semih\Downloads\JavaSetup8u91.exe
2016-04-20 12:28 - 2016-04-20 12:28 - 00144939 _____ C:\Users\Semih\Downloads\CV_semih-kocahasan_106180131 (1).pdf
2016-04-20 12:28 - 2016-04-20 12:28 - 00144939 _____ C:\Users\Semih\Desktop\CV_semih-kocahasan_106180131 (1) (1).pdf
2016-04-20 12:24 - 2016-04-20 12:24 - 00143433 _____ C:\Users\Semih\Downloads\CV_semih-kocahasan_106180131.pdf
2016-04-19 21:15 - 2016-04-19 21:15 - 00005120 _____ C:\Users\Semih\AppData\Local\ddnow.exe
2016-04-19 21:14 - 2016-04-19 21:14 - 00005632 _____ C:\Users\Semih\AppData\Local\ddnow4.exe
2016-04-19 18:59 - 2016-04-19 18:59 - 00005255 _____ C:\Users\Semih\Downloads\aHR0cDovL3d3dy5jbG91ZHkuZWMvdi9mYjA4NGY5NmRhM2Fi.htm
2016-04-19 17:14 - 2016-04-19 17:14 - 00128192 _____ C:\Users\Semih\Downloads\download (3)
2016-04-19 17:03 - 2016-04-19 17:03 - 00128301 _____ C:\Users\Semih\Downloads\download (1)
2016-04-19 17:03 - 2016-04-19 17:03 - 00128192 _____ C:\Users\Semih\Downloads\download (2)
2016-04-19 17:03 - 2016-04-19 17:03 - 00128192 _____ C:\Users\Semih\Downloads\download
2016-04-19 16:45 - 2016-04-19 16:45 - 00000000 ____D C:\Users\Semih\Desktop\gt
2016-04-16 20:51 - 2016-04-17 01:51 - 00014874 _____ C:\Users\Semih\Desktop\Income Statement Example.xlsx
2016-04-16 20:51 - 2016-04-16 23:44 - 00014817 _____ C:\Users\Semih\Desktop\Start Up Cost Workshhet.xlsx
2016-04-16 20:51 - 2016-04-16 20:51 - 00029673 _____ C:\Users\Semih\Downloads\Adsız_İleti.zip
2016-04-14 14:42 - 2013-08-22 07:40 - 00040664 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2016-04-14 13:54 - 2016-04-14 13:54 - 00125008 _____ C:\Users\Semih\Desktop\CROPHEX INC.pdf
2016-04-14 13:36 - 2016-04-14 13:36 - 00353442 _____ C:\Users\Semih\Downloads\Certified Copy of Certificate of Formation of CROPHEX INC. (1).pdf
2016-04-14 13:35 - 2016-04-14 13:35 - 00395708 _____ C:\Users\Semih\Downloads\FW%3a_IRS_BELGELER.zip
2016-04-14 12:51 - 2016-04-01 23:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-14 12:51 - 2016-04-01 22:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-14 12:51 - 2016-04-01 22:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-14 12:51 - 2016-04-01 22:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-14 12:51 - 2016-04-01 22:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 12:51 - 2016-04-01 22:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 12:51 - 2016-04-01 22:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-14 12:51 - 2016-04-01 22:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 12:51 - 2016-04-01 22:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-14 12:51 - 2016-04-01 22:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 12:51 - 2016-04-01 22:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 12:51 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 12:51 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 12:51 - 2016-03-29 05:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-14 12:51 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 12:51 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 12:51 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 12:51 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-14 12:51 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 12:51 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-14 12:51 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 12:51 - 2016-03-29 04:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-14 12:51 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-14 12:51 - 2016-03-29 04:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 12:51 - 2016-03-29 03:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-14 12:51 - 2016-03-29 03:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 12:51 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 12:51 - 2016-03-29 03:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-14 12:51 - 2016-03-29 03:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-14 12:51 - 2016-03-29 03:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 12:51 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-14 12:51 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-14 12:51 - 2016-03-29 02:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-14 12:51 - 2016-03-29 02:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-14 12:51 - 2016-03-29 02:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-14 12:51 - 2016-03-29 02:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-14 12:51 - 2016-03-29 02:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-14 12:51 - 2016-03-29 02:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-14 12:51 - 2016-03-29 02:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-14 12:51 - 2016-03-29 02:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-14 12:51 - 2016-03-29 02:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-14 12:51 - 2016-03-29 02:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-14 12:51 - 2016-03-29 02:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-14 12:51 - 2016-03-29 02:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-14 12:51 - 2016-03-29 02:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-14 12:51 - 2016-03-29 02:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 12:51 - 2016-03-29 02:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-14 12:51 - 2016-03-29 02:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-14 12:51 - 2016-03-29 02:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-14 12:51 - 2016-03-29 02:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-14 12:51 - 2016-03-29 02:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-14 12:51 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-14 12:51 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-14 12:51 - 2016-03-29 02:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 12:51 - 2016-03-29 02:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-14 12:51 - 2016-03-29 02:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-14 12:51 - 2016-03-29 02:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-14 12:51 - 2016-03-29 02:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-14 12:51 - 2016-03-29 02:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-14 12:51 - 2016-03-29 02:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-14 12:51 - 2016-03-29 02:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-14 12:51 - 2016-03-29 02:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-14 12:51 - 2016-03-29 02:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-14 12:51 - 2016-03-29 01:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-14 12:51 - 2016-03-29 01:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-14 12:51 - 2016-03-29 01:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-14 12:51 - 2016-03-29 01:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 12:51 - 2016-03-29 01:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-14 12:51 - 2016-03-29 01:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-14 12:51 - 2016-03-29 01:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 12:51 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-14 12:51 - 2016-03-29 01:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-14 12:51 - 2016-03-29 01:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-14 12:51 - 2016-03-29 01:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-14 12:51 - 2016-03-29 01:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-14 12:51 - 2016-03-29 01:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-14 12:51 - 2016-03-29 01:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-14 12:51 - 2016-03-29 01:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-14 12:51 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-14 12:51 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-14 12:51 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-14 12:51 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-14 12:51 - 2016-03-29 01:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-14 12:51 - 2016-03-29 01:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-14 12:51 - 2016-03-29 01:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-14 12:51 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-14 12:51 - 2016-03-29 01:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-14 12:51 - 2016-03-29 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-14 12:51 - 2016-03-29 01:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-14 12:51 - 2016-03-29 01:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 12:51 - 2016-03-29 01:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-14 12:51 - 2016-03-29 01:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-14 12:51 - 2016-03-29 00:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-14 12:51 - 2016-03-29 00:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-14 12:51 - 2016-03-29 00:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-14 12:51 - 2016-03-29 00:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 12:51 - 2016-03-29 00:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-14 12:51 - 2016-03-29 00:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-14 12:51 - 2016-03-29 00:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-14 12:51 - 2016-03-29 00:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-14 12:51 - 2016-03-29 00:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 12:51 - 2016-03-29 00:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 12:51 - 2016-03-29 00:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 12:51 - 2016-03-29 00:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 12:51 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-14 12:51 - 2016-03-29 00:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 12:51 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-14 12:51 - 2016-03-29 00:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 12:51 - 2016-03-29 00:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 12:51 - 2016-03-29 00:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-14 12:50 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-14 12:50 - 2016-04-01 23:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 12:50 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-14 12:50 - 2016-04-01 22:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-14 12:50 - 2016-04-01 22:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-14 12:50 - 2016-04-01 22:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-14 12:50 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-14 12:50 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-14 12:50 - 2016-04-01 22:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-14 12:50 - 2016-04-01 22:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-14 12:50 - 2016-04-01 22:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-14 12:50 - 2016-04-01 22:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-14 12:50 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-14 12:50 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-14 12:50 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-14 12:50 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-14 12:50 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-14 12:50 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-14 12:50 - 2016-03-29 04:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-14 12:50 - 2016-03-29 04:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-14 12:50 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-14 12:50 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-14 12:50 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-14 12:50 - 2016-03-29 04:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-14 12:50 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-14 12:50 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-14 12:50 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-14 12:50 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-14 12:50 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-14 12:50 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-14 12:50 - 2016-03-29 03:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-14 12:50 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-14 12:50 - 2016-03-29 03:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-14 12:50 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-14 12:50 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-14 12:50 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-14 12:50 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-14 12:50 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-14 12:50 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-14 12:50 - 2016-03-29 03:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-14 12:50 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-14 12:50 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-14 12:50 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-14 12:50 - 2016-03-29 03:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-14 12:50 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-14 12:50 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-14 12:50 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-14 12:50 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-14 12:50 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-14 12:50 - 2016-03-29 03:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-14 12:50 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-14 12:50 - 2016-03-29 02:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-14 12:50 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 12:50 - 2016-03-29 02:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-14 12:50 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-14 12:50 - 2016-03-29 02:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-14 12:50 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-14 12:50 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-14 12:50 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 12:50 - 2016-03-29 02:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-14 12:50 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 12:50 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-14 12:50 - 2016-03-29 02:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-14 12:50 - 2016-03-29 02:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-14 12:50 - 2016-03-29 02:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-14 12:50 - 2016-03-29 02:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-14 12:50 - 2016-03-29 02:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 12:50 - 2016-03-29 02:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-14 12:50 - 2016-03-29 02:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-14 12:50 - 2016-03-29 02:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-14 12:50 - 2016-03-29 02:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-14 12:50 - 2016-03-29 02:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 12:50 - 2016-03-29 02:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-14 12:50 - 2016-03-29 02:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-14 12:50 - 2016-03-29 02:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-14 12:50 - 2016-03-29 02:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-14 12:50 - 2016-03-29 02:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-14 12:50 - 2016-03-29 02:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-14 12:50 - 2016-03-29 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-14 12:50 - 2016-03-29 02:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-14 12:50 - 2016-03-29 02:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-14 12:50 - 2016-03-29 02:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-14 12:50 - 2016-03-29 02:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 12:50 - 2016-03-29 02:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-14 12:50 - 2016-03-29 02:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-14 12:50 - 2016-03-29 02:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-14 12:50 - 2016-03-29 02:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-14 12:50 - 2016-03-29 02:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-14 12:50 - 2016-03-29 02:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 12:50 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 12:50 - 2016-03-29 02:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-14 12:50 - 2016-03-29 02:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-14 12:50 - 2016-03-29 02:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-14 12:50 - 2016-03-29 02:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-14 12:50 - 2016-03-29 02:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 12:50 - 2016-03-29 02:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-14 12:50 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-14 12:50 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-14 12:50 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-14 12:50 - 2016-03-29 02:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-14 12:50 - 2016-03-29 02:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-14 12:50 - 2016-03-29 02:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-14 12:50 - 2016-03-29 02:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-14 12:50 - 2016-03-29 02:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-14 12:50 - 2016-03-29 02:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-14 12:50 - 2016-03-29 02:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-14 12:50 - 2016-03-29 02:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-14 12:50 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 12:50 - 2016-03-29 02:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-14 12:50 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-14 12:50 - 2016-03-29 02:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-14 12:50 - 2016-03-29 02:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-14 12:50 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-14 12:50 - 2016-03-29 02:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-14 12:50 - 2016-03-29 02:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-14 12:50 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 12:50 - 2016-03-29 02:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 12:50 - 2016-03-29 02:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-14 12:50 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-14 12:50 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-14 12:50 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-14 12:50 - 2016-03-29 02:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-14 12:50 - 2016-03-29 02:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-14 12:50 - 2016-03-29 02:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-14 12:50 - 2016-03-29 01:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-14 12:50 - 2016-03-29 01:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-14 12:50 - 2016-03-29 01:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-14 12:50 - 2016-03-29 01:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-14 12:50 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-14 12:50 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-14 12:50 - 2016-03-29 01:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-14 12:50 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-14 12:50 - 2016-03-29 01:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-14 12:50 - 2016-03-29 01:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-14 12:50 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-14 12:50 - 2016-03-29 01:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-14 12:50 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 12:50 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-14 12:50 - 2016-03-29 01:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-14 12:50 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-14 12:50 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-14 12:50 - 2016-03-29 01:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-14 12:50 - 2016-03-29 01:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-14 12:50 - 2016-03-29 01:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 12:50 - 2016-03-29 01:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-14 12:50 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-14 12:50 - 2016-03-29 01:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-14 12:50 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-14 12:50 - 2016-03-29 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-14 12:50 - 2016-03-29 01:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-14 12:50 - 2016-03-29 01:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-14 12:50 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-14 12:50 - 2016-03-29 01:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-14 12:50 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-14 12:50 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-14 12:50 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-14 12:50 - 2016-03-29 01:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-14 12:50 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-14 12:50 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 12:50 - 2016-03-29 01:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-14 12:50 - 2016-03-29 01:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-14 12:50 - 2016-03-29 01:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-14 12:50 - 2016-03-29 01:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 12:50 - 2016-03-29 01:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-14 12:50 - 2016-03-29 01:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-14 12:50 - 2016-03-29 01:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-14 12:50 - 2016-03-29 00:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-14 12:50 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-14 12:50 - 2016-03-29 00:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-14 12:50 - 2016-03-29 00:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-14 12:50 - 2016-03-29 00:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-14 12:50 - 2016-03-29 00:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-14 12:50 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-14 12:50 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-14 12:50 - 2016-03-29 00:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 21:03 - 2016-04-18 23:25 - 00010485 _____ C:\Users\Semih\Desktop\Siparis adetleri.xlsx
2016-04-13 20:46 - 2016-04-13 20:46 - 00015797 _____ C:\Users\Semih\Downloads\1460595960_31009_73_226_30_45.dat
2016-04-13 17:01 - 2016-04-13 17:01 - 00762681 _____ C:\Users\Semih\Desktop\MIT 514 Drawing.pdf
2016-04-13 17:00 - 2016-04-13 17:01 - 00080157 _____ C:\Users\Semih\Desktop\SEC-514-17-13042016-SK.pdf
2016-04-12 20:53 - 2016-04-12 20:53 - 05399376 _____ C:\Users\Semih\Downloads\FW%3a_.zip
2016-04-12 20:53 - 2016-04-12 20:53 - 05399376 _____ C:\Users\Semih\Downloads\FW%3a_ (1).zip
2016-04-12 18:38 - 2016-04-12 18:38 - 00006144 _____ C:\Users\Semih\AppData\Local\cap.exe
2016-04-12 18:37 - 2016-04-12 18:37 - 00006144 _____ C:\Users\Semih\AppData\Local\cap4.exe
2016-04-12 18:18 - 2016-04-12 18:18 - 00175616 _____ C:\Users\Semih\Downloads\licenses.xls
2016-04-12 11:59 - 2016-04-12 11:59 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-04-12 11:59 - 2016-04-12 11:59 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-04-12 11:48 - 2016-04-16 23:44 - 00017010 _____ C:\Users\Semih\Desktop\P%26L Semih.xlsx
2016-04-12 11:31 - 2016-04-12 11:31 - 00043261 _____ C:\Users\Semih\Downloads\business_plan (3).odt
2016-04-12 02:02 - 2016-04-30 21:11 - 00000000 ____D C:\WINDOWS\AutoKMS
2016-04-12 02:01 - 2016-04-15 12:21 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-12 02:00 - 2016-04-12 02:00 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-12 02:00 - 2016-04-12 02:00 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-04-12 02:00 - 2016-04-12 02:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-04-12 02:00 - 2016-04-12 02:00 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-04-12 01:59 - 2016-04-12 02:00 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-12 01:59 - 2016-04-12 01:59 - 00000000 __RHD C:\MSOCache
2016-04-12 01:59 - 2016-04-12 01:59 - 00000000 ____D C:\Users\Semih\AppData\Local\Microsoft Help
2016-04-12 01:59 - 2016-04-12 01:59 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2016-04-12 01:59 - 2016-04-12 01:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-04-12 01:58 - 2012-07-15 10:48 - 00030720 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapoas.sys
2016-04-12 01:57 - 2016-04-12 01:57 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-04-12 01:37 - 2016-04-29 21:01 - 00000000 ____D C:\Users\Semih\Downloads\Microsoft Office Professional Plus 2013
2016-04-11 21:17 - 2016-04-11 21:21 - 01959424 _____ (BitTorrent Inc.) C:\Users\Semih\Downloads\uTorrent (1).exe
2016-04-11 13:09 - 2016-04-11 13:09 - 00000000 __HDC C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-04-10 17:43 - 2016-04-10 17:43 - 00086110 ____T C:\Users\Semih\Desktop\INTERNET FATURA.pdf
2016-04-07 07:31 - 2016-04-07 07:31 - 00353442 _____ C:\Users\Semih\Downloads\Certified Copy of Certificate of Formation of CROPHEX INC..pdf
2016-04-07 07:30 - 2016-04-07 07:30 - 00053580 _____ C:\Users\Semih\Downloads\SS-4 Form for Crophex Inc- Processed with EIN (Tax ID) (1).pdf
2016-04-07 00:55 - 2016-04-07 00:55 - 00272714 _____ C:\Users\Semih\Desktop\aq2s-ahri-certified-plate-heat-exchanger.pdf
2016-04-06 13:31 - 2016-04-06 13:31 - 00086436 _____ C:\Users\Semih\Downloads\document.pdf
2016-04-05 07:26 - 2016-04-05 07:26 - 00007680 _____ C:\Users\Semih\AppData\Local\tinstall.exe
2016-04-05 07:25 - 2016-04-05 07:25 - 00007680 _____ C:\Users\Semih\AppData\Local\tinstall4.exe
2016-04-04 10:09 - 2016-04-04 10:09 - 02239485 _____ C:\Users\Semih\Downloads\Kelvion-PHE-Image-EN-Screen_rel.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-01 09:38 - 2016-01-16 00:16 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-01 09:38 - 2015-12-24 02:18 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-01 09:38 - 2015-12-24 01:46 - 00000000 __SHD C:\Users\Semih\IntelGraphicsProfiles
2016-05-01 09:38 - 2015-10-30 02:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-01 09:38 - 2015-10-25 07:53 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-01 00:05 - 2016-01-16 00:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-01 00:05 - 2016-01-16 00:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-01 00:04 - 2015-10-30 01:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-30 23:37 - 2015-12-24 02:18 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-30 23:37 - 2015-12-24 01:46 - 00000000 ____D C:\Users\Semih\AppData\Local\VirtualStore
2016-04-30 23:23 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-30 22:44 - 2015-10-30 02:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-30 22:37 - 2016-01-16 00:17 - 00000000 ____D C:\Users\Semih
2016-04-30 22:37 - 2015-10-30 01:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-30 22:35 - 2016-02-25 20:24 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-04-30 22:35 - 2015-10-30 02:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-30 22:34 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\registration
2016-04-30 22:04 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-04-30 22:00 - 2015-07-10 06:04 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-04-30 21:26 - 2016-01-01 21:27 - 00000000 ____D C:\Users\Semih\AppData\Roaming\uTorrent
2016-04-30 20:54 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-30 18:35 - 2015-10-25 07:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-30 17:21 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-30 16:16 - 2015-12-24 16:30 - 00000000 ____D C:\Users\Semih\AppData\Roaming\Skype
2016-04-30 13:26 - 2015-10-30 02:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-30 12:59 - 2015-12-24 01:47 - 00000000 ___RD C:\Users\Semih\OneDrive
2016-04-30 12:56 - 2016-01-16 02:13 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-30 12:56 - 2016-01-16 01:14 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-30 12:56 - 2015-10-25 08:04 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-30 12:06 - 2016-01-11 13:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-30 11:24 - 2015-12-24 01:47 - 00002363 _____ C:\Users\Semih\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-30 11:23 - 2016-03-10 14:07 - 00002282 _____ C:\Users\Public\Desktop\MIT PHE SELECTION SOFTWARE.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-04-30 11:23 - 2016-03-04 16:39 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-04-30 11:23 - 2016-02-25 20:24 - 00002049 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus11.lnk
2016-04-30 11:23 - 2016-02-25 20:23 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-30 11:23 - 2016-02-25 20:23 - 00002120 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-30 11:23 - 2016-01-28 15:11 - 00002161 _____ C:\Users\Public\Desktop\Logo Design Studio.lnk
2016-04-30 11:23 - 2016-01-16 00:18 - 00001564 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-30 11:23 - 2016-01-01 22:29 - 00002131 _____ C:\Users\Semih\Desktop\FL Studio 12 (64bit).lnk
2016-04-30 11:23 - 2016-01-01 22:29 - 00002115 _____ C:\Users\Semih\Desktop\FL Studio 12.lnk
2016-04-30 11:23 - 2016-01-01 21:28 - 00000898 _____ C:\Users\Semih\Desktop\µTorrent.lnk
2016-04-30 11:23 - 2016-01-01 21:28 - 00000878 _____ C:\Users\Semih\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-30 11:23 - 2015-12-24 16:30 - 00002634 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-29 21:23 - 2015-12-24 14:03 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-29 20:54 - 2015-12-24 01:46 - 00000000 ____D C:\Users\Semih\AppData\Local\Packages
2016-04-29 20:47 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-29 20:36 - 2016-01-05 16:58 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-04-28 18:26 - 2015-12-24 13:40 - 00002284 ____H C:\Users\Semih\Documents\Default.rdp
2016-04-22 02:57 - 2015-12-24 14:05 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-19 13:13 - 2015-10-25 08:04 - 00000000 ____D C:\ProgramData\PCDr
2016-04-18 23:30 - 2016-03-06 13:45 - 00009172 _____ C:\Users\Semih\Desktop\YAPILACAKLAR.xlsx
2016-04-18 11:57 - 2016-03-09 15:13 - 00000000 ____D C:\Users\Semih\Desktop\CROPHEX
2016-04-18 11:41 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-16 10:56 - 2015-10-30 02:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-16 10:56 - 2015-10-25 08:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-16 00:51 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-16 00:51 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-16 00:51 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-16 00:51 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-15 12:20 - 2015-07-10 06:04 - 00000167 _____ C:\WINDOWS\win.ini
2016-04-14 13:11 - 2015-10-30 02:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-14 13:08 - 2015-12-24 14:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 21:21 - 2016-03-02 13:16 - 00000000 ____D C:\Users\Semih\Desktop\amerika
2016-04-13 13:08 - 2016-03-10 14:18 - 00000116 _____ C:\Users\Semih\Uvhawc_EKN.dll
2016-04-13 13:08 - 2016-03-10 14:18 - 00000116 _____ C:\Users\Semih\Avtapc_EKN.dll
2016-04-12 12:10 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-12 12:09 - 2015-10-30 02:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-12 11:54 - 2015-10-25 07:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-12 02:00 - 2015-10-30 04:07 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-10 13:15 - 2015-12-24 16:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-10 13:15 - 2015-12-24 16:30 - 00000000 ____D C:\ProgramData\Skype
2016-04-06 13:32 - 2015-10-30 02:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 13:32 - 2015-10-30 02:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2016-04-29 20:59 - 2016-04-29 20:59 - 0000000 _____ () C:\Users\Semih\AppData\Local\aatxtname.txt
2016-04-12 18:38 - 2016-04-12 18:38 - 0006144 _____ () C:\Users\Semih\AppData\Local\cap.exe
2016-04-12 18:37 - 2016-04-12 18:37 - 0006144 _____ () C:\Users\Semih\AppData\Local\cap4.exe
2016-04-19 21:15 - 2016-04-19 21:15 - 0005120 _____ () C:\Users\Semih\AppData\Local\ddnow.exe
2016-04-19 21:14 - 2016-04-19 21:14 - 0005632 _____ () C:\Users\Semih\AppData\Local\ddnow4.exe
2016-04-30 18:35 - 2016-04-30 18:35 - 0000000 _____ () C:\Users\Semih\AppData\Local\Driver_1535Present.flag
2016-04-30 18:35 - 2016-04-30 18:35 - 0000000 _____ () C:\Users\Semih\AppData\Local\Driver_LOM_8171Present.flag
2016-04-30 20:01 - 2016-04-30 20:01 - 0000036 _____ () C:\Users\Semih\AppData\Local\housecall.guid.cache
2016-03-18 00:00 - 2016-03-18 00:00 - 0000000 _____ () C:\Users\Semih\AppData\Local\ok223.txt
2016-04-29 20:59 - 2016-04-29 20:59 - 0000000 _____ () C:\Users\Semih\AppData\Local\run.txt
2016-04-29 20:59 - 2016-04-29 21:00 - 0000000 _____ () C:\Users\Semih\AppData\Local\stxtname.txt
2016-04-05 07:26 - 2016-04-05 07:26 - 0007680 _____ () C:\Users\Semih\AppData\Local\tinstall.exe
2016-04-05 07:25 - 2016-04-05 07:25 - 0007680 _____ () C:\Users\Semih\AppData\Local\tinstall4.exe
2016-04-29 20:59 - 2016-04-29 20:59 - 0000000 _____ () C:\Users\Semih\AppData\Local\tr5b.txt
2016-04-29 20:59 - 2016-04-29 20:59 - 0002560 _____ () C:\Users\Semih\AppData\Local\uninstallssl.exe
2016-04-29 20:59 - 2016-04-29 20:59 - 0356864 _____ () C:\ProgramData\smp2.exe
 
Files to move or delete:
====================
C:\ProgramData\smp2.exe
C:\Users\Semih\Avtapc_EKN.dll
C:\Users\Semih\Uvhawc_EKN.dll
 
 
Some files in TEMP:
====================
C:\Users\Semih\AppData\Local\Temp\HitmanPro.exe
C:\Users\Semih\AppData\Local\Temp\libeay32.dll
C:\Users\Semih\AppData\Local\Temp\msvcr120.dll
C:\Users\Semih\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-04-30 10:50
 
==================== End of FRST.txt ============================

Attached Files



#4 senati

senati
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:27 AM

Posted 01 May 2016 - 11:38 AM

It's fixed now!!

I just uninstalled all the network drivers and re-install and the problem is solved!



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:27 PM

Posted 01 May 2016 - 02:01 PM

I will keep this topic open for for 5 days.

If you need to return please do.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:27 PM

Posted 06 May 2016 - 06:44 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users