Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Desktop items disappeared, may have a virus [Closed]

Started by dy1an12 , Mar 21 2015 07:05 PM

  • This topic is locked This topic is locked

#1
dy1an12
Posted 21 March 2015 - 07:05 PM

dy1an12

    New Member

  • Member
  • Pip
  • 1 posts

hey, i was using my laptop the other day and i currently have the free avg, and ive never had a problem with viruses before. But when i was surfing the web the other day, i got a few virus pop ups and so i told avg to remove them, it happened about 4 times, one after another then my computer restarted and now ive lost most of the desktop items/files and the task bar on the bottom only has blank peices of paper where it had my shortcuts. could i have a virus and need data recovery or is it an easier fix?

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by User (administrator) on USER-PC on 22-03-2015 10:59:35
Running from C:\Users\User\Desktop
Loaded Profiles: User & RACHEL (Available profiles: User & RACHEL)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\User\AppData\Roaming\Search Protection\SP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe [83608 2007-03-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\User\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ffecebb1cb8247d3bf4a15cc4e8d96d3-c6c6b21bafc761a18cb2d10f92a55a47cbf27b51 --CMPID 0913b
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\Run: [Search Protection] => C:\Users\User\AppData\Roaming\Search Protection\SP.EXE [901144 2015-03-11] ()
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-03-13] (Adobe Systems Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...GB_122500166421
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...GB_122500166421
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...GB_122500166421
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...GB_122500166421
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...GB_122500166421
HKU\S-1-5-21-2091224408-573817604-1479990023-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...GB_122500166421
HKU\S-1-5-21-2091224408-573817604-1479990023-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.ninemsn.com.au/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {FA6D5CF6-3E70-49DF-9319-7F4F062C7E1A} URL = http://www.mystartse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091224408-573817604-1479990023-1000 -> {FC2527B0-F13C-49F5-85AC-6A82C03398BC} URL = http://www.mystartse...q={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-13] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-13] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 208.67.220.222 208.67.220.220 198.142.0.51
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartse...GB_122500166421

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1426288791&from=wpc&uid=SanDiskXSSDXi100X24GB_122500166421
FF Keyword.URL: hxxp://au.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=512435&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2013-03-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2013-03-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\searchplugins\yahoo_ff.xml [2014-04-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2015-03-14]
FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\Extensions\[email protected] [2015-03-14]
FF Extension: UniDEalsee - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\Extensions\[email protected] [2015-03-14]
FF Extension: youtubeadblocker - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\Extensions\[email protected] [2015-03-14]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kkmwo4eu.default\extensions\[email protected]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartse...GB_122500166421

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1426288791&from=wpc&uid=SanDiskXSSDXi100X24GB_122500166421
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1426288791&from=wpc&uid=SanDiskXSSDXi100X24GB_122500166421"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-15]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Date Today) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgknbehalhkedjgfhiaindklahhkccc [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-15]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe http://www.mystartse...GB_122500166421

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3017776 2013-07-12] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-09-10] (Apple Inc.) [File not signed]
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 10:59 - 2015-03-22 10:59 - 00020829 _____ () C:\Users\User\Desktop\FRST.txt
2015-03-22 10:59 - 2015-03-22 10:59 - 00000000 ____D () C:\FRST
2015-03-22 10:56 - 2015-03-22 10:56 - 02095616 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2015-03-22 10:54 - 2015-03-22 10:54 - 02095616 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-03-14 09:33 - 2015-03-14 09:33 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2013.lnk
2015-03-14 09:20 - 2015-03-14 09:21 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-03-14 09:19 - 2015-03-14 09:19 - 00000000 ____D () C:\Program Files (x86)\Date Today
2015-03-14 09:17 - 2015-03-14 09:21 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-03-14 09:17 - 2015-03-14 09:21 - 00000000 ____D () C:\Program Files (x86)\UniDeals
2015-03-14 09:17 - 2015-03-14 09:17 - 00000000 ____D () C:\Users\User\Documents\HyperCam3
2015-03-14 09:17 - 2015-03-14 09:17 - 00000000 ____D () C:\Users\User\.swt
2015-03-14 09:17 - 2015-03-14 09:17 - 00000000 ____D () C:\ProgramData\9955058018430903398
2015-03-14 09:17 - 2015-03-14 09:17 - 00000000 ____D () C:\Program Files (x86)\UniDEalsee
2015-03-14 09:15 - 2015-03-14 09:15 - 00000000 ____D () C:\ProgramData\ecmcedaidajnpmbmnbibakkpdgekoamg
2015-03-14 09:15 - 2015-03-14 09:15 - 00000000 ____D () C:\ProgramData\{379b0660-46e7-6e39-379b-b066046e1981}
2015-03-14 09:14 - 2015-03-14 09:14 - 00841216 _____ () C:\Users\User\Downloads\age of mythology rockall program Verified.exe
2015-03-14 09:09 - 2015-03-14 09:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\oTweak Software
2015-03-14 09:09 - 2015-03-14 09:09 - 00000000 ____D () C:\ProgramData\RegClean
2015-03-14 09:09 - 2015-03-14 09:09 - 00000000 ____D () C:\Program Files (x86)\oTweak
2015-03-14 09:07 - 2015-03-14 09:08 - 02686112 _____ () C:\Users\User\Downloads\RegistryCleanerPro.exe
2015-03-14 09:00 - 2015-03-14 09:00 - 00000000 ____D () C:\Users\User\Downloads\Vcdplay2
2015-03-14 08:52 - 2015-03-14 08:52 - 00078482 _____ () C:\Users\User\Downloads\Vcdplay2.zip
2015-03-14 08:48 - 2015-03-14 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VCD Player
2015-03-14 08:48 - 2015-03-14 08:48 - 00559736 _____ (Xequte Software ) C:\Users\User\Downloads\xvcd.exe
2015-03-14 08:48 - 2015-03-14 08:48 - 00000000 ____D () C:\Program Files (x86)\X-VCD Player
2015-03-14 08:43 - 2015-03-14 08:43 - 00000000 ____D () C:\Users\User\AppData\Local\MPlayer
2015-03-14 08:41 - 2015-03-14 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UMPlayer
2015-03-14 08:41 - 2015-03-14 09:03 - 00000000 ____D () C:\Users\User\.umplayer
2015-03-14 08:41 - 2015-03-14 08:42 - 00000000 ____D () C:\Program Files (x86)\UMPlayer
2015-03-14 08:41 - 2015-03-14 08:41 - 00000000 ____D () C:\MININT
2015-03-14 08:38 - 2015-03-14 08:38 - 00150344 _____ () C:\Users\User\Downloads\UMPlayerSetup.exe
2015-03-14 08:28 - 2015-03-14 08:28 - 00003276 _____ () C:\Windows\System32\Tasks\{16E9FC34-31C1-42D0-9F43-0FE683122991}
2015-03-14 03:01 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-03-14 03:01 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-03-14 03:01 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-03-14 03:01 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-03-14 03:01 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-03-14 03:01 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-03-14 03:01 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-03-14 03:01 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-03-13 22:36 - 2015-03-14 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
2015-03-13 22:36 - 2015-03-14 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-13 22:36 - 2015-03-13 22:36 - 00000000 ____D () C:\ProgramData\Sun
2015-03-13 22:36 - 2015-03-13 22:35 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-13 22:35 - 2015-03-13 22:35 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-13 22:33 - 2015-03-13 22:34 - 30431144 _____ (Oracle Corporation) C:\Users\User\Desktop\jre-8u31-windows-i586.exe
2015-03-13 22:20 - 2015-03-13 22:20 - 18149720 _____ () C:\Users\User\Downloads\mp3rocket-pro (2).exe
2015-03-13 22:19 - 2015-03-13 22:19 - 00005318 _____ () C:\Users\User\Documents\rachels assignment.txt
2015-03-13 22:18 - 2015-03-14 00:02 - 00000000 ____D () C:\Users\User\Downloads\Age Of Mythology Complete
2015-03-13 21:58 - 2015-03-13 21:59 - 637264735 _____ () C:\Users\User\Downloads\PC Age of Mythology gold edition.exe
2015-03-13 16:58 - 2015-02-20 14:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 16:58 - 2015-02-20 14:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 16:58 - 2015-02-20 14:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 16:58 - 2015-02-20 14:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 16:58 - 2015-02-20 14:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-13 16:58 - 2015-02-20 14:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-13 16:58 - 2015-02-20 14:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-13 16:58 - 2015-02-20 14:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-13 16:58 - 2015-02-20 13:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 16:58 - 2015-02-20 13:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-13 16:58 - 2015-02-03 13:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 16:58 - 2015-02-03 13:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 16:58 - 2015-02-03 13:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 16:58 - 2015-02-03 13:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-13 16:58 - 2015-02-03 13:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-13 16:57 - 2015-02-03 13:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 16:57 - 2015-02-03 13:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-13 16:57 - 2015-02-03 13:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 16:57 - 2015-02-03 13:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-13 16:57 - 2015-02-03 13:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 16:57 - 2015-02-03 13:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 16:57 - 2015-02-03 13:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 16:57 - 2015-02-03 13:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 16:57 - 2015-02-03 13:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 16:57 - 2015-02-03 13:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 16:57 - 2015-02-03 13:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 16:57 - 2015-02-03 13:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 16:57 - 2015-02-03 13:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 16:57 - 2015-02-03 13:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 16:57 - 2015-02-03 13:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-13 16:57 - 2015-02-03 13:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-13 16:57 - 2015-02-03 13:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-13 16:57 - 2015-02-03 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-13 16:57 - 2015-02-03 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-13 16:57 - 2015-02-03 13:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-13 16:57 - 2015-02-03 13:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-13 16:57 - 2015-02-03 13:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-13 16:57 - 2015-02-03 13:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-13 16:57 - 2015-02-03 13:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-13 16:57 - 2015-02-03 12:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 16:57 - 2014-12-19 13:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-03-13 16:57 - 2014-11-01 08:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 16:57 - 2014-06-28 10:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 16:57 - 2014-06-28 10:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-03-13 16:57 - 2014-06-19 08:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-03-13 16:56 - 2015-01-31 13:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-13 16:56 - 2015-01-31 13:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-13 16:56 - 2015-01-31 09:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-13 16:55 - 2015-02-13 15:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-13 16:55 - 2015-02-13 15:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 16:55 - 2015-02-03 13:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 16:55 - 2015-02-03 13:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-13 16:55 - 2014-12-19 11:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-03-13 16:55 - 2014-12-12 03:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-13 16:55 - 2014-12-06 14:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-03-13 16:55 - 2014-12-06 13:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-03-13 16:55 - 2014-12-06 13:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-03-13 16:55 - 2014-10-14 12:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-13 16:55 - 2014-08-21 16:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-03-13 16:55 - 2014-08-21 16:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-03-13 16:55 - 2014-08-21 16:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-03-13 16:55 - 2014-08-21 16:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-03-13 16:55 - 2014-06-03 20:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-13 16:55 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-13 16:55 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-03-13 16:55 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-03-13 16:55 - 2014-06-03 19:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-13 16:55 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-13 16:55 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-03-13 16:54 - 2015-03-06 15:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 16:54 - 2015-03-06 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 16:54 - 2015-03-06 15:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 16:54 - 2015-03-06 15:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 16:54 - 2015-03-06 15:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 16:54 - 2015-03-06 15:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 16:54 - 2015-03-06 15:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 16:54 - 2015-03-06 15:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 16:54 - 2015-03-06 15:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-13 16:54 - 2015-03-06 15:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-13 16:54 - 2015-03-06 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-13 16:54 - 2015-03-06 15:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-13 16:54 - 2015-03-06 15:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-13 16:54 - 2015-03-06 15:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-13 16:54 - 2015-03-06 15:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-13 16:54 - 2015-01-31 09:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 16:54 - 2014-11-11 13:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-03-13 16:54 - 2014-11-11 12:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-03-13 16:54 - 2014-08-29 12:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-13 16:54 - 2014-08-29 12:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-03-13 16:54 - 2014-08-29 12:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-13 16:54 - 2014-08-29 12:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-13 16:54 - 2014-08-29 11:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-13 16:54 - 2014-08-29 11:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-13 16:54 - 2014-08-29 11:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-13 16:54 - 2014-08-29 11:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-13 16:54 - 2014-08-12 12:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-03-13 16:54 - 2014-08-12 11:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-03-13 16:54 - 2014-06-16 12:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-13 16:53 - 2015-02-03 13:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 16:53 - 2015-02-03 13:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-13 16:53 - 2015-01-17 12:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 16:53 - 2015-01-17 12:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-13 16:53 - 2014-09-04 15:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-03-13 16:53 - 2014-09-04 15:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-03-13 16:52 - 2014-07-17 12:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-03-13 16:52 - 2014-07-17 12:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-03-13 16:52 - 2014-07-17 12:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-03-13 16:52 - 2014-07-17 11:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-03-13 16:52 - 2014-07-17 11:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-03-13 16:52 - 2014-07-17 11:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-03-13 16:51 - 2015-02-26 13:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 16:51 - 2014-12-08 13:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-13 16:51 - 2014-12-08 12:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-13 16:51 - 2014-10-25 11:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-03-13 16:51 - 2014-10-25 11:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-03-13 16:49 - 2014-10-18 12:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-13 16:49 - 2014-10-18 11:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-13 16:49 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-03-13 16:49 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-03-13 16:48 - 2015-02-24 13:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 16:48 - 2015-02-24 12:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-13 16:48 - 2015-02-21 11:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 16:48 - 2015-02-21 10:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-13 16:48 - 2015-02-21 10:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-13 16:48 - 2015-02-21 10:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-13 16:48 - 2015-02-21 10:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-13 16:48 - 2015-02-21 09:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 16:48 - 2015-02-21 09:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-13 16:48 - 2015-02-20 13:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 16:48 - 2015-02-20 13:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 16:48 - 2015-02-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 16:48 - 2015-02-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 16:48 - 2015-02-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 16:48 - 2015-02-20 12:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 16:48 - 2015-02-20 12:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 16:48 - 2015-02-20 12:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 16:48 - 2015-02-20 12:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 16:48 - 2015-02-20 12:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 16:48 - 2015-02-20 12:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 16:48 - 2015-02-20 12:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 16:48 - 2015-02-20 12:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 16:48 - 2015-02-20 12:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 16:48 - 2015-02-20 12:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 16:48 - 2015-02-20 12:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-13 16:48 - 2015-02-20 12:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 16:48 - 2015-02-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 16:48 - 2015-02-20 12:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-13 16:48 - 2015-02-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 16:48 - 2015-02-20 12:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-13 16:48 - 2015-02-20 12:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-13 16:48 - 2015-02-20 12:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-13 16:48 - 2015-02-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 16:48 - 2015-02-20 12:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-13 16:48 - 2015-02-20 12:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-13 16:48 - 2015-02-20 12:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-13 16:48 - 2015-02-20 11:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-13 16:48 - 2015-02-20 11:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-13 16:48 - 2015-02-20 11:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-13 16:48 - 2015-02-20 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 16:48 - 2015-02-20 11:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 16:48 - 2015-02-20 11:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 16:48 - 2015-02-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 16:48 - 2015-02-20 11:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 16:48 - 2015-02-20 11:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-13 16:48 - 2015-02-20 11:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-13 16:48 - 2015-02-20 11:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-13 16:48 - 2015-02-20 11:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 16:48 - 2015-02-20 11:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-13 16:48 - 2015-02-20 11:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-13 16:48 - 2015-02-20 11:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-13 16:48 - 2015-02-20 11:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 16:48 - 2015-02-20 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 16:48 - 2015-02-20 11:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-13 16:48 - 2015-02-20 10:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-13 16:48 - 2015-02-20 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-13 16:29 - 2015-02-04 13:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 16:29 - 2015-02-04 12:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-13 16:27 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-13 16:27 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-13 15:37 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-13 15:37 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-13 15:37 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-13 15:37 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-13 15:37 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-13 15:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-03-13 15:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-03-13 15:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-03-13 15:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 10:57 - 2009-07-14 14:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 10:57 - 2009-07-14 14:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 10:50 - 2013-05-18 20:23 - 01569581 _____ () C:\Windows\WindowsUpdate.log
2015-03-22 10:31 - 2013-06-17 00:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-22 10:27 - 2013-06-15 15:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 10:26 - 2013-06-15 15:51 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-22 10:26 - 2013-06-15 15:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-22 10:21 - 2013-05-18 21:04 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-03-14 19:53 - 2009-07-14 15:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-14 19:52 - 2009-07-14 14:51 - 00043954 _____ () C:\Windows\setupact.log
2015-03-14 09:36 - 2014-02-22 17:47 - 00001413 _____ () C:\Users\RACHEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-14 09:36 - 2013-05-18 21:04 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-03-14 09:35 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 09:33 - 2013-03-18 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-14 09:28 - 2010-11-21 13:47 - 00010578 _____ () C:\Windows\PFRO.log
2015-03-14 09:22 - 2013-06-16 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2015-03-14 09:21 - 2014-05-22 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-14 09:21 - 2014-05-22 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-14 09:21 - 2013-08-26 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-14 09:21 - 2013-07-04 12:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2015-03-14 09:21 - 2013-07-01 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-14 09:21 - 2013-06-15 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-14 09:21 - 2013-05-18 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-03-14 09:21 - 2013-05-18 20:26 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-14 09:21 - 2013-05-18 20:26 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 09:21 - 2009-07-14 15:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-14 09:21 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-14 09:21 - 2009-07-14 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-14 09:17 - 2013-06-25 11:30 - 00000000 ____D () C:\Users\User\Incomplete
2015-03-14 09:17 - 2013-06-24 11:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\MP3Rocket
2015-03-14 08:41 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\Resources
2015-03-14 08:24 - 2009-07-14 15:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-14 04:39 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\rescache
2015-03-14 03:56 - 2013-07-01 22:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-14 03:56 - 2009-07-14 14:45 - 00267672 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 03:55 - 2013-07-01 22:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-14 03:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-14 03:53 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-14 03:51 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-14 03:17 - 2013-08-21 19:55 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 22:36 - 2013-06-24 11:46 - 00000000 ____D () C:\Program Files (x86)\MP3 Rocket
2015-03-13 22:35 - 2013-06-24 11:47 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-13 16:33 - 2013-06-17 00:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-13 16:32 - 2013-06-17 00:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-13 16:32 - 2013-06-17 00:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-13 16:11 - 2013-06-16 23:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Search Protection
2015-02-26 21:14 - 2013-05-18 22:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\jre-7u25-windows-i586-iftw_c3f4897a.exe
C:\Users\User\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\User\AppData\Local\Temp\utt2CD5.tmp.exe
C:\Users\User\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\User\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-13 19:47

==================== End Of Log ============================

 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by User at 2015-03-22 11:00:06
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4257 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CopyTrans Suite (HKLM-x32\...\CopyTrans Suite) (Version:  - )
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java™ SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 7.3 PRO - MP3 Rocket Inc)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RegistryCleanerPro (HKLM-x32\...\RegistryCleanerPro) (Version: 38.1 - oTweak Software)
S Agent (Version: 1.1.41 - Samsung Electronics CO., LTD.) Hidden
Search Protection (HKU\S-1-5-21-2091224408-573817604-1479990023-1000\...\Search Protection) (Version: 11.2.0.2 - Spigot, Inc.) <==== ATTENTION
SW Update (HKLM-x32\...\{44C11432-BA0D-4A02-B092-78AA7A6056A0}) (Version: 2.1.17 - Samsung Electronics CO., LTD.)
UMPlayer 0.98 [P4] (HKLM-x32\...\UMPlayer) (Version: 0.98 - Ori Rejwan)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
X-VCD Player (HKLM-x32\...\X-VCD Player_is1) (Version: Version 2.0 - Xequte Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-06-2014 16:50:44 Scheduled Checkpoint
11-07-2014 11:42:50 Windows Modules Installer
13-03-2015 15:36:42 Windows Update
14-03-2015 03:00:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C6724E3-513A-470E-973A-E02DA0A6B037} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {3D5F4EB1-BB73-4FF0-8756-9FC1CBAC853C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {467DB126-1276-48A2-B1B9-9D28F7C0A1B2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {510A70F5-446B-4BD6-B0C4-C188016A1AAF} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {62CAC279-F921-4E10-8726-F58BB2BB4156} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {6F1F6C6C-8137-40BE-AA30-6B2D5BA1B2FA} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {7240B370-21A2-42A2-8911-8BA42F452CF7} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {75756211-B8A3-4658-9167-38E5B7EB462E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {B04FE99B-F8D8-416B-B07A-B9188BCF2B11} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {B110492F-CBB9-4632-9988-630474BCB460} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-05-08] (Samsung Electronics CO., LTD.)
Task: {B1B796C4-F5F2-4FC9-8F12-02BF07510EA2} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {B3A675F7-7AED-4BD9-BA53-F7816D244C8E} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {E26B73C8-27E0-4C28-8415-B75A640441DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F9DE5845-6F57-41BB-9E77-07DDA7AF147F} - System32\Tasks\{16E9FC34-31C1-42D0-9F43-0FE683122991} => pcalua.exe -a "C:\Users\User\Downloads\Age Of Mythology Complete\AOM Update\aom10to110.exe" -d "C:\Users\User\Downloads\Age Of Mythology Complete\AOM Update"
Task: {FA6CA964-E05E-4DE1-8EAE-3CB8E4BEE178} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) ==============

2013-05-18 21:04 - 2012-02-07 18:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2013-05-18 23:44 - 2012-02-13 15:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2015-03-11 02:45 - 2015-03-11 02:45 - 00901144 _____ () C:\Users\User\AppData\Roaming\Search Protection\SP.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-18 23:44 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2013-05-18 23:44 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2013-05-18 21:03 - 2012-02-07 17:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-20 22:33 - 2014-06-20 22:33 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-03-13 16:32 - 2015-03-13 16:32 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2091224408-573817604-1479990023-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
HKU\S-1-5-21-2091224408-573817604-1479990023-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\RACHEL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.220.222 - 208.67.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-2091224408-573817604-1479990023-500 - Administrator - Disabled)
Guest (S-1-5-21-2091224408-573817604-1479990023-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2091224408-573817604-1479990023-1002 - Limited - Enabled)
RACHEL (S-1-5-21-2091224408-573817604-1479990023-1003 - Limited - Enabled) => C:\Users\RACHEL
User (S-1-5-21-2091224408-573817604-1479990023-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2015 03:52:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dmhkcore.exe, version: 3.2.8.40, time stamp: 0x4fc61650
Faulting module name: dmhkcore.exe, version: 3.2.8.40, time stamp: 0x4fc61650
Exception code: 0xc0000005
Fault offset: 0x0001b6b3
Faulting process id: 0x16c8
Faulting application start time: 0xdmhkcore.exe0
Faulting application path: dmhkcore.exe1
Faulting module path: dmhkcore.exe2
Report Id: dmhkcore.exe3

Error: (03/14/2015 09:35:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 09:28:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 09:23:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 04:02:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 03:56:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1263

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1263

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2015 08:02:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170


System errors:
=============
Error: (03/14/2015 07:49:29 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{CB8521AB-B326-43FA-A7EC-2BCADD26645B} because another computer on the network has the same name.  The server could not start.

Error: (03/14/2015 09:35:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/14/2015 09:34:49 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/14/2015 09:28:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/14/2015 09:27:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/14/2015 09:23:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/14/2015 09:23:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (03/14/2015 04:02:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/14/2015 04:01:25 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

Error: (03/14/2015 03:59:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (03/14/2015 03:52:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dmhkcore.exe3.2.8.404fc61650dmhkcore.exe3.2.8.404fc61650c00000050001b6b316c801d05de680a72f15C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exeC:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe43890f5e-ca0e-11e4-970e-c48508697f20

Error: (03/14/2015 09:35:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 09:28:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 09:23:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 04:02:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 03:56:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1263

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1263

Error: (03/13/2015 09:59:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2015 08:02:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170


CodeIntegrity Errors:
===================================
  Date: 2014-03-23 19:38:49.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-23 19:38:49.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-23 19:38:49.113
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-23 19:38:48.818
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-23 19:38:47.920
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-23 19:38:47.670
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\2A66E0A2-0CBC-4525-9043-B80EB6D84A0B\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_b5e7f8ade1f2fff4\appid.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 46%
Total physical RAM: 7973.49 MB
Available physical RAM: 4257.9 MB
Total Pagefile: 15945.16 MB
Available Pagefile: 12348.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.54 GB) (Free:284.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 74F02DEA)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 2BD2C32A)

Partition: GPT Partition Type.

==================== End Of Log ============================

Edited by dy1an12, 21 March 2015 - 07:09 PM.

  • 0

Advertisements

#2
BrianDrab
Posted 26 March 2015 - 05:09 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi and welcome to G2G. Sorry for the delay. If you still need assistance please let me know.


  • 0

#3
BrianDrab
Posted 31 March 2015 - 04:49 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP