Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

black screen after use AVG disk doctor [Closed]

Started by nicolasjuniar , Sep 18 2015 11:02 PM

  • This topic is locked This topic is locked

#1
nicolasjuniar
Posted 18 September 2015 - 11:02 PM

nicolasjuniar

    New Member

  • Member
  • Pip
  • 1 posts

Sorry, i have this problem too, i use avg disk doctor and i must reboot my pc(windows 8.1) but after reboot, all i get just black screen

here is my FRST scan result

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by SYSTEM on MININT-FHNOAVG (19-09-2015 08:27:50)
Running from F:\
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-18] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-09-10] ()
HKLM\...\Run: [UIExec] => C:\Program Files (x86)\Join Air\UIExec.exe [132096 2009-07-14] ()
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-29] (Oracle Corporation)
HKLM-x32\...\Winlogon: [Userinit]  [X]
HKLM-x32\...\Winlogon: [Shell]  [0 ] () <=== ATTENTION
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI]  <==== ATTENTION
HKU\Administrator\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-20] (Microsoft Corporation)
HKU\Nicolas\...\Run: [WinFLTray] => C:\WINDOWS\SysWow64\WinFLTray.exe [322360 2014-09-10] ( New Softwares.net)
HKU\Nicolas\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2014-09-10] (New Softwares.net)
HKU\Nicolas\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480 2014-09-02] (Tonec Inc.)
Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Q.lnk [2015-09-15]
ShortcutTarget: Q.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\obGcAW42wi.exe (No File)
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apache2.4; c:\xampp\apache\bin\httpd.exe [22016 2012-06-06] (Apache Software Foundation)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-06] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 FileZillaServer; c:\xampp\FileZillaFTP\FileZillaServer.exe [632320 2012-05-10] (FileZilla Project)
S2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2014-09-10] (New Softwares.net)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29181272 2008-12-17] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-06] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639584 2013-02-05] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [246272 2009-07-14] ()
S2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [13824 2013-09-22] (The Within Network, LLC)
S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
S2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
S2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-27] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-09-10] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-27] (AnvSoft Inc.)
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-26] (AVG Technologies CZ, s.r.o.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-10] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-11] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-06] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-19] (AVG Technologies CZ, s.r.o.)
S1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [295400 2015-06-15] (AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-20] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2014-09-10] ()
S3 PROLiNKusbdiag; C:\Windows\system32\DRIVERS\PROLiNKusbdiag.sys [123392 2011-09-18] (PROLINK Corporation)
S3 PROLiNKusbmodem; C:\Windows\system32\DRIVERS\PROLiNKusbmodem.sys [123392 2011-09-18] (PROLINK Corporation)
S3 PROLiNKusbnmea; C:\Windows\system32\DRIVERS\PROLiNKusbnmea.sys [123392 2011-09-18] (PROLINK Corporation)
S3 PROLiNKusbvoice; C:\Windows\system32\DRIVERS\PROLiNKusbvoice.sys [123392 2011-09-18] (PROLINK Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-26] (Synaptics Incorporated)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S2 uxstyle; C:\WINDOWS\system32\Drivers\uxstyle.sys [31440 2013-09-22] (The Within Network, LLC)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2014-09-10] ()
S2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-09-10] (NewSoftwares.net, Inc.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
S2 zntport; C:\WINDOWS\system32\drivers\zntport.sys [13880 2007-12-22] (Zeal SoftStudio)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-18 22:24 - 2015-09-18 22:52 - 00000000 ____D C:\FRST
2015-09-18 20:22 - 2015-09-19 08:27 - 00000000 _____ C:\Recovery.txt
2015-09-18 02:13 - 2015-09-18 02:13 - 00000344 _____ C:\Windows\PFRO.log
2015-09-18 00:43 - 2015-09-18 00:45 - 00000000 ____D C:\Users\Nicolas\Downloads\UGD4_G_7462
2015-09-18 00:39 - 2015-09-18 00:43 - 08336052 _____ C:\Users\Nicolas\Downloads\UGD4_G_7462.pam
2015-09-18 00:35 - 2015-09-18 00:35 - 00000000 ____D C:\Intel
2015-09-18 00:34 - 2015-09-18 00:35 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-09-18 00:09 - 2015-08-07 13:41 - 07460168 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-09-18 00:08 - 2015-08-22 05:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-18 00:08 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-18 00:08 - 2015-08-10 10:15 - 01084928 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2015-09-18 00:08 - 2015-08-10 10:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2015-09-18 00:08 - 2015-08-10 10:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2015-09-18 00:08 - 2015-08-10 09:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2015-09-18 00:08 - 2015-08-10 08:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-09-18 00:08 - 2015-08-10 08:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-09-18 00:08 - 2015-08-07 13:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-09-18 00:08 - 2015-08-07 13:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-18 00:08 - 2015-08-07 13:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2015-09-18 00:08 - 2015-08-07 13:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2015-09-18 00:08 - 2015-08-07 13:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-18 00:08 - 2015-08-07 06:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-18 00:08 - 2015-08-06 11:15 - 01658544 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2015-09-18 00:08 - 2015-08-06 11:15 - 01519592 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2015-09-18 00:08 - 2015-08-06 11:15 - 01487008 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2015-09-18 00:08 - 2015-08-06 11:15 - 01355848 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2015-09-18 00:08 - 2015-08-06 09:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\System32\hhctrl.ocx
2015-09-18 00:08 - 2015-08-06 08:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2015-09-18 00:08 - 2015-08-06 08:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-09-18 00:08 - 2015-08-06 08:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-09-18 00:08 - 2015-07-16 10:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\System32\NcdAutoSetup.dll
2015-09-17 23:57 - 2015-09-17 23:57 - 00001097 _____ C:\Users\Nicolas\Desktop\DllTool.lnk
2015-09-17 23:57 - 2015-09-17 23:57 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\KSafe
2015-09-17 23:57 - 2015-09-17 23:57 - 00000000 ____D C:\ProgramData\KSafe
2015-09-17 23:56 - 2015-09-17 23:56 - 00000000 ____D C:\Program Files (x86)\DllTool
2015-09-17 23:55 - 2012-07-25 23:50 - 00002560 _____ (Microsoft Corporation) C:\Windows\System32\rundll32.exe.mui
2015-09-17 21:13 - 2015-09-18 00:35 - 00000872 _____ C:\Windows\setupact.log
2015-09-17 21:13 - 2015-09-17 21:13 - 00000000 _____ C:\Windows\setuperr.log
2015-09-17 10:27 - 2015-09-18 02:10 - 00392456 _____ C:\Windows\WindowsUpdate.log
2015-09-16 02:55 - 2015-09-16 02:55 - 00001871 _____ C:\Users\Nicolas\Downloads\ugd pbd.txt
2015-09-15 01:27 - 2015-09-15 14:44 - 00000000 ____D C:\Users\Nicolas\Documents\VPProjects
2015-09-15 01:26 - 2015-09-15 01:27 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\VisualParadigm
2015-09-15 01:25 - 2015-09-15 01:26 - 00000000 ____D C:\Program Files (x86)\Visual Paradigm CE 12.2
2015-09-15 01:01 - 2015-09-15 01:28 - 00000000 ____D C:\Program Files (x86)\Rational
2015-09-15 01:01 - 2015-09-15 01:01 - 00000000 ____D C:\Windows\java
2015-09-15 01:00 - 2015-09-15 01:01 - 00064118 _____ C:\Users\Nicolas\AppData\Local\rational_state.log
2015-09-15 00:14 - 2015-09-15 00:14 - 89736576 __RSH C:\Users\Nicolas\AppData\Roaming\obGcAW42wi.exe
2015-09-11 05:27 - 2015-08-22 10:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-09-11 05:27 - 2015-08-22 09:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-09-11 05:27 - 2015-08-22 09:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-09-11 05:27 - 2015-08-22 09:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-11 05:27 - 2015-08-22 09:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-09-11 05:27 - 2015-08-22 09:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-09-11 05:27 - 2015-08-22 08:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-11 05:27 - 2015-08-22 08:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-11 05:27 - 2015-08-22 08:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-09-11 05:27 - 2015-08-22 08:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-11 05:27 - 2015-08-22 08:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-09-11 05:27 - 2015-08-22 08:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-09-11 05:27 - 2015-08-22 08:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-09-11 05:27 - 2015-08-22 08:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-09-11 05:27 - 2015-08-22 08:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-09-11 05:27 - 2015-08-22 08:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-09-11 05:27 - 2015-08-22 08:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-11 05:27 - 2015-08-22 08:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-09-11 05:27 - 2015-08-22 08:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-11 05:27 - 2015-08-22 08:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-11 05:27 - 2015-08-22 08:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-11 05:27 - 2015-08-22 08:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-11 05:27 - 2015-08-22 08:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-11 05:27 - 2015-08-22 08:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-11 05:27 - 2015-08-22 08:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-09-11 05:27 - 2015-08-22 08:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-09-11 05:27 - 2015-08-22 08:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-11 05:27 - 2015-08-22 07:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-11 05:27 - 2015-08-22 07:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-10 05:37 - 2015-07-30 09:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2015-09-10 05:37 - 2015-07-30 08:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-10 05:36 - 2015-09-02 18:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-09-10 05:36 - 2015-09-02 18:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-10 05:36 - 2015-09-02 10:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-09-10 05:36 - 2015-09-02 09:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-10 05:36 - 2015-07-22 06:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-09-10 05:36 - 2015-07-22 06:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2015-09-10 05:36 - 2015-07-22 06:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-10 05:36 - 2015-07-22 06:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 05:36 - 2015-07-18 10:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\shacct.dll
2015-09-10 05:36 - 2015-07-18 10:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2015-09-10 05:36 - 2015-07-18 10:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-10 05:36 - 2015-07-18 10:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-10 05:34 - 2015-09-01 18:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-09-10 05:34 - 2015-09-01 18:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-09-10 05:34 - 2015-09-01 18:50 - 00044032 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-09-10 05:34 - 2015-09-01 18:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-10 05:34 - 2015-09-01 18:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-10 05:34 - 2015-08-03 13:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2015-09-10 05:34 - 2015-08-03 13:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-10 05:34 - 2015-08-01 06:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2015-09-10 05:34 - 2015-07-31 19:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\schtasks.exe
2015-09-10 05:34 - 2015-07-31 19:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-10 05:34 - 2015-07-31 19:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2015-09-10 05:34 - 2015-07-31 19:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2015-09-10 05:34 - 2015-07-31 19:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-04 19:48 - 2015-09-04 21:43 - 00864256 _____ C:\Users\Nicolas\Documents\IAE.accdb
2015-09-04 06:58 - 2015-08-26 18:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-09-04 06:58 - 2015-08-26 10:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-04 06:58 - 2015-08-26 10:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-04 06:58 - 2015-08-26 10:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-04 06:58 - 2015-08-26 10:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-04 06:58 - 2015-08-26 06:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-09-04 06:58 - 2015-08-26 06:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-09-04 06:58 - 2015-08-26 06:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-09-04 06:58 - 2015-08-26 06:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2015-09-04 06:58 - 2015-08-26 06:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-09-04 06:58 - 2015-08-26 06:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-09-04 06:58 - 2015-08-26 06:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-08-27 03:26 - 2015-08-27 03:26 - 00000000 ____D C:\Program Files\Oracle
2015-08-27 03:26 - 2013-04-11 20:41 - 00237840 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2015-08-27 03:26 - 2013-04-11 20:40 - 00120080 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2015-08-27 03:25 - 2015-08-27 03:25 - 00000000 ____D C:\Program Files\Genymobile
2015-08-27 03:24 - 2015-08-28 00:40 - 00000000 ____D C:\Users\Nicolas\.android
2015-08-27 03:20 - 2015-08-27 03:20 - 22915568 _____ (Intel Corporation) C:\Windows\System32\igdfcl64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 17846272 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 08528896 _____ (Intel Corporation) C:\Windows\System32\ig7icd64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 06513648 _____ (Intel Corporation) C:\Windows\SysWOW64\ig7icd32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 04371888 _____ (Intel Corporation) C:\Windows\System32\Gfxv4_0.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 04369816 _____ (Intel Corporation) C:\Windows\System32\Gfxv2_0.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 04025864 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiAAC64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 03797424 _____ (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2015-08-27 03:20 - 2015-08-27 03:20 - 02506960 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiVAD64.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 02037232 _____ (Intel Corporation) C:\Windows\System32\igfxcmjit64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01995760 _____ (Intel Corporation) C:\Windows\System32\igdrcl64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01793024 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01768432 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01470472 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiSecureSourceFilter64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01156000 _____ (Intel Corporation) C:\Windows\System32\iglhsip64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 01151840 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00970656 _____ (Intel Corporation) C:\Windows\System32\GfxUIEx.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00866824 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiWinNextAgent64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00661000 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiAudioFilter64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00618992 _____ (Intel Corporation) C:\Windows\System32\MetroIntelGenericUIFramework.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00617992 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiMux64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00556960 _____ (Intel Corporation) C:\Windows\System32\DPTopologyApp.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00554928 _____ (Intel Corporation) C:\Windows\System32\DPTopologyAppv2_0.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00469216 _____ (Intel Corporation) C:\Windows\System32\igdmd64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00444832 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiUMS64.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00410528 _____ (Intel Corporation) C:\Windows\System32\CustomModeAppv2_0.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00409520 _____ (Intel Corporation) C:\Windows\System32\CustomModeApp.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00394224 _____ (Intel Corporation) C:\Windows\System32\igfxOSP.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00387056 _____ (Intel Corporation) C:\Windows\System32\IntelOpenCL64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00378824 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00374272 _____ (Intel Corporation) C:\Windows\System32\igdbcl64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00357912 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiSilenceFilter64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00329216 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00296944 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00291744 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00265712 _____ C:\Windows\System32\igfxCPL.cpl
2015-08-27 03:20 - 2015-08-27 03:20 - 00232960 _____ C:\Windows\System32\igdde64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00229664 _____ (Intel Corporation) C:\Windows\System32\iglhcp64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00225288 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiUtils64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00216552 _____ (Intel Corporation) C:\Windows\System32\igfxCoIn_v4276.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00205728 _____ (Intel Corporation) C:\Windows\System32\igfxext.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00199088 _____ (Intel Corporation) C:\Windows\System32\igfxcmrt64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00194560 _____ C:\Windows\SysWOW64\igdde32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00194368 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00193536 _____ (Intel Corporation) C:\Windows\System32\igfx11cmrt64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00192520 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiDDEAgent64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00172528 _____ C:\Windows\System32\igdail64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00169368 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00165808 _____ (Intel Corporation) C:\Windows\System32\difx64.exe
2015-08-27 03:20 - 2015-08-27 03:20 - 00163840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00154096 _____ C:\Windows\SysWOW64\igdail32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00143368 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiMCUMD64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00109064 _____ (Intel Corporation) C:\Windows\System32\IntelWiDiLogServer64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00102912 _____ C:\Windows\System32\IccLibDll_x64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00096752 _____ C:\Windows\System32\igfxCUIServicePS.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00078336 _____ ( ) C:\Windows\System32\igfxDHLibv2_0.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00072704 _____ (Khronos Group) C:\Windows\System32\Intel_OpenCL_ICD64.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00069616 _____ ( ) C:\Windows\System32\igfxDHLib.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00069120 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00042232 _____ (Intel Corporation) C:\Windows\System32\igfxexps.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00039424 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00020976 _____ ( ) C:\Windows\System32\igfxDILib.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00018944 _____ ( ) C:\Windows\System32\igfxEMLibv2_0.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00018944 _____ ( ) C:\Windows\System32\igfxEMLib.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00018944 _____ ( ) C:\Windows\System32\igfxDILibv2_0.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00015344 _____ ( ) C:\Windows\System32\igfxLHMLibv2_0.dll
2015-08-27 03:20 - 2015-08-27 03:20 - 00013824 _____ ( ) C:\Windows\System32\igfxLHMLib.dll
2015-08-26 20:29 - 2015-08-26 20:56 - 00000000 ____D C:\Users\Nicolas\VirtualBox VMs
2015-08-26 20:25 - 2015-09-18 00:42 - 00000000 ____D C:\Users\Nicolas\AndroidStudioProjects
2015-08-26 20:25 - 2015-08-26 20:26 - 00000000 ____D C:\Users\Nicolas\.gradle
2015-08-26 20:23 - 2015-09-17 02:38 - 00000000 ____D C:\Users\Nicolas\.VirtualBox
2015-08-26 20:23 - 2015-08-27 03:28 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Genymobile
2015-08-26 09:11 - 2015-08-26 09:11 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\JetBrains
2015-08-26 09:10 - 2015-08-27 01:51 - 00000000 ____D C:\Users\Nicolas\.AndroidStudio1.3
2015-08-26 08:54 - 2015-08-27 03:13 - 00000000 ____D C:\Program Files\Android
2015-08-24 22:10 - 2015-08-24 22:10 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\GarenaPlus
2015-08-24 22:10 - 2015-08-24 22:10 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Garena
2015-08-24 22:10 - 2015-08-24 22:10 - 00000000 ____D C:\ProgramData\Garena
2015-08-24 22:09 - 2015-08-27 21:01 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2015-08-24 22:09 - 2015-08-24 22:10 - 00000000 ____D C:\ProgramData\GarenaMessenger
2015-08-24 18:39 - 2015-07-22 06:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\UtcResources.dll
2015-08-24 18:39 - 2015-07-22 05:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2015-08-24 18:39 - 2015-07-17 06:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2015-08-24 18:39 - 2015-07-17 06:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-24 18:39 - 2015-07-03 13:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-08-24 18:39 - 2015-07-03 06:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-24 18:38 - 2015-07-13 19:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\tzsync.exe
2015-08-24 18:38 - 2015-07-13 11:10 - 00411455 _____ C:\Windows\System32\ApnDatabase.xml
2015-08-24 18:38 - 2015-07-10 11:06 - 00118272 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2015-08-24 18:38 - 2015-07-09 08:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-08-24 18:38 - 2015-06-27 03:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2015-08-24 18:38 - 2015-06-19 09:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers.dll
2015-08-24 17:48 - 2015-07-16 12:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-08-24 17:48 - 2015-07-16 12:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-08-24 17:48 - 2015-07-16 11:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2015-08-24 17:48 - 2015-07-16 11:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-24 17:48 - 2015-07-16 11:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-24 17:48 - 2015-07-16 11:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2015-08-24 17:48 - 2015-07-16 10:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-24 17:03 - 2015-07-30 06:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-24 17:03 - 2015-07-30 05:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-24 01:46 - 2015-07-07 01:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2015-08-24 01:46 - 2015-07-07 01:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2015-08-24 01:46 - 2015-07-07 01:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2015-08-24 01:43 - 2015-07-29 06:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-24 01:43 - 2015-07-29 06:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-24 01:43 - 2015-07-29 06:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-24 01:43 - 2015-07-15 16:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-24 01:43 - 2015-07-13 11:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-24 01:43 - 2015-07-13 11:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-24 01:43 - 2015-07-10 09:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-24 01:37 - 2015-07-10 10:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2015-08-24 01:37 - 2015-07-10 09:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-24 01:37 - 2015-07-10 09:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-24 01:37 - 2015-07-10 08:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-24 01:37 - 2015-07-09 09:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-24 01:37 - 2015-07-09 09:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-24 01:37 - 2015-07-09 08:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-24 01:37 - 2015-07-01 14:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-24 01:37 - 2015-07-01 14:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-24 01:37 - 2015-07-01 13:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-24 01:37 - 2015-07-01 13:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-23 20:39 - 2015-08-04 04:25 - 00044760 _____ (AVG Technologies) C:\Windows\System32\uxtuneup.dll
2015-08-23 20:39 - 2015-08-04 04:25 - 00036568 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll
2015-08-23 20:39 - 2015-08-04 04:25 - 00030424 _____ (AVG Technologies) C:\Windows\System32\authuitu.dll
2015-08-23 20:39 - 2015-08-04 04:25 - 00025816 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-08-21 06:54 - 2015-08-21 06:54 - 00188884 _____ C:\Windows\System32\resTHA.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00181524 _____ C:\Windows\System32\resELL.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00177300 _____ C:\Windows\System32\resRUS.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00163044 _____ C:\Windows\System32\resARA.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00162500 _____ C:\Windows\System32\resHEB.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00162484 _____ C:\Windows\System32\resJPN.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00157860 _____ C:\Windows\System32\resHUN.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00157844 _____ C:\Windows\System32\resFRA.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00156100 _____ C:\Windows\System32\resKOR.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00156020 _____ C:\Windows\System32\resDEU.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00155988 _____ C:\Windows\System32\resITA.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00155828 _____ C:\Windows\System32\resROM.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00155716 _____ C:\Windows\System32\resESN.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00155268 _____ C:\Windows\System32\resPLK.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00155172 _____ C:\Windows\System32\resSKY.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00154980 _____ C:\Windows\System32\resNLD.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00154372 _____ C:\Windows\System32\resPTB.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00154260 _____ C:\Windows\System32\resTRK.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00154212 _____ C:\Windows\System32\resCSY.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00154084 _____ C:\Windows\System32\resPTG.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00153620 _____ C:\Windows\System32\resFIN.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00153236 _____ C:\Windows\System32\resHRV.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00152772 _____ C:\Windows\System32\resSVE.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00152644 _____ C:\Windows\System32\resSLV.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00151668 _____ C:\Windows\System32\resNOR.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00151156 _____ C:\Windows\System32\resDAN.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00149812 _____ C:\Windows\System32\resENU.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00148052 _____ C:\Windows\System32\resCHT.cui
2015-08-21 06:54 - 2015-08-21 06:54 - 00147188 _____ C:\Windows\System32\resCHS.cui
2015-08-21 06:52 - 2015-08-21 06:52 - 00002560 _____ C:\Windows\System32\iglhxs64.vp
2015-08-21 06:50 - 2015-08-21 06:50 - 00316245 _____ C:\Windows\System32\DisplayAudiox64.cab
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-18 02:13 - 2013-08-22 06:44 - 00037760 _____ C:\Windows\System32\FNTCACHE.DAT
2015-09-18 02:12 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-18 02:10 - 2014-07-14 19:41 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\DMCache
2015-09-18 02:00 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\sru
2015-09-18 01:41 - 2015-05-20 10:13 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-18 00:59 - 2014-07-13 00:56 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-689730378-725036343-1718610407-1001
2015-09-18 00:36 - 2012-07-25 23:59 - 00000000 ____D C:\Windows\CbsTemp
2015-09-18 00:01 - 2015-01-28 19:53 - 00000000 ____D C:\users\Nicolas
2015-09-18 00:01 - 2015-01-28 19:53 - 00000000 ____D C:\users\Administrator
2015-09-17 23:40 - 2013-10-06 19:55 - 00000000 ____D C:\Users\Nicolas\Downloads\Video
2015-09-17 23:40 - 2013-10-06 19:55 - 00000000 ____D C:\Users\Nicolas\Downloads\Compressed
2015-09-17 23:24 - 2014-11-20 20:44 - 00930188 _____ C:\Windows\System32\PerfStringBackup.INI
2015-09-17 22:51 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\NDF
2015-09-17 22:08 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-17 21:42 - 2015-02-04 02:58 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B363D0D2-DEB0-4220-9C0B-E374553C4D0C}
2015-09-17 20:49 - 2015-03-20 23:07 - 00000000 ____D C:\Users\Nicolas\OneDrive
2015-09-17 20:26 - 2014-09-16 19:36 - 00000000 ____D C:\Program Files (x86)\Smadav
2015-09-17 20:25 - 2015-05-20 10:13 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-17 15:30 - 2013-10-09 10:51 - 00000000 __SHD C:\[Smad-Cage]
2015-09-17 09:26 - 2014-07-13 00:36 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-17 09:21 - 2014-07-13 01:49 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Media Player Classic
2015-09-17 07:00 - 2013-10-06 19:26 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Packages
2015-09-17 04:20 - 2014-07-13 00:40 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Microsoft Help
2015-09-17 03:37 - 2015-07-09 20:31 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\IDM
2015-09-17 02:36 - 2015-05-20 10:13 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 02:36 - 2015-05-20 10:13 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 00:07 - 2014-07-14 20:17 - 00000000 ____D C:\ProgramData\MFAData
2015-09-14 06:34 - 2014-07-13 00:33 - 00000000 ____D C:\Users\Nicolas\AppData\Local\Google
2015-09-13 23:32 - 2013-08-22 05:25 - 00786432 ___SH C:\Windows\System32\config\BBI
2015-09-13 19:57 - 2014-07-13 00:39 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\MiniLyrics
2015-09-13 19:56 - 2014-04-01 01:28 - 00000000 ____D C:\Lyrics
2015-09-13 08:15 - 2014-07-13 00:38 - 00000000 ____D C:\Users\Nicolas\AppData\Roaming\Winamp
2015-09-13 02:43 - 2014-09-26 12:05 - 00000000 ____D C:\Users\Nicolas\Documents\Visual Studio 2008
2015-09-13 02:33 - 2015-02-25 00:13 - 00000000 ____D C:\Users\Nicolas\Documents\SQL Server Management Studio Express
2015-09-12 02:43 - 2014-07-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-11 08:31 - 2015-06-19 00:18 - 00000000 ____D C:\Windows\rescache
2015-09-11 07:09 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-11 06:57 - 2014-07-19 05:28 - 00000000 ____D C:\Windows\System32\MRT
2015-09-11 05:11 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\System32\config\ELAM
2015-09-10 05:57 - 2014-11-20 20:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 05:14 - 2014-12-15 06:32 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-09-06 03:35 - 2014-08-21 19:53 - 00000000 ____D C:\GAME
2015-09-05 18:34 - 2014-09-10 10:00 - 00002772 ___SH C:\Windows\SysWOW64\win_fldb_sys.dat
2015-09-05 18:34 - 2014-09-10 09:54 - 00003292 ___SH C:\Users\Nicolas\AppData\Local\win_fldb_sys.dat
2015-09-05 18:15 - 2015-02-19 00:41 - 00000000 ____D C:\New folder
2015-09-05 17:26 - 2014-09-10 09:54 - 00003465 ___SH C:\Windows\SysWOW64\win_stlthdb_sys.dat
2015-09-05 17:26 - 2014-09-10 09:54 - 00000700 ___SH C:\Users\Nicolas\AppData\Local\systemFL7.dat
2015-09-05 17:26 - 2014-09-10 09:53 - 00011781 ___SH C:\Users\Nicolas\AppData\Local\win_flfiles_sys.dat
2015-09-05 17:26 - 2014-09-10 09:53 - 00003465 ___SH C:\Users\Nicolas\AppData\Local\win_stlthdb_sys.dat
2015-09-05 06:12 - 2015-01-28 20:25 - 00000451 _____ C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-04 23:02 - 2015-02-28 08:39 - 00000000 ____D C:\luna
2015-08-27 06:11 - 2015-03-06 20:25 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-08-27 03:24 - 2013-09-08 07:04 - 00000000 ____D C:\Program Files\Intel
2015-08-27 03:20 - 2015-01-28 19:44 - 00072704 _____ (Khronos Group) C:\Windows\System32\OpenCL.DLL
2015-08-27 03:20 - 2015-01-28 19:44 - 00069120 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2015-08-27 03:20 - 2014-12-14 05:38 - 10574992 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 12335600 _____ (Intel Corporation) C:\Windows\System32\igd10iumd64.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 11905432 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 11053048 _____ (Intel Corporation) C:\Windows\System32\igdumdim64.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 04637640 _____ (Intel Corporation) C:\Windows\System32\igdusc64.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 03672344 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 00680432 _____ (Intel Corporation) C:\Windows\System32\igfxDH.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 00541600 _____ (Intel Corporation) C:\Windows\System32\igfxEM.exe
2015-08-27 03:20 - 2014-10-01 04:54 - 00395168 _____ (Intel Corporation) C:\Windows\System32\igfxTray.exe
2015-08-27 03:20 - 2014-10-01 04:54 - 00330136 _____ (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
2015-08-27 03:20 - 2014-10-01 04:54 - 00285184 _____ (Intel Corporation) C:\Windows\System32\igfxDI.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 00262640 _____ (Intel Corporation) C:\Windows\System32\igfxLHM.dll
2015-08-27 03:20 - 2014-10-01 04:54 - 00258456 _____ (Intel Corporation) C:\Windows\System32\igfxHK.exe
2015-08-27 03:20 - 2014-10-01 04:54 - 00230384 _____ (Intel Corporation) C:\Windows\System32\igfxDTCM.dll
2015-08-26 08:38 - 2014-05-19 06:29 - 00000000 ____D C:\Anime
2015-08-26 03:37 - 2014-07-19 05:28 - 134753440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-25 00:03 - 2014-09-10 09:53 - 00011781 ___SH C:\Windows\SysWOW64\win_flfiles_sys.dat
2015-08-24 17:28 - 2014-08-28 01:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-24 17:28 - 2014-08-28 01:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-24 08:47 - 2015-02-28 06:45 - 00000899 _____ C:\Users\Nicolas\Desktop\Luna Online.lnk
2015-08-24 02:03 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-24 02:03 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-22 04:32 - 2015-02-04 02:58 - 00000000 __SHD C:\Users\Nicolas\AppData\Local\EmieUserList
2015-08-22 04:32 - 2015-02-04 02:58 - 00000000 __SHD C:\Users\Nicolas\AppData\Local\EmieSiteList
2015-08-22 04:32 - 2015-02-04 02:58 - 00000000 __SHD C:\Users\Nicolas\AppData\Local\EmieBrowserModeList
 
Some files in TEMP:
====================
C:\Users\Nicolas\AppData\Local\Temp\cdo3453962472.dll
 
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe
[2014-11-20 21:15] - [2014-11-20 21:15] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437
 
C:\Windows\System32\wininit.exe
[2014-11-20 21:14] - [2014-11-20 21:14] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380
 
C:\Windows\explorer.exe
[2015-03-11 00:58] - [2015-01-27 15:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88
 
C:\Windows\SysWOW64\explorer.exe
[2015-03-11 00:58] - [2015-01-27 15:41] - 2207488 ____A (Microsoft Corporation) 91E24273FCA076EA9E65DAFA98901225
 
C:\Windows\System32\svchost.exe
[2014-11-20 21:14] - [2014-11-20 21:14] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47
 
C:\Windows\SysWOW64\svchost.exe
[2014-11-20 21:16] - [2014-11-20 21:16] - 0033088 ____A (Microsoft Corporation) D0ABC231C0B3E88C6B612B28ABBF734D
 
C:\Windows\System32\services.exe
[2015-05-13 20:37] - [2015-04-08 14:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45
 
C:\Windows\System32\User32.dll
[2014-11-20 21:15] - [2014-11-20 21:15] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5
 
C:\Windows\SysWOW64\User32.dll
[2014-11-20 21:14] - [2014-11-20 21:14] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE
 
C:\Windows\System32\userinit.exe
[2014-11-20 21:14] - [2014-11-20 21:14] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F
 
C:\Windows\SysWOW64\userinit.exe
[2014-11-20 21:16] - [2014-11-20 21:16] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0
 
C:\Windows\System32\rpcss.dll
[2014-11-20 21:14] - [2014-11-20 21:14] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00
 
C:\Windows\System32\dnsapi.dll
[2015-02-07 23:15] - [2014-11-04 17:44] - 0657920 ____A (Microsoft Corporation) 0B082D6D7A53D91678E7409DD145E89C
 
C:\Windows\SysWOW64\dnsapi.dll
[2015-02-07 23:15] - [2014-11-04 17:20] - 0498688 ____A (Microsoft Corporation) 205BDB00F4C032AF45A6BFD18EA7886C
 
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points =========================
 
Restore point date: 2015-09-17 23:59:45
 
==================== Memory info =========================== 
 
Percentage of memory in use: 9%
Total physical RAM: 8070.8 MB
Available physical RAM: 7277.4 MB
Total Virtual: 8070.8 MB
Available Virtual: 7302.64 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:256.25 GB) (Free:2.41 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:175.78 GB) (Free:3.13 GB) NTFS
Drive f: (KRISTINA) (Removable) (Total:7.2 GB) (Free:5.13 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 658E320B)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 601B40D8)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0B)
 
 
LastRegBack: 2015-09-16 04:19
 
==================== End of FRST.txt ============================
 
if you know what i must to do pls e-mail me or reply this post
my e-mail xxxxxxxxxxxxxxxxxxxxxxxxxx
 
sorry for my bad english
thank you

Edited by phillpower2, 20 September 2015 - 03:40 PM.
email address removed for security.

  • 0

Advertisements

#2
dbreeze
Posted 22 September 2015 - 01:25 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Hi nicolasjuniar,

Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

  • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
  • All of the assistants and staff at Geeks to Go are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date. That being said, please notice the following Geeks to Go rule:
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
  • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
  • While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
  • Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
  • Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.


- Save ALL Tools to your Desktop-

 

All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

Quoted from and used by permission of BrianDrab.  Thank you.

Let's get started....
 

 

Before I jump in and start modifing the system with scripts, can you tell me some more about the situation?

 

Why were you running the AVG disk doctor?  When were you running it (what date and time)?

 

I  noticed that you managed to get the FRST logs by using the Recovery Mode; that is very good.  The log shows that there is a Restore Point on the system ( Restore point date: 2015-09-17 23:59:45 ).  If this is before the running of the AVG tool, can you try to run System Restore (from the Recovery Mode Console)?

 

If this restores the errors / malware you were running the AVG disk doctor for, please just download FRST and run fresh logs.  It is easier to remove the malware with a running system.

 

I've included some steps for the FRST logs (for your reference) below:

 

Please download Farbar Recovery Scan Tool 64bit and save it to your Desktop.
 

  • Right click the FRST file on your desktop and select "Run as Administrator..." (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • If an update is available, the program will inform you and download the update.  Allow it do this please.
  • Once the tool shows "The tool is ready to use." message, please press the Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

 


  • 0

#3
dbreeze
Posted 28 September 2015 - 12:28 AM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP