Jump to content

mvmanikan

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, I followed the instructions as you suggested and looking better but still some errors are not resolved. I checked in control panel - windows update history , most of them are with status "successful"' with date 27.04.2014 Please find the attachment. Thanks. AppData-Local-ElevatedDiagnostics-2560293.pdf output.txt dism.log
  2. Hi, Thank you very much for your support and advice. I followed the same procedure as you suggested and everything is fine now. But the only problem is, now my system got upated with latest windows updates and while restarting, it gives the message "Failure configuring windows update..Reverting changes" I checked in control panel - windows update history , most of them are with status "failed"' eg: Security Update for Windows 7 for x64-based Systems (KB2862152) Installation date: ‎15-‎04-‎2014 07:30 Installation status: Failed Error details: Code 800F0826 Update type: Important A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system. More information: http://support.microsoft.com/kb/2862152 Help and Support: http://support.microsoft.com Similarly as above most of the Security updates for Windows 7 got failed. Anything can be done? Thanks
  3. Hi, I deleted the directory as you suggested. Please find the log attached (Adwcleaner,JRT and checkup) here, Please guide me with the next steps.Thanks in Advance AdwCleanerS0.txt JRT.txt checkup.txt
  4. Hi ESET log is attached here , please find it. Thanks in Advance. Please let me know the further steps. eset.txt
  5. Hi, As suggested, please find the log details below, Both Combofix and Mbam Note: For your information that, when i restart the machine after MBAM scan is done, McAfee tries to scan the system automatically and informs the system is infected and quarantines it. Thanks in Advance. ComboFix.txt mbam-log-2014-04-22 (21-25-10).txt
  6. Hi, I am not able to reply through the post , that is the reason i have attached the eset.txt in the above reply. Thanks
  7. Hi, I ran the fixlist and MBAM as you suggested and please find the log below, Fixlog: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-04-2014 Ran by Amma at 2014-04-17 07:52:03 Run:1 Running from C:\Users\Amma\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM Group Policy restriction on software: C:\Program Files\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\McAfee.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION HKU\S-1-5-21-2582164999-3651936928-3911635938-1000\...\Winlogon: [shell] explorer.exe [2871808 2011-08-18] (Microsoft Corporation) <==== ATTENTION Startup: C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\o7tfrod7th.lnk ShortcutTarget: o7tfrod7th.lnk -> C:\PROGRA~3\299219~1\ht7dorft7o.cpp (No File) Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File CHR Extension: (No Name) - C:\Users\Amma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid [2012-07-04] CHR HKCU\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-30] CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-30] C:\PROGRA~3\299219~1 C:\ProgramData\06p8iCguF.dat C:\ProgramData\3ar9jbn.bxx C:\ProgramData\3ar9jbn.fvv C:\ProgramData\9195086.bat C:\ProgramData\9195086.reg C:\ProgramData\fr8rrg7t.bxx C:\ProgramData\fr8rrg7t.fvv Reboot: ***************** HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKLM => Group Policy Restriction on software restored successfully. HKU\S-1-5-21-2582164999-3651936928-3911635938-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\o7tfrod7th.lnk => Moved successfully. C:\PROGRA~3\299219~1\ht7dorft7o.cpp not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully. HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key deleted successfully. C:\Users\Amma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid => Moved successfully. HKCU\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid => Key deleted successfully. C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx => Moved successfully. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid => Key deleted successfully. "C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx" => File/Directory not found. C:\ProgramData\2992199F9A => Moved successfully. C:\ProgramData\06p8iCguF.dat => Moved successfully. C:\ProgramData\3ar9jbn.bxx => Moved successfully. C:\ProgramData\3ar9jbn.fvv => Moved successfully. C:\ProgramData\9195086.bat => Moved successfully. C:\ProgramData\9195086.reg => Moved successfully. C:\ProgramData\fr8rrg7t.bxx => Moved successfully. C:\ProgramData\fr8rrg7t.fvv => Moved successfully. The system needed a reboot. ==== End of Fixlog ==== MBAM log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.04.17.02 Windows XP Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Amma :: DEUTSCHLAND [administrator] 17-04-2014 08:01:11 mbam-log-2014-04-17 (08-01-11).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 416305 Time elapsed: 34 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Thank you very much for your support and i am able to open the anitvirus software now .
  8. Hi, Please find the attached Addition.Txt Addition Txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014 Ran by Amma at 2014-04-16 07:20:20 Running from C:\Users\Amma\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.181.23 - Adobe Systems Incorporated) Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.6.0 - BitTorrent Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Citrix Presentation Server Client (HKLM-x32\...\{B2AE44CB-2AAB-4C08-A54B-D264BD604DA8}) (Version: 10.00.52110 - Citrix Systems, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.55 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.55 - Dell Inc.) Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps) Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft) Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps) Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.102 - PC-Doctor, Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Face Recognition (HKLM\...\{2C5BEF49-4219-4751-9106-39604462939D}) (Version: 3.0.85.1 - Sensible Vision) FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - ) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden GPL Ghostscript 8.70 (HKLM-x32\...\GPL Ghostscript 8.70) (Version: - ) High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden IBM Lotus Sametime Connect 7.5 (HKLM-x32\...\{F85B6E83-276C-4932-9B3C-F64F8D0576F9}) (Version: 7.5.60808 - IBM) Intel PROSet Wireless (Version: - ) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel® WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) MBlaze UI (HKLM\...\ZTEWireless-101_is1) (Version: - ) McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.944 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Standard 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10200.0.0 - Nero AG) Hidden Nero Control Center 10 (x32 Version: 10.6.12500.0.5 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.19800.9.10 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden Roxio Burn (x32 Version: 1.8 - Roxio) Hidden Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden Roxio File Backup (Version: 1.3.2 - Roxio) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation) Skype™ 6.2 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.2.106 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.8.21200.33.104 - Nero AG) SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.13500 - Nero AG) TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.4.2 - Helios) Tracking Cookies Removal Tool 1.0 (HKLM-x32\...\{D2A92E68-7CAD-4661-9C7A-D932FD5312E2}_is1) (Version: 1.0 - Security Stronghold) VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WordWeb (HKLM-x32\...\WordWeb) (Version: 6 - WordWeb Software) Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {179898B4-224B-4408-8FFF-EE3B964B352A} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-11-30] (PC-Doctor, Inc.) Task: {2A0EFDFB-8498-457B-9B51-99B71FA6EA8C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.) Task: {2BB108D6-5788-4BA5-BFFC-103AB68AE423} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000Core1cef3f2fbe0294a => C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.) Task: {2E0337AE-0806-4266-9F88-4B42A931B374} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {35ACE3B2-4A2D-45A2-9BC6-B7562628F68A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f => C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.) Task: {4998E473-89B7-4068-A402-FDF6FA0FB641} - System32\Tasks\{CF8167B7-D2A1-4B6B-999B-C51B50C9AE9E} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.2.0.106&LastError=12002 Task: {A3C291DF-1EE1-4C8C-AD72-B905E99CE268} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.) Task: {CC1F0DF4-B4EC-4D70-B3DD-5ED186D18F53} - System32\Tasks\{2E5A2ED6-D1A9-4733-A067-AFFD071B1264} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04] (Malwarebytes Corporation) Task: {F07F2CE7-B505-419D-B65E-C460423CFA83} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-11-30] (PC-Doctor, Inc.) Task: {F7DB1110-6561-4C31-AA31-A9D1B6A72C3B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000Core1cef3f2fbe0294a.job => C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f.job => C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-11-01 19:10 - 2010-11-01 19:10 - 00092808 _____ () C:\Windows\system32\FAIEExtension.DLL 2010-12-17 10:23 - 2010-12-17 10:23 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-06-15 08:00 - 2010-06-17 18:26 - 00087040 _____ () C:\Windows\System32\redmonnt.dll 2011-09-01 16:24 - 2010-11-08 12:17 - 00405504 _____ () C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe 2011-12-31 17:28 - 2011-05-28 18:35 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2011-08-18 06:08 - 2011-05-16 07:03 - 02748736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2011-08-18 17:27 - 2011-04-10 20:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-12-17 10:23 - 2010-12-17 10:23 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2010-11-17 07:05 - 2010-11-17 07:05 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2011-04-29 12:43 - 2011-04-29 12:43 - 00075064 _____ () C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 2011-04-29 14:48 - 2011-04-29 14:48 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe 2013-01-28 09:38 - 2013-01-28 09:38 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-01-28 09:38 - 2013-01-28 09:38 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-11-24 19:14 - 2010-11-24 19:14 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2011-04-29 14:43 - 2011-04-29 14:43 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll 2011-04-29 14:43 - 2011-04-29 14:43 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^Users^Amma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^fr8rrg7t.lnk => C:\Windows\pss\fr8rrg7t.lnk.Startup ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (04/16/2014 07:12:41 AM) (Source: TOASTER.EXE) (User: ) Description: An Unhandled Exception occured. The process cannot access the file 'C:\Users\Amma\AppData\local\softthinks\scheduler.xml' because it is being used by another process. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver) at System.Threading.CompressedStack.runTryCode(Object userData) at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData) at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state) at System.Xml.XmlTextReaderImpl.OpenUrl() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader reader) at System.Xml.XmlDocument.Load(String filename) at Toaster.SchedulerReader.read() at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow() at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder() at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers) at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e) at System.Windows.Threading.DispatcherTimer.FireTick(Object unused) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error: (04/16/2014 06:50:22 AM) (Source: Application Error) (User: ) Description: Faulting application name: McSvHost.exe, version: 2.6.259.0, time stamp: 0x5040f1f9 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000374 Fault offset: 0x00000000000c4102 Faulting process id: 0x76c Faulting application start time: 0xMcSvHost.exe0 Faulting application path: McSvHost.exe1 Faulting module path: McSvHost.exe2 Report Id: McSvHost.exe3 Error: (04/16/2014 06:49:24 AM) (Source: Application Virtualization Client) (User: ) Description: The Application Virtualization Core Service failed to initialize correctly. Error: (04/16/2014 06:49:24 AM) (Source: Application Virtualization Client) (User: ) Description: {tid=2E4} Client core could not be initialized (rc 16D13C0A-0000E016) Error: (04/16/2014 06:49:23 AM) (Source: Application Virtualization Client) (User: ) Description: {tid=2E4} Initialization of the Application Virtualization file system security failed (status 16D13C0A-0000E016). Error: (04/16/2014 00:01:24 AM) (Source: .NET Runtime Optimization Service) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 Error: (04/15/2014 11:20:34 PM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (04/15/2014 10:54:34 PM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86" Error: (04/15/2014 10:43:40 PM) (Source: Application Error) (User: ) Description: Faulting application name: WU-IE10-Windows7-x64.exe, version: 10.0.9200.16521, time stamp: 0x51207d62 Faulting module name: WU-IE10-Windows7-x64.exe, version: 10.0.9200.16521, time stamp: 0x51207d62 Exception code: 0xc0000005 Fault offset: 0x0000b1c3 Faulting process id: 0x418 Faulting application start time: 0xWU-IE10-Windows7-x64.exe0 Faulting application path: WU-IE10-Windows7-x64.exe1 Faulting module path: WU-IE10-Windows7-x64.exe2 Report Id: WU-IE10-Windows7-x64.exe3 Error: (04/15/2014 07:47:16 PM) (Source: Application Hang) (User: ) Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 139c Start Time: 01cf58c6812301a0 Termination Time: 867 Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Report Id: System errors: ============= Error: (04/16/2014 07:17:06 AM) (Source: DCOM) (User: ) Description: "c:\PROGRA~1\mcafee\mpf\mpfalert.exe" -Embedding1260{C13F71BC-CC67-40A4-BEF2-1CBF44BD2A6D} Error: (04/16/2014 07:07:18 AM) (Source: DCOM) (User: ) Description: c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding1260{209500FC-6B45-4693-8871-6296C4843751} Error: (04/16/2014 07:07:14 AM) (Source: Service Control Manager) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the HomeGroup Provider service, but this action failed with the following error: %%1056 Error: (04/16/2014 07:07:10 AM) (Source: Service Control Manager) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: %%1053 Error: (04/16/2014 07:07:10 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect. Error: (04/16/2014 07:06:17 AM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Listener service terminated with service-specific error %%-2147023174. Error: (04/16/2014 07:06:14 AM) (Source: Service Control Manager) (User: ) Description: The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/16/2014 07:06:14 AM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Provider service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/16/2014 07:06:14 AM) (Source: Service Control Manager) (User: ) Description: The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (04/16/2014 07:06:14 AM) (Source: Service Control Manager) (User: ) Description: The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (04/16/2014 07:12:41 AM) (Source: TOASTER.EXE)(User: ) Description: An Unhandled Exception occured. The process cannot access the file 'C:\Users\Amma\AppData\local\softthinks\scheduler.xml' because it is being used by another process. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver) at System.Threading.CompressedStack.runTryCode(Object userData) at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData) at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state) at System.Xml.XmlTextReaderImpl.OpenUrl() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader reader) at System.Xml.XmlDocument.Load(String filename) at Toaster.SchedulerReader.read() at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow() at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder() at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers) at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e) at System.Windows.Threading.DispatcherTimer.FireTick(Object unused) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error: (04/16/2014 06:50:22 AM) (Source: Application Error)(User: ) Description: McSvHost.exe2.6.259.05040f1f9ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410276c01cf592f31969eb2C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\Windows\SYSTEM32\ntdll.dll9d55ebff-c522-11e3-92da-ac728925b344 Error: (04/16/2014 06:49:24 AM) (Source: Application Virtualization Client)(User: ) Description: Error: (04/16/2014 06:49:24 AM) (Source: Application Virtualization Client)(User: ) Description: {tid=2E4} 16D13C0A-0000E016 Error: (04/16/2014 06:49:23 AM) (Source: Application Virtualization Client)(User: ) Description: {tid=2E4} 16D13C0A-0000E016 Error: (04/16/2014 00:01:24 AM) (Source: .NET Runtime Optimization Service)(User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Error: (04/15/2014 11:20:34 PM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/15/2014 10:54:34 PM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"(NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/15/2014 10:43:40 PM) (Source: Application Error)(User: ) Description: WU-IE10-Windows7-x64.exe10.0.9200.1652151207d62WU-IE10-Windows7-x64.exe10.0.9200.1652151207d62c00000050000b1c341801cf58ea3e3d0f98C:\Windows\SoftwareDistribution\Download\Install\WU-IE10-Windows7-x64.exeC:\Windows\SoftwareDistribution\Download\Install\WU-IE10-Windows7-x64.exe9fd17cc5-c4de-11e3-a044-ac728925b344 Error: (04/15/2014 07:47:16 PM) (Source: Application Hang)(User: ) Description: iexplore.exe9.0.8112.16421139c01cf58c6812301a0867C:\Program Files (x86)\Internet Explorer\iexplore.exe ==================== Memory info =========================== Percentage of memory in use: 80% Total physical RAM: 2979.17 MB Available physical RAM: 591.96 MB Total Pagefile: 5956.52 MB Available Pagefile: 3334.33 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:283.24 GB) (Free:70.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 306AF099) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Please help me in solving this issues, Thanks in Advance.
  9. Hi, As advised, please find the FRST log and addition txt, FRST Log. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014 Ran by Amma (administrator) on DEUTSCHLAND on 16-04-2014 07:17:40 Running from C:\Users\Amma\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (McAfee, Inc.) C:\Windows\system32\mfevtps.exe (Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Google Inc.) C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-13] (Alps Electric Co., Ltd.) HKLM\...\Run: [igfxTray] => C:\Windows\system32\igfxtray.exe [168216 2011-04-20] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [392472 2011-04-20] (Intel Corporation) HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [416024 2011-04-20] (Intel Corporation) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3666800 2011-01-21] (Dell Inc.) HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation) HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-29] () HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [93832 2010-11-01] (Sensible Vision ) HKLM-x32\...\Run: [FAStartup] => [X] HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions) HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] () HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [75064 2011-04-29] () HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] () HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM Group Policy restriction on software: C:\Program Files\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION HKLM Group Policy restriction on software: C:\Program Files\McAfee.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll () HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-2582164999-3651936928-3911635938-1000\...\Run: [Google Update] => C:\Users\Amma\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-08] (Google Inc.) HKU\S-1-5-21-2582164999-3651936928-3911635938-1000\...\MountPoints2: E - E:\Setup.exe /Auto HKU\S-1-5-21-2582164999-3651936928-3911635938-1000\...\Winlogon: [shell] explorer.exe [2871808 2011-08-18] (Microsoft Corporation) <==== ATTENTION Lsa: [Notification Packages] scecli FAPassSync Startup: C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\o7tfrod7th.lnk ShortcutTarget: o7tfrod7th.lnk -> C:\PROGRA~3\299219~1\ht7dorft7o.cpp (No File) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/USCON/9 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {3FC408F8-5A7F-42B2-B551-10FB8A3BE2DC} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {3FC408F8-5A7F-42B2-B551-10FB8A3BE2DC} URL = https://www.google.com/search?q={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: SSOIEAddonBHO Class - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5E00BF75-5401-4833-8D7F-2DF0D8D12ED9}: [NameServer]10.228.129.113 10.228.129.114 FireFox: ======== FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Amma\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Amma\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Amma\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Amma\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Amma\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Amma\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [] FF HKLM-x32\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\WordWeb\WCaptureMoz FF Extension: WCaptureX - C:\Program Files (x86)\WordWeb\WCaptureMoz [2011-09-03] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-29] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-29] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (No Name) - C:\Users\Amma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid [2012-07-04] CHR HKCU\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-30] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-04-15] CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Amma\AppData\Local\CRE\mhfdcmehmjcclgopdodkjdicohagipid.crx [2012-06-30] CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2011-09-03] ==================== Services (Whitelisted) ================= R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] () R2 UDisk Monitor; C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe [405504 2010-11-08] () ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.) S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-11-04] (ZTEMT Incorporated) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-16 07:17 - 2014-04-16 07:19 - 00020652 _____ () C:\Users\Amma\Downloads\FRST.txt 2014-04-16 07:17 - 2014-04-16 07:17 - 00000000 ____D () C:\FRST 2014-04-16 07:15 - 2014-04-16 07:15 - 02054144 _____ (Farbar) C:\Users\Amma\Downloads\FRST64.exe 2014-04-15 22:35 - 2014-04-15 22:43 - 00007951 _____ () C:\Windows\IE10_main.log 2014-04-15 09:09 - 2014-04-15 23:21 - 00447220 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2014-04-15 08:42 - 2014-04-15 23:06 - 00445970 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-04-14 23:35 - 2014-04-14 23:35 - 03016854 _____ () C:\Users\Amma\Desktop\ark.txt 2014-04-14 23:33 - 2013-11-27 03:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-04-14 23:33 - 2013-11-27 03:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-04-14 23:04 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-04-14 22:54 - 2014-04-14 22:54 - 00380416 _____ () C:\Users\Amma\Desktop\c25r1hmt.exe 2014-04-14 22:54 - 2014-04-14 22:54 - 00000000 ____D () C:\Users\Amma\Desktop\tdsskiller 2014-04-14 22:53 - 2014-04-14 22:53 - 04118280 _____ () C:\Users\Amma\Desktop\tdsskiller.zip 2014-04-14 22:53 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-04-14 22:53 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-04-14 22:41 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-04-14 22:41 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-04-14 22:41 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-04-14 22:41 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-04-14 22:40 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-04-14 22:40 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-04-14 22:40 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-04-14 22:40 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-04-14 22:40 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-04-14 20:46 - 2014-04-14 20:46 - 00002986 _____ () C:\Windows\System32\Tasks\{2E5A2ED6-D1A9-4733-A067-AFFD071B1264} 2014-04-14 19:14 - 2014-04-14 19:14 - 00006896 ____N () C:\bootsqm.dat 2014-04-14 16:11 - 2014-04-14 20:14 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-08 07:58 - 2014-04-08 07:58 - 00002289 _____ () C:\Users\Amma\Desktop\xing.txt 2014-04-02 07:37 - 2014-04-02 07:39 - 00000433 _____ () C:\Users\Amma\Desktop\Utensils.txt 2014-04-01 14:14 - 2014-04-16 07:19 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff.job 2014-04-01 14:14 - 2014-04-01 14:14 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff 2014-03-31 21:06 - 2014-03-31 21:06 - 00000830 _____ () C:\Users\Amma\Desktop\Tablet list.txt 2014-03-28 08:06 - 2014-04-16 07:11 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f.job 2014-03-28 08:06 - 2014-03-28 08:06 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f 2014-03-25 07:20 - 2014-03-25 07:20 - 00001375 _____ () C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ___RD () C:\Users\Amma\Desktop\MySyncUPFiles 2014-03-23 14:02 - 2014-03-23 14:15 - 00000000 ____D () C:\Users\Amma\Desktop\Misc 2014-03-23 12:19 - 2013-10-14 19:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-03-23 11:59 - 2014-03-23 11:59 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-03-23 11:59 - 2014-03-23 11:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-03-23 11:55 - 2014-03-23 11:55 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-03-23 11:50 - 2014-03-23 11:50 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-03-23 11:50 - 2014-03-23 11:50 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-03-23 11:46 - 2014-03-23 12:19 - 00011949 _____ () C:\Windows\IE11_main.log 2014-03-23 11:03 - 2014-03-23 11:03 - 00000000 ____D () C:\Program Files (x86)\Security Stronghold 2014-03-23 11:02 - 2014-03-23 11:02 - 01586248 _____ (Security Stronghold ) C:\Users\Amma\Downloads\TrackingCookiesRemovalTool.exe 2014-03-20 22:02 - 2014-03-20 22:02 - 07288523 _____ () C:\Users\Amma\Documents\About gods.pptx 2014-03-17 08:18 - 2014-03-23 14:17 - 00000000 ____D () C:\Users\Amma\Desktop\Resume ==================== One Month Modified Files and Folders ======= 2014-04-16 07:19 - 2014-04-16 07:17 - 00020652 _____ () C:\Users\Amma\Downloads\FRST.txt 2014-04-16 07:19 - 2014-04-01 14:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff.job 2014-04-16 07:19 - 2013-11-07 23:33 - 01809292 _____ () C:\Windows\WindowsUpdate.log 2014-04-16 07:17 - 2014-04-16 07:17 - 00000000 ____D () C:\FRST 2014-04-16 07:15 - 2014-04-16 07:15 - 02054144 _____ (Farbar) C:\Users\Amma\Downloads\FRST64.exe 2014-04-16 07:11 - 2014-03-28 08:06 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f.job 2014-04-16 07:11 - 2013-12-08 10:53 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000Core1cef3f2fbe0294a.job 2014-04-16 07:06 - 2013-11-03 12:50 - 00126856 _____ () C:\Users\Amma\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-16 07:06 - 2011-08-18 06:32 - 00000000 ____D () C:\ProgramData\Sonic 2014-04-16 07:06 - 2011-08-18 06:08 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup 2014-04-16 07:05 - 2014-03-06 09:09 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-16 06:56 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-16 06:56 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-16 06:48 - 2010-11-21 05:47 - 00254168 _____ () C:\Windows\PFRO.log 2014-04-16 06:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-16 06:48 - 2009-07-14 06:51 - 00154062 _____ () C:\Windows\setupact.log 2014-04-16 00:01 - 2009-07-14 07:13 - 00788770 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-15 23:59 - 2011-02-10 18:10 - 00767342 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-15 23:21 - 2014-04-15 09:09 - 00447220 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2014-04-15 23:06 - 2014-04-15 08:42 - 00445970 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-04-15 22:43 - 2014-04-15 22:35 - 00007951 _____ () C:\Windows\IE10_main.log 2014-04-15 18:34 - 2011-09-28 08:55 - 00000000 ____D () C:\Users\Guest\AppData\Local\Nero 2014-04-15 18:23 - 2013-11-29 00:21 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk 2014-04-15 13:21 - 2011-09-25 14:23 - 00126856 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-15 11:09 - 2009-07-14 06:45 - 00462432 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-15 10:41 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-04-15 10:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-04-15 10:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-04-15 10:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System 2014-04-15 07:42 - 2011-08-22 04:57 - 00000000 ____D () C:\Users\Amma\AppData\Local\Nero 2014-04-14 23:35 - 2014-04-14 23:35 - 03016854 _____ () C:\Users\Amma\Desktop\ark.txt 2014-04-14 22:54 - 2014-04-14 22:54 - 00380416 _____ () C:\Users\Amma\Desktop\c25r1hmt.exe 2014-04-14 22:54 - 2014-04-14 22:54 - 00000000 ____D () C:\Users\Amma\Desktop\tdsskiller 2014-04-14 22:53 - 2014-04-14 22:53 - 04118280 _____ () C:\Users\Amma\Desktop\tdsskiller.zip 2014-04-14 22:00 - 2013-02-03 14:04 - 00000000 ____D () C:\Users\Amma\AppData\Roaming\Skype 2014-04-14 20:50 - 2013-12-27 15:43 - 00000005 _____ () C:\Users\Amma\AppData\Roaming\mbam.context.scan 2014-04-14 20:46 - 2014-04-14 20:46 - 00002986 _____ () C:\Windows\System32\Tasks\{2E5A2ED6-D1A9-4733-A067-AFFD071B1264} 2014-04-14 20:14 - 2014-04-14 16:11 - 00000000 ____D () C:\ProgramData\2992199F9A 2014-04-14 19:14 - 2014-04-14 19:14 - 00006896 ____N () C:\bootsqm.dat 2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-09 13:28 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-08 07:58 - 2014-04-08 07:58 - 00002289 _____ () C:\Users\Amma\Desktop\xing.txt 2014-04-04 07:58 - 2013-05-15 02:39 - 00000000 ____D () C:\Users\Amma\AppData\Roaming\Sametime 2014-04-02 21:59 - 2011-08-22 04:30 - 00000000 ____D () C:\Users\Amma 2014-04-02 07:39 - 2014-04-02 07:37 - 00000433 _____ () C:\Users\Amma\Desktop\Utensils.txt 2014-04-01 14:14 - 2014-04-01 14:14 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4da3f89abfff 2014-04-01 14:14 - 2014-03-06 09:09 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-31 21:06 - 2014-03-31 21:06 - 00000830 _____ () C:\Users\Amma\Desktop\Tablet list.txt 2014-03-31 18:39 - 2011-08-23 03:07 - 00000000 ____D () C:\Amma 2014-03-30 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-03-28 08:06 - 2014-03-28 08:06 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000UA1cf4a4bd628401f 2014-03-28 08:06 - 2013-12-08 10:53 - 00003476 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2582164999-3651936928-3911635938-1000Core1cef3f2fbe0294a 2014-03-27 11:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-25 07:20 - 2014-03-25 07:20 - 00001375 _____ () C:\Users\Amma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-03-25 07:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ___RD () C:\Users\Amma\Desktop\MySyncUPFiles 2014-03-23 14:17 - 2014-03-17 08:18 - 00000000 ____D () C:\Users\Amma\Desktop\Resume 2014-03-23 14:16 - 2013-08-25 10:26 - 00000000 ____D () C:\Users\Amma\Desktop\Sheeba 2014-03-23 14:15 - 2014-03-23 14:02 - 00000000 ____D () C:\Users\Amma\Desktop\Misc 2014-03-23 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2014-03-23 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2014-03-23 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-03-23 12:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-03-23 12:19 - 2014-03-23 11:46 - 00011949 _____ () C:\Windows\IE11_main.log 2014-03-23 11:59 - 2014-03-23 11:59 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-03-23 11:59 - 2014-03-23 11:59 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-03-23 11:59 - 2014-03-23 11:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-03-23 11:59 - 2014-03-23 11:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-03-23 11:59 - 2014-03-23 11:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-03-23 11:55 - 2014-03-23 11:55 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-03-23 11:55 - 2014-03-23 11:55 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-03-23 11:50 - 2014-03-23 11:50 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-03-23 11:50 - 2014-03-23 11:50 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-03-23 11:03 - 2014-03-23 11:03 - 00000000 ____D () C:\Program Files (x86)\Security Stronghold 2014-03-23 11:02 - 2014-03-23 11:02 - 01586248 _____ (Security Stronghold ) C:\Users\Amma\Downloads\TrackingCookiesRemovalTool.exe 2014-03-20 22:02 - 2014-03-20 22:02 - 07288523 _____ () C:\Users\Amma\Documents\About gods.pptx 2014-03-19 08:06 - 2011-12-18 08:49 - 00000000 ____D () C:\Users\Amma\AppData\Roaming\Mozilla 2014-03-17 19:02 - 2013-11-04 17:51 - 00070592 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys 2014-03-17 18:54 - 2013-11-29 00:09 - 00185792 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe 2014-03-17 18:54 - 2013-11-04 17:46 - 00345456 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys 2014-03-17 18:49 - 2013-09-24 21:22 - 00783864 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys 2014-03-17 18:47 - 2013-11-04 17:41 - 00522360 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys 2014-03-17 18:45 - 2013-11-04 17:40 - 00311600 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys 2014-03-17 18:44 - 2013-09-24 21:19 - 00180272 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeapfk.sys Files to move or delete: ==================== C:\ProgramData\06p8iCguF.dat C:\ProgramData\3ar9jbn.bxx C:\ProgramData\3ar9jbn.fvv C:\ProgramData\9195086.bat C:\ProgramData\9195086.reg C:\ProgramData\fr8rrg7t.bxx C:\ProgramData\fr8rrg7t.fvv Some content of TEMP: ==================== C:\Users\Amma\AppData\Local\Temp\HssInstaller64.exe C:\Users\Amma\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Amma\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Amma\AppData\Local\Temp\MSN34E8.exe C:\Users\Amma\AppData\Local\Temp\Softonic_EN_1-5-1.exe C:\Users\Amma\AppData\Local\Temp\Softonic_EN_1-5-1[1].exe C:\Users\Amma\AppData\Local\Temp\tbBit0.dll C:\Users\Amma\AppData\Local\Temp\uninst1.exe C:\Users\Amma\AppData\Local\Temp\utt6F95.tmp.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-12 10:23 ==================== End Of Log ============================
  10. Hi I think my computer is infected because i am unable to open either Malwarebytes or McAfee as it is blocked by a message reading "This program is blocked by group policy. For more information, contact your system administrator." I can open the Chameleon page and have tested all the Chameleons, but not helped out. Please help me in solving this problem.As i saw a similar problem requested by another user, I ran the a Scan with TDSS-Killer and Gmer rootkit scanner and the log is attached. Thanks in Advance TDSSKiller.3.0.0.31_14.04.2014_22.54.54_log.txt ark.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.