FFdead2me
-
Posts
8 -
Joined
-
Last visited
-
Everything went smoothly. You may close this one out. Thanks Kevin...I'll be back to this threads in a few days to send a donation (when I get paid )
-
And no more problems as of yet.
-
Wasn't able to copy anything in the results window because of the reboot prompt. Even just closed it instead of hitting ok and it still rebooted. Below is the log though. All processes killed========== FILES ==========< ipconfig /flushdns /c >Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.C:\Users\Main\Desktop\cmd.bat deleted successfully.C:\Users\Main\Desktop\cmd.txt deleted successfully.LoadLibrary failed for C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dllC:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll moved successfully.File/Folder C:\Users\All Users\Microsoft\Crypto\RSA64\rsa64.dll not found.C:\ProgramData\Microsoft\Crypto\RSA64\temp folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fe5f0606391e1b3a67fcf91ded957196 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fd1d770eae128471eaf90474121fb853 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fd0906d1b9a29f743942a8f2ba1cf356 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fb82943a65bdf6f17c2edd45ef085436 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\fa0312874982058f2a37031f943de8af folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f9740fb8e5d9bd67090e6a4a79b9b594 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f95984828746c96ec6d7bd2660eaa37a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f79950bfc116defcf813826c3faa1da5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f707a21bc61e1dfc86f9a25ee89d3f77 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f67053f260071632df0c442f28dc3436 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f61f8952ae17e58eef25f6c55042092b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f5869b5fba46e0f303f93514700d6fee folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f4801e9eb1c828f1b54015688f356fc7 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f44590a9b1d5a5fd2726a3317ed94f51 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f43ae4106b93cbde73df9afbb713fecf folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f40e69b1040d029b2cabee7e9788cd64 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f319ffd612c98e9ea096ed656ea29486 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f2a1cbf2a2362efa2ef657332b901ab0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f255ebd2004e0d2bcc0220f534426a42 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f1b9453b4d24b5500f794baf34940d5a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\f0d8839b83a91ab0d5510d2347713e63 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\eed74297d2e15ec8c03031db7b0c4460 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ed3e72e92efa5da72552ca3a92c2174a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ed378d7d8dab0c80450743b4f3dcbc07 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\eceafb13b9f8104d80fa0c3ee5edfffa folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ec9aa7b80f1442d543374ecfc8565649 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e994fd39697acf0fae065238a1e92274 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e964793654202d601f434e41e2733aa4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e959c0f7a27fe041ef6dfe10784751c6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e8c28050e65e6ed958737d5f0e560d6e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e87232558e406b3f4fa55d303760b4e4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e7cab7129510b045fa319443d079a1d1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e78c2b198890d32f8b5c8b77e2835fb6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e743528acf4010f84595a60e4968243c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e6cc1ed5849dc432d00beca28f4169ab folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e4bffcea5bd4cd32701b28403cfd5b93 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e4378f57dd20df41cf543f1684702c8b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e3cacc3180a10c4979af4cdc9d8a669a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e3410070fcfeab010674e69ba4e3b282 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e22e02e62bc20cd2f9d2fa7938f26891 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\e02c1cfd596c439a6d6c826bc1ff88df folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dfc42d24f0238936783ac57936911a0c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\df7adb7a3ba423912d80c4a8c50002a4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\df461ea041daab70ac41947fbf3ed152 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dee6de940620e2876ccacdaa80784e7e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dee312c62457fe61887e9c02ae26a02f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\deb7a3f5242dc7a28fcedca914323cd1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\de50ad986429018cc4c02754ecdb3ad1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\de3b762cae0a173b9b5879dd467e87ad folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dd82a46061b577d82e3bf3f33424e5c2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dc0159ca1496213532fe2e1a4d280335 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dbf05b813355fcace4041017fec984d5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\dba1f9d7ce7ba029c4d0b7bad00d911b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\db26b9cbd377e7c50235de5222ce51a5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\da32ca0f17f969464b61d2675ba51259 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d98630f02676adea5dd7ede9be7d48c1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d76db9ab9d0522e88a94641d5c2e4fe2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d72dd576e8b279d9026c5155b5bc849a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d6f2b3b2ec680fa24764fa02972402d7 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d672c7bfd78fbb179d86cafe49836650 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d6560c95aa468f99f7b74f160abda2c4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d454574aea1d65078eb22b4bd3087aec folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d447908840bf527518af74efb430f333 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d4076b565339ab61071f01f234ed8ae0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d065f9397bb0b12dceeba5d7d1c1b59b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\d03be3ec15fdc00a4428e23253d3d1fb folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\cec6c85a7bf9770323e16af12d5f97c7 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ceaf270b6af67d74dc7992781b573918 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\cd1efc332a1f98da5d411b4f043b9d0b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\cceb2090a7bd581a06ed739b81c598cc folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\cce38618c1046a7d580aee2c23a34c50 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\cc3345146a227449591c880e60fb3290 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\caabf3f09b18153817f68f8e3bd4c260 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c8030376d5b0fdf19cd205f5463c07fe folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c7fb1bb88003bb1f8de3601547ec5b06 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c74158bb15b5a06bb9710b5f85d4d577 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c67bd5654b98689a487edf8c33846de9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c534aa57bb447a7f804d89af667232ef folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c41c0464eea4fcccaa9cb8da5832c5c0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c2e8f08dbe9015ea90464136d40c11b6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c19e281100ca372267bb973205017756 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c184c99b5815e68f6d7a353dabc6d2dd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c11a2b0e4f10f7241a17fdc51b50dbf4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c0eb03e877c667e5307341db99f8a744 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\c0c3b69047687e69763355ca60a6c5f0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\be2aa5f38d71d71a85ce93bdbd2d9fa4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\bce3d69939a8d5097af785085bb94942 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\bc41279a2faca9234014f4e9a619c194 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\bba637deb5abc56a942e1c137d078c9f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\bb5bce5f0d51b20bb7acd9298b6af16e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ba17f94b38150b4886c4238b5d33df2b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b9c8c4e9817af2c90fb1d545732d0666 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b9ae21de1beae7ae12ee1dc61a1015bb folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b91f4809d27fe3ac219491fa84474eef folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b86e68ec40ee8d8d9672145633cee8c1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b710c16489d1540436189d57f7facbc3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b4dba0128b260c700dc85036060473c4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b4c197c913f9f3645d35f5561cc7fba0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b3f79b1db13455a3c13aa2235b0217ed folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b3bbe7257f863234e31b3bc5d9c51f71 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b3b30bd50c0bacc5d164db0d57c03cb6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b355ca9f7a6c41db2090a747d2077f8e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b21c8ce66cfa317f5d14af2bf3327e62 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b1de5b70b0f2b15c3f5fae446e18badd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b1a815ccab345cdfcb717d7397fd394b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b1a0ac53a40868da95442673c0e7d028 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b179340e21d751efb028acdc822417d3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b12207fd6872b808d143359a21809646 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b1112dbc4ab06cd706ff51a55ba5ddc1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b07006a1eeadc2069604372e36047a9b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b06977b2f701946de2bbd8802be74396 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\b0120e70e7f0e56a1f59ed0933fa87d1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\af9dcf7836c58d150219bba95f7334df folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ae2d8e3b5ad90b9f8f7367ccd0eab0f3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ae02e0cbaeec36cc5a2a74f28cd71da4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\add027359594bf6ab5a50d375fd1b64f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ada7bb80586738961bfe873977b8ecbd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ad2859b1f4d469c4273ad12d5f105ba5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ace375c1bbf19a2fd62d74bb1bcea950 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\ac352afcc608b2eb13cde40fc0f17812 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\aa7b9f22674dfbbf4b4eb7fc24332b5b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\aa71a2bf08d86d3b493036261047c541 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\aa43b7a01c62fe7c2273662e5c241c83 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a9d7635ca9fe76ccfec5ab7eb111d2eb folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a8e82aafdc983fa245702aef4a75240e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a64fd52f8e7e5bbdebe6d2e773f25641 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a503069404df729d43d205f39e7492e7 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a4eeebd9ad07f67f634a63fbaf5566d2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a4ca0d353881fb39a348f274c5c55f6e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a483f36d94c305b7ff3c766ed3be898b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a3ad54614abffcf892aa2b6579191f21 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a36e5142517ef6c7705e0251e1a8fdba folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a0b00f35ee0eed30a5dd57e8de5b8767 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\a08ce3868f2c8b40a69cd4b7ba1f187e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9f6571813f53b541d50d4e6c21b53fe2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9f5ffc3dcba175b976034c2d292f3d68 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9f2bfef64b3567f178fa16fd6c947d1b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9cefdd16f5c6482bda72607076944634 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9cad99d73ede1920a7c0dfd11f85f2fe folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9b7d36486ccdfe80ca3a9cfc352bcde6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9ab788ef8433514428c59026579ea33b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9989dbf2440eddfbb8954ae1f628441c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\996ec65f62eabfa0fcb8e3555f6aa601 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\996a895f45e62a09eb18e03828d6db17 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\98feee54fa52f22d75b7f5ea81560876 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\98e98582ed0d51f4158f23b4725131b5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\97bfe895577cc42ad238462ac3d9540f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\97a1d0f7aa07698301b1300c54aac9d1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9625e26f4dd058c348d493c6bf730e50 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9530428d457a6fc523d21310b2f674d8 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\93aecf5cdfb9898e77bd7b4e55ac1c35 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9370fdc925387d4bbadc54ac75ffc615 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\930633faecc09efa2f1834a179a38223 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\9198c6d4454e20bd72c7ffda1a399bfe folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\91702eef676ec0b8709383f8a96e5e3d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\907adc51dfb9434bf646d8cbb4999b20 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8f660a9dc3d2a1365c96dd0d1a9a664e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8f458b827517d2a601287e8c19b967f2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8ebaeb5d13c1e69a301aa978b2bf002d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8e8b06023caa27ef926fd02404d76a58 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8e2f00fbd62e6f9068a1a408ca7934db folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8db3f439d76ddce19b4d676a105e7a63 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8da94383f076993256eb13a31a14cef1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8d824a8372fa3f8458ae407ea0dde39d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8d56e18738caf5c8a653da174290b38c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8c568d51349c8ee90bf592e226d78009 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8b08b396ecd9cdc4b9ef51640b77729d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8a80bfe2e3ec9a999cf99534d79274b4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\89d93d51f278176e767ef548cb4c990a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\89d167f01250e5503e25d3e10c41f36a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\89b07c478a5e735ae462989844de59c5 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\88e795d1f1cfaa529dcf50c321065dba folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\87f82ed763d43975d2601e0508a43513 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\878774870a7cedf81c305b65881dee64 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8721067c3a7a0bd7501f384536dc9a36 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\86fc620ab7678418be3864b5cec2b098 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\86428a7f666022d95016bdbf346fcb5d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\85f00a46f8cdc529d4a9ebdbeb839b95 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8502c6421a39e9c1c104383866c3f760 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\848c15df23a0731daf3f41f83e3385f3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\842bd8f52f082f1bb008cea1ac4c8199 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\83fc227026d3952465bd858339a3dc09 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\83fad88a74f38785f9fc511594e283a6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\83e519510458b5aeba0e64b40aaa8932 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\837bd00d581369b9bcf0a6e859dd4aad folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8353e69297f225b0f14332b5575d4288 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\82d30a88c2a1dbf5c0c01f9caa950613 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\82be74803be319097bd1cac7a66b26b8 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8287e7bcfbc6ebc9dedaa57d9f5bc4c3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\816fdb189028bbe405b02dbe584eef08 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8158791db1bc2eb8d93e1cf8a1155406 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\8153097807ffdbe7999641e5257b0c28 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7fc0a56c5099687fe82f9af051181db1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7ebc00e8ff94d2798a39fa350c0f9617 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7c7e6242cd912bf04c343636867044f1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7b5470d8c9ffcf484ff3fbf33b537da9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7b539e7b398f0dc6474639bcfd836190 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7aeaf46c38b871dbaf6fd53de148f4bf folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7a4a1ae3288d11cadb6c5cc8b0396584 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\79ab69945dd2243bba4d88cb4016992f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\78ddf642a7ea3efe1d1ef03af2490824 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\78b7a3ece8696566b42d349a550b667d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\785393fb8ec786c273642b1c8659d032 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\76b651a714f1064ead6f18de27e2f827 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\74ebd74f010e2305741959fe756f32cc folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\744dfbe1776feb42ca314134a5613df1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7407affc6e899a98d1db68d1d0b8dff3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\72d328ce205f8949cc769727df068d49 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7267eb3164f795b3c75212f60ef95150 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\7173526887edc729885f3dfd6129e543 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\700ea9421ba2c17402970d5c68e7dc3c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6fe22895684ed858613883840c60f334 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6f7355b5c294a07ae22a5a0391490156 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6f1f92f14188de6ed411e21d93f9397d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6dd1d6d8766fc1c1c7c4a279031724a3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6cb650747bb61894e776f9b56a2586fd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6c2ab975ff18dd66bb804f10fda0efdd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6ad3c3ca877874d808b8eaab921b8601 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6a8d42c72e9141bcb5ba64a6909e3543 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6a09fcc16192ccae0b5ff337580f1422 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\69bc54704cd94ba918f21a9f48180c0f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\694eeebb9bf004b7f1007ddf5c16c48f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\68cf7f689e765c9066446b39f3ca24ab folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\684bfe31506604f0df03acb0cfb7aadf folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6828fdffc6eb6ec6d4c4a8f0167efaed folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\66a9f9bd1abff331a0fb694c57116109 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\65e2b9235f761936c6701ccd990fc55f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\658d83d196ed6732eb37cb3968a287b1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\657118206258cfb842020a9fde2c3a17 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\653adebd49bb6a1f2457e81a1297390d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\619e4bf60f581f01cd4c74e58920778c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\612eb35e698542c1429e27b745b20b4f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\611c352d1031c8744b2a846b571d5985 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\610d1ef152f1f7313bbad22dbd8d1908 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\60df4e65ed6db4f52453b8e812e2170f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\6028d4ed815e46ba664b8b3970e3a72e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5ceda7e952bbd9bc156d1f65f9129304 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5cbf219da48fdce4155e3ad30d2564e6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5c1f2d6512cf0687b42ce83c886f478b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5bdfeacb3d0962584bbdfde4b411af37 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5b19a468f77bdb5c7b803f1940cc16fd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5adf26c6eb16be26fca2a2b029ad5df9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5ab09c048040c67ea23f3313e75729b6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5a77e7f33e9c76ef36317dd5e1d60462 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\599a33291d9cf3c859e4e84934a42380 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\598608089d66022185cb487235fbb37a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\58f3537daa74b712d59ead842b875bad folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\58ecec502ab6baba40af8e088e2eff19 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5877ede32e682f4b38a2f2dc90eed73f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\57c803cedf60616be45a3db2dddfb4e9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\57c6dca212b6dad82a09ca25c2cf8aee folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\55c184af5de15dfed450541ecd35d292 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5589626a22860b34c982d42a6e2a9190 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\556c6f609258e264dfa7ba49dfa9ccda folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\54b9141e6ec500c7570c6bc92c13d584 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\547c84c255de461241b9f50c4842426f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\54106aa0a6cac65acc646ff2ac3890d3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5316d433b648c9f6934fa426d488f6e4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\52beabc99ecaeec3291e8a04bbdc4883 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\52a848bbc6eee02b9bfb8391744babf4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\520175f9d578a04e1eb598c530e58736 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\51dc847fb407a8611b4d50c7e2d41fe8 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\51c151ec56ac73bf84cb90fbba296647 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\519797005954c292aee82600e66a7676 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5160e94b5bd09f9767497b792f661234 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\5151ba30864070c052b3186f51d82708 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\50b5e6bc2b174751ec382fd5cc1bd619 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4ff2fcfc0e31017d673ba28979f796cd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4fa70469231c1367e7921e671ad692a3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4f3d8e2eaf74903ee18b071e0877611e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4ddf6745c7b7bd6014719bdd88a8045d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4d645d550e85eccc56c0fbdd7c3cccb1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4b6c6fe03d3728d337679bd5fe2e3b42 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4b57201ee16d88bd488843d6e553af8e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4ae37f5640e236c1534a88ac2f590e1b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4a0b0e9b440c6cf91dfef28def7206ba folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\49321fa5c3ff4cb269b06c029b07b90e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\46ebf580fb360766fa2c23c335df22b9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\45c3a6f6bdb0531de792538fe38ee79b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\453fcdd2ab8b8ec0e6d7a02abfb60c08 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\452dbed9096f176dbce987077aff9cbd folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4457aa4b2444c6e3405d9f80bf19859d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\4318e53302e1320fa3df84cadb6df08b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\42f9690591ba51574ecf94f9d6cd32a8 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\41eb39c57328b294e6f4a80a4e2a392c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\41283aa2f27a03db8ac6e1d1365f013e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3e4cab2324a96b21ec4a957e4b6a278d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3e0897f4866213254bfbd3cbe589d73d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3db03e6d2a092e35ca4fdab3991ad920 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3d2f4135827435e8dc8fac82abe0a55c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3b9642e09e0244e6c2bf77baa365b9e6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\38827483d9949c58ec4998d920cbede4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\380f536bdda9c3462644840e3189aaff folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\380aa151fd2b21bfdadd32e7dc6e8ce2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\35a00029d6228bf63dc8e34a2452c45a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\3586ad2a5380c39305cb2bfe40b8f871 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\34868bebcab633a75504c9c1295803d7 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\34351923f39a53c6960fb0c94751bf89 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\335fb25d71319cee42107de3174e7d77 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\32ba9e758cf61542ef914154ecc03495 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\326601d189060fe4af73b04833a07cd1 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\31f2cecc46967f73a81fbd588858ce11 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\318e94665f25bd8f7023c6dc4a88329d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\317a93707a629aa4ccc91527d4a75562 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\30f02c3b767a6f27c191e1c73e59dc2d folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\30e9fad8b35a41b33fe9e392772b787c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\304ec5a802b5584d54972cc82ecf8403 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2feb303ec9676494b3cbc8464b0aaa75 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2f8c75cf0f37c080e168fb0779476aad folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2f773b46df7da2cba7ab8a55bea2ce9f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2eb6f0cdaccad7b5bc3c0b8eee9ebec4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2eae38c3e5851ce784c44d06234a5799 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2e03ae3bd358e60e18498fc929fc0259 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2df2a1b15b9512293928598c5845bf3b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2dba1c2392297ec9a0be428179193eda folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2d417a212dc93c3af4614927c9a7be78 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2c7d5ba0ae79c834ba0b152501a687d4 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2bd4c28725f8344a45dbd43db2f12379 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2b6c5d616235cd3e7e45d04c6158c681 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2b44870d387875f531d81baa3d5e9707 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2ace00fe42dfc95d4321673192bb7b9f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2a941b4540175f2832d1d3c1a9854f8b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\297d400f224a3bbac0e44b391cbc59c6 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2622776de895dbd04a0baff4c32ce4aa folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\254b93b432bbe46e8bbbd52c102756ad folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\24a853f3cef9ec1b2333857ad5c7ac06 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\23d54896edbda8728bc8f3e32b61c849 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\2336703243bdc96fd95ab1027f2785ee folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\233449b860b1296a994ec056307b26ca folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\22c5a059d6ed480fdc5acb52653650be folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\221acc24042ca1210daa1a9add486906 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\21124b0323df66f9412caccf76188e0b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\20f62c2e8c4e45f0205a31bea891be01 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\20e14cc22aac244941b3ba9526c69a83 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\20a6c3e5ea325d9820ade27f358f9f7b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\207b82ef6b733b685933e15ba0b62c82 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1f3378130858cbf31317c4af610f2601 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1ee6c466f57da195f9dc75349b035095 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1ee3b38553b58092142809a9d50f5f6e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1ed848ef51fe6115485222bc770760e0 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1eb3de86e4e212d94f21e5496953deed folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1d92bedb07f62e3183f40484ee39bb63 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1c2d0fb0f666aed965a87a91d9dee2d3 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1c08f21ed97dc0a434d8158c73677324 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1b933cd6b6f3dd7f6f329efc85519a33 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1b1db6e88a9e3e7753f1440624119dc2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\19756d7e6e70b4d7cdf8cd428359e70e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\18e1cd83034c18bc475346c7d1120010 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1873cd6a925cf4577bf9b351cd8a6c94 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\18665cad2b98c12e2ea41363974d72e2 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\185bde093fb1c7c922d2663328917eca folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\185bc7683a1e6bad3729308517d39dee folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\18474902db40b9986a3eb37c55dd8702 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\175c5a7e5fc7356fabd3b1b33417a42f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\16b1251bfb61e78a08ae48fd67ff6401 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\165f537fca89029a06d0e5aafebd91df folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\15f5c2d0593b774d4f8a4534966737fc folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1547098e5cb8530a1be52466094ea88a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\15449da89fb4f7b4f57b71960ee4673f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\153445bd93efabd0bf06ff6078ea433c folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\149454133062bb89308e08e484a0702f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\138a9a5b772d6e512f1df4270f22a097 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\13597b80952c65dab26b1b6184917e00 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1336ebf8cb8032a7a4d2965a63d87279 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1196bc5bed482435d35f3d8115ff31de folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\11384f18df142eafcee58d064a356462 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1084509bc0fddbd5e2243f612ecaa755 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\1010632dd9fb060345c0c873f6062d4f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0f958a735806b0374add034fed4f2363 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0f7102fd62e09170501dcfd206472246 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0f44d3cfe06d90d6468cc5f28824eb67 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0ea9c04e0cb26e5e74a299cf0274dd7e folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0d0aec8cceaca18daae6859509f7a862 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0c57580be7c50d496eaca6e32e9d755b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0c2d69b4bd56478b80f0d876509d75a9 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0bb5612a2687200b089407f7fc972581 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0a8408ec6af81836a5b28ced0fc67144 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0a7755a9973eb9dc9c01fd7e38418998 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0a643a24a32647e18befbb6738b3f964 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0a4cc81f4ea34e772ee9259f772d0557 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\09f29ba82e791fe5e56d91db4b185d01 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\080b2a9f37eedbbea3da90e6074d1ffe folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\077680b6c575abd9ed1cff6b0fc12d85 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\03ef8d0a00b177ed1e2e2399792f1c63 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\032d1069ae7b07f92362aec23883830a folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\02ff440ba9a407b0fa1ccd9a8f21ea15 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0222218a851fe0d546ad534e218c1e0f folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0160f25e0cf564eb38663a0a76a9d941 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\0095295056679678e726ba649ff5b642 folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data\006176314211e0855cbcb3a47bd30e5b folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\data folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\cache\rules folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\cache\resume folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys\cache folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64\MachineKeys folder moved successfully.C:\ProgramData\Microsoft\Crypto\RSA64 folder moved successfully.File/Folder C:\Users\All Users\Microsoft\Crypto\RSA64 not found.========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Main->Temp folder emptied: 1238996023 bytes->Temporary Internet Files folder emptied: 2877961 bytes->Java cache emptied: 0 bytes->FireFox cache emptied: 26997070 bytes->Google Chrome cache emptied: 406205704 bytes->Flash cache emptied: 1157 bytes User: Public %systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 5374 bytes%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytesRecycleBin emptied: 23856971 bytes Total Files Cleaned = 1,620.00 mb OTM by OldTimer - Version 3.1.21.0 log created on 09122014_234341 Files moved on Reboot...File C:\Users\Main\AppData\Local\Temp\etilqs_2QZGt24OJb5iSlD not found!File C:\Users\Main\AppData\Local\Temp\etilqs_3paQ7BFDNbQWeDp not found!File C:\Users\Main\AppData\Local\Temp\etilqs_F4elqiiwV713kTt not found!C:\Users\Main\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.File C:\Users\Main\AppData\Local\Temp\Sha5FB2.tmp not found!File C:\Users\Main\AppData\Local\Temp\Sha5FB3.tmp not found!C:\Users\Main\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.File move failed. C:\Windows\temp\RzMaelstromVADStreamingService.log scheduled to be moved on reboot. Registry entries deleted on Reboot...
-
C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll a variant of Win64/Sathurbot.A trojan C:\Users\All Users\Microsoft\Crypto\RSA64\rsa64.dll a variant of Win64/Sathurbot.A trojan
-
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014 Ran by Main at 2014-09-12 03:40:14 Run:1 Running from C:\Users\Main\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Start HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\Run: [Ohwqics] => regsvr32.exe C:\Users\Main\AppData\Local\Ohwqics\siftDLL.dll <===== ATTENTION C:\Users\Main\AppData\Local\Ohwqics HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\MountPoints2: {45cc0743-fb19-11e3-a198-74d435b79111} - E:\autorun.exe S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] C:\Users\Main\AppData\Roaming\Eceqyf C:\Users\Main\AppData\Roaming\Ynisehk C:\Users\Main\AppData\Local\Olngics C:\Users\Main\AppData\Local\Ohwqics C:\Users\Main\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Main\AppData\Local\Temp\Quarantine.exe C:\Users\Main\AppData\Local\Temp\tmp1b9ed42e.exe Task: {18EDFE87-CD7A-4717-9C9F-03F5B57C4D44} - System32\Tasks\AVG_SYS_TASK_0814avt => C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe [2014-08-19] () C:\ProgramData\Avg_Update_0814avt Task: {8A2B109C-1C0E-4CFC-B919-8823B8FEEAEB} - System32\Tasks\AVG_SYS_TASK_0614t => C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe [2014-07-03] () C:\ProgramData\Avg_Update_0614t Task: {DBC12322-B66C-41E1-8ADB-7443CCBE1999} - System32\Tasks\AVG_SYS_TASK_0614t_DELETE => C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe [2014-07-03] () Task: {F72CC6DB-74CE-4DE2-A53C-5B29BD1ABCDC} - System32\Tasks\AVG_SYS_TASK_0814avt_DELETE => C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe [2014-08-19] () Task: C:\Windows\Tasks\AVG_SYS_TASK_0614t.job => C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe Task: C:\Windows\Tasks\AVG_SYS_TASK_0614t_DELETE.job => C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe Task: C:\Windows\Tasks\AVG_SYS_TASK_0814avt.job => C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe Task: C:\Windows\Tasks\AVG_SYS_TASK_0814avt_DELETE.job => C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe Emptytemp: End ***************** HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ohwqics => value deleted successfully. C:\Users\Main\AppData\Local\Ohwqics => Moved successfully. "HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45cc0743-fb19-11e3-a198-74d435b79111}" => Key deleted successfully. "HKCR\CLSID\{45cc0743-fb19-11e3-a198-74d435b79111}" => Key not found. cpuz137 => Service deleted successfully. gdrv => Service deleted successfully. GPUZ => Service deleted successfully. XFDriver64 => Service deleted successfully. C:\Users\Main\AppData\Roaming\Eceqyf => Moved successfully. C:\Users\Main\AppData\Roaming\Ynisehk => Moved successfully. C:\Users\Main\AppData\Local\Olngics => Moved successfully. "C:\Users\Main\AppData\Local\Ohwqics" => File/Directory not found. C:\Users\Main\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully. C:\Users\Main\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\Main\AppData\Local\Temp\tmp1b9ed42e.exe => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18EDFE87-CD7A-4717-9C9F-03F5B57C4D44}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18EDFE87-CD7A-4717-9C9F-03F5B57C4D44}" => Key deleted successfully. C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0814avt" => Key deleted successfully. C:\ProgramData\Avg_Update_0814avt => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A2B109C-1C0E-4CFC-B919-8823B8FEEAEB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A2B109C-1C0E-4CFC-B919-8823B8FEEAEB}" => Key deleted successfully. C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0614t" => Key deleted successfully. C:\ProgramData\Avg_Update_0614t => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBC12322-B66C-41E1-8ADB-7443CCBE1999}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBC12322-B66C-41E1-8ADB-7443CCBE1999}" => Key deleted successfully. C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t_DELETE => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0614t_DELETE" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F72CC6DB-74CE-4DE2-A53C-5B29BD1ABCDC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F72CC6DB-74CE-4DE2-A53C-5B29BD1ABCDC}" => Key deleted successfully. C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt_DELETE => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG_SYS_TASK_0814avt_DELETE" => Key deleted successfully. C:\Windows\Tasks\AVG_SYS_TASK_0614t.job => Moved successfully. C:\Windows\Tasks\AVG_SYS_TASK_0614t_DELETE.job => Moved successfully. C:\Windows\Tasks\AVG_SYS_TASK_0814avt.job => Moved successfully. C:\Windows\Tasks\AVG_SYS_TASK_0814avt_DELETE.job => Moved successfully. EmptyTemp: => Removed 1.3 GB temporary data. The system needed a reboot. ==== End of Fixlog ==== Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 9/12/2014 Scan Time: 3:51:45 AM Logfile: mwb log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.12.02 Rootkit Database: v2014.09.10.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Main Scan Type: Threat Scan Result: Completed Objects Scanned: 317350 Time Elapsed: 10 min, 10 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) # AdwCleaner v3.309 - Report created 12/09/2014 at 04:24:52 # Updated 02/09/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Main - MAIN-CYBER # Running from : C:\Users\Main\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Mozilla Firefox v32.0 (x86 en-US) [ File : C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\x9jmgwv9.default-1410398568131\prefs.js ] -\\ Google Chrome v37.0.2062.120 [ File : C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [6165 octets] - [29/08/2014 19:48:51] AdwCleaner[R1].txt - [1057 octets] - [29/08/2014 20:26:31] AdwCleaner[R2].txt - [1126 octets] - [02/09/2014 12:35:34] AdwCleaner[R3].txt - [1132 octets] - [10/09/2014 02:02:16] AdwCleaner[R4].txt - [1371 octets] - [12/09/2014 04:12:24] AdwCleaner[s0].txt - [6259 octets] - [29/08/2014 19:50:08] AdwCleaner[s1].txt - [1190 octets] - [02/09/2014 12:36:40] AdwCleaner[s2].txt - [1194 octets] - [10/09/2014 02:13:14] AdwCleaner[s3].txt - [1438 octets] - [12/09/2014 04:24:52] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1498 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Professional x64 Ran by Main on Fri 09/12/2014 at 4:35:31.90 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 09/12/2014 at 4:39:31.77 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v4.21, June 2013 Started On Mon Jun 17 11:10:55 2013 ->Scan ERROR: resource process://pid:164 (code 0x00000005 (5)) Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Jun 17 11:11:08 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0) Started On Fri Aug 29 18:51:15 2014 Engine: 1.1.10802.0 Signatures: 1.179.1796.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Aug 29 18:52:34 2014 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0) Started On Wed Sep 10 01:50:00 2014 Engine: 1.1.10904.0 Signatures: 1.183.882.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 10 01:55:17 2014 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0) Started On Fri Sep 12 04:41:24 2014 Engine: 1.1.10904.0 Signatures: 1.183.882.0 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Fri Sep 12 04:44:55 2014 Return code: 0 (0x0) As of now there aren't any instances of iexplorer.exe while I have chrome and firefox open. Also, firefox now runs pages w/flash just fine.
-
==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-12 02:28 - 2014-09-12 02:27 - 00020421 _____ () C:\Users\Main\Desktop\FRST.txt 2014-09-12 02:27 - 2014-09-12 02:27 - 00000000 ____D () C:\FRST 2014-09-12 02:26 - 2014-09-12 02:26 - 04859480 _____ () C:\Users\Main\Desktop\RogueKiller.exe 2014-09-12 02:25 - 2014-09-12 02:25 - 02105856 _____ (Farbar) C:\Users\Main\Desktop\FRST64.exe 2014-09-12 02:08 - 2014-09-10 21:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-12 02:05 - 2014-06-24 20:44 - 00000000 ____D () C:\Users\Main\AppData\Roaming\uTorrent 2014-09-12 02:02 - 2014-09-10 20:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-12 02:01 - 2014-06-23 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-12 01:56 - 2014-09-11 03:51 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-11 22:02 - 2014-06-18 13:39 - 01634386 _____ () C:\Windows\WindowsUpdate.log 2014-09-11 19:58 - 2014-06-24 22:28 - 00000000 ____D () C:\Users\Main\Downloads\Utorrent 2014-09-11 16:05 - 2014-09-11 16:05 - 00000095 _____ () C:\Users\Main\Desktop\va info.txt 2014-09-11 11:18 - 2014-06-24 04:24 - 00000000 ____D () C:\Users\Main\AppData\Roaming\vlc 2014-09-11 04:47 - 2014-06-23 16:07 - 00115592 _____ () C:\Users\Main\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-11 03:56 - 2014-09-11 03:51 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-11 03:51 - 2014-09-11 03:51 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-09-11 03:51 - 2014-09-11 03:51 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-11 03:51 - 2014-09-11 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-09-11 03:51 - 2014-08-27 15:44 - 00000000 ____D () C:\Users\Main\AppData\Local\Google 2014-09-11 03:51 - 2014-08-27 15:44 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-11 02:42 - 2014-09-10 20:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-11 02:42 - 2014-09-10 20:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-11 02:42 - 2014-09-10 20:36 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-11 02:42 - 2014-08-27 15:48 - 00000000 ____D () C:\Users\Main\AppData\Local\Adobe 2014-09-11 02:32 - 2014-09-02 00:38 - 00003018 _____ () C:\Windows\setupact.log 2014-09-11 02:32 - 2014-06-23 17:32 - 00205690 _____ () C:\Windows\DPINST.LOG 2014-09-11 02:32 - 2014-06-23 17:30 - 00000000 ____D () C:\ProgramData\Razer 2014-09-11 02:32 - 2014-06-23 17:30 - 00000000 ____D () C:\Program Files (x86)\Razer 2014-09-11 02:31 - 2014-06-23 17:31 - 00000000 ____D () C:\Users\Main\AppData\Local\Razer 2014-09-11 02:31 - 2014-06-23 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2014-09-11 02:07 - 2014-06-23 19:06 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Xfire 2014-09-11 02:06 - 2014-06-23 22:22 - 00000000 ____D () C:\Users\Main\AppData\Roaming\TS3Client 2014-09-10 23:03 - 2009-07-13 23:45 - 00025632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-10 23:03 - 2009-07-13 23:45 - 00025632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-10 22:58 - 2014-06-18 13:50 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log 2014-09-10 22:56 - 2014-09-07 10:25 - 00000526 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0814avt.job 2014-09-10 22:56 - 2014-09-07 10:25 - 00000392 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0814avt_DELETE.job 2014-09-10 22:56 - 2014-08-31 06:09 - 00000514 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0614t.job 2014-09-10 22:56 - 2014-08-31 06:09 - 00000384 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0614t_DELETE.job 2014-09-10 22:55 - 2014-08-29 17:03 - 00000000 ____D () C:\ProgramData\AVG2014 2014-09-10 22:55 - 2014-08-29 16:59 - 00000000 ____D () C:\ProgramData\MFAData 2014-09-10 22:55 - 2014-06-18 13:53 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-10 22:55 - 2010-11-20 22:47 - 00089028 _____ () C:\Windows\PFRO.log 2014-09-10 22:55 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-10 22:53 - 2014-06-24 20:27 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-09-10 21:08 - 2014-09-10 21:08 - 00000000 ____D () C:\Users\Main\AppData\Roaming\AVAST Software 2014-09-10 21:07 - 2014-09-10 21:07 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-09-10 21:07 - 2014-09-10 21:07 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-09-10 21:07 - 2014-09-10 21:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-09-10 21:07 - 2014-09-10 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-10 21:06 - 2014-09-10 21:06 - 00000000 ____D () C:\Program Files\AVAST Software 2014-09-10 21:06 - 2014-09-10 21:05 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-10 20:58 - 2014-09-02 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-10 20:23 - 2014-08-02 19:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-10 20:22 - 2014-09-10 20:22 - 00000000 ____D () C:\Users\Main\Desktop\Old Firefox Data 2014-09-10 07:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-09-10 04:03 - 2014-09-10 03:50 - 00000000 ____D () C:\Program Files\Adblock Plus for IE 2014-09-10 03:50 - 2014-06-18 13:43 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-10 03:07 - 2014-09-10 03:07 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-10 03:07 - 2014-09-10 03:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-10 02:40 - 2014-09-10 02:40 - 00000000 ____D () C:\Windows\ERUNT 2014-09-10 02:21 - 2009-07-14 00:13 - 00783114 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-10 02:15 - 2014-06-30 07:44 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager 2014-09-10 02:13 - 2014-08-29 19:48 - 00000000 ____D () C:\AdwCleaner 2014-09-10 01:55 - 2014-08-29 18:51 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-10 01:55 - 2014-06-18 13:42 - 00775352 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-10 01:49 - 2013-06-17 13:10 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-10 00:25 - 2014-06-30 07:44 - 00000000 ____D () C:\Users\Main\AppData\Roaming\IDM 2014-09-10 00:23 - 2014-06-30 07:44 - 00000000 ____D () C:\Users\Main\AppData\Roaming\DMCache 2014-09-09 22:31 - 2014-09-09 22:31 - 00000000 ____D () C:\Users\Main\Documents\Razer 2014-09-09 22:31 - 2014-09-09 22:31 - 00000000 ____D () C:\Users\Main\AppData\Local\Razer_Inc 2014-09-09 22:22 - 2014-08-28 16:52 - 00000000 ____D () C:\Users\Main\AppData\Local\Olngics 2014-09-09 21:46 - 2014-06-28 07:01 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-09-09 21:46 - 2014-06-23 22:14 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-09-09 21:24 - 2014-08-28 16:52 - 00000000 ____D () C:\Users\Main\AppData\Local\Ohwqics 2014-09-09 07:58 - 2014-06-24 17:59 - 00000000 ____D () C:\Users\Main\AppData\Roaming\OBS 2014-09-09 06:21 - 2014-06-23 22:14 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-09-09 05:45 - 2014-08-09 02:37 - 00000000 ____D () C:\Users\Main\Desktop\Call of Duty 2 2014-09-09 04:35 - 2014-06-23 19:05 - 00000000 ____D () C:\ProgramData\Xfire 2014-09-09 04:29 - 2014-08-15 00:49 - 00000000 ____D () C:\Users\Main\Desktop\Counter-strike Global Offensive 2014-09-09 00:15 - 2014-06-24 17:58 - 00000000 ____D () C:\Program Files\OBS 2014-09-08 15:52 - 2014-09-08 15:32 - 00000000 ____D () C:\Windows\pss 2014-09-08 15:08 - 2014-09-08 11:12 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Eceqyf 2014-09-07 10:25 - 2014-09-07 10:25 - 00002894 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt_DELETE 2014-09-07 10:25 - 2014-09-07 10:25 - 00002820 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt 2014-09-07 10:25 - 2014-09-07 10:25 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Avg_Update_0814avt 2014-09-07 10:25 - 2014-09-06 23:24 - 00000000 ____D () C:\ProgramData\Avg_Update_0814avt 2014-09-06 16:13 - 2014-09-06 16:13 - 716290897 _____ () C:\Windows\MEMORY.DMP 2014-09-06 16:13 - 2014-09-06 16:13 - 00298640 _____ () C:\Windows\Minidump\090614-22432-01.dmp 2014-09-06 16:13 - 2014-09-06 16:13 - 00000000 ____D () C:\Windows\Minidump 2014-09-05 20:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SchCache 2014-09-05 03:42 - 2014-06-23 20:42 - 00000000 ____D () C:\ProgramData\Origin 2014-09-03 19:46 - 2014-06-23 20:42 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-02 21:17 - 2014-09-02 21:17 - 00000000 ____D () C:\_OTL 2014-09-02 20:46 - 2014-08-02 19:46 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-02 01:45 - 2014-08-01 15:15 - 00000000 ____D () C:\Users\Main\Desktop\oom 2014-09-02 00:38 - 2014-09-02 00:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-02 00:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Web 2014-09-01 22:19 - 2014-06-23 20:41 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-09-01 21:17 - 2014-09-01 21:17 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Ynisehk 2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\ProgramData\Auslogics 2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics 2014-09-01 20:39 - 2014-09-01 20:39 - 00000000 __SHD () C:\Users\Main\AppData\Local\EmieUserList 2014-09-01 20:39 - 2014-09-01 20:39 - 00000000 __SHD () C:\Users\Main\AppData\Local\EmieSiteList 2014-09-01 20:02 - 2014-08-28 17:07 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt 2014-09-01 10:27 - 2014-09-01 10:27 - 00000146 _____ () C:\Users\Main\Desktop\NVIDIA Control Panel - Shortcut.lnk 2014-08-31 23:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-31 20:31 - 2014-07-10 11:20 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-31 20:29 - 2014-08-31 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-31 20:29 - 2014-08-31 20:28 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log 2014-08-31 20:29 - 2014-07-10 11:19 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-31 20:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-31 07:30 - 2014-08-31 02:47 - 732096230 _____ () C:\Users\Main\Desktop\narnar_wreckedanusdeepbarebacking-HD-001-by-am.mp4 2014-08-31 06:09 - 2014-08-31 06:09 - 00002886 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t_DELETE 2014-08-31 06:09 - 2014-08-31 06:09 - 00002808 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t 2014-08-31 06:09 - 2014-08-31 06:09 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Avg_Update_0614t 2014-08-31 06:09 - 2014-08-30 19:08 - 00000000 ____D () C:\ProgramData\Avg_Update_0614t 2014-08-29 19:54 - 2014-08-29 19:54 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView 2014-08-29 19:54 - 2014-08-29 19:54 - 00000000 ____D () C:\Program Files (x86)\NirSoft 2014-08-29 19:37 - 2014-08-29 18:54 - 00287794 _____ () C:\Windows\msxml4-KB973688-enu.LOG 2014-08-29 19:37 - 2014-08-29 18:50 - 00291890 _____ () C:\Windows\msxml4-KB954430-enu.LOG 2014-08-29 19:36 - 2014-08-29 19:36 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-08-29 19:32 - 2014-06-23 16:06 - 00001417 _____ () C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-29 19:30 - 2009-07-13 23:45 - 00430928 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 19:27 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-08-29 19:27 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-08-29 19:05 - 2014-08-29 19:01 - 00009020 _____ () C:\Windows\IE11_main.log 2014-08-29 19:03 - 2014-08-29 19:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-08-29 19:03 - 2014-08-29 19:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-08-29 19:03 - 2014-08-29 19:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-08-29 19:03 - 2014-08-29 19:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-08-29 19:03 - 2014-08-29 19:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-08-29 19:03 - 2014-08-29 19:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-08-29 19:03 - 2014-08-29 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-08-29 19:03 - 2014-08-29 19:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-08-29 19:03 - 2014-08-29 19:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-08-29 19:02 - 2014-08-29 19:02 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-08-29 19:02 - 2014-08-29 19:02 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-08-29 19:02 - 2014-08-29 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-08-29 19:02 - 2014-08-29 19:02 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-08-29 19:02 - 2014-08-29 19:02 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2014-08-29 19:02 - 2014-08-29 19:02 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2014-08-29 19:01 - 2014-08-29 19:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-08-29 19:01 - 2014-08-29 19:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2014-08-29 17:14 - 2014-07-07 15:01 - 00007602 _____ () C:\Users\Main\AppData\Local\Resmon.ResmonCfg 2014-08-29 17:03 - 2014-08-29 17:03 - 00000000 ____D () C:\Users\Main\AppData\Roaming\TuneUp Software 2014-08-29 16:59 - 2014-08-29 16:59 - 00000000 ____D () C:\Users\Main\AppData\Local\MFAData 2014-08-29 16:50 - 2014-08-28 17:23 - 00000591 _____ () C:\ProgramData\@system2.att 2014-08-29 16:50 - 2014-08-28 17:23 - 00000591 _____ () C:\ProgramData\@system.att 2014-08-28 20:44 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\TAPI 2014-08-28 17:22 - 2014-08-28 17:22 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp 2014-08-27 19:26 - 2014-06-18 13:51 - 00150901 _____ () C:\Windows\DirectX.log 2014-08-27 01:56 - 2014-08-27 01:56 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper 2014-08-27 01:15 - 2014-07-05 20:25 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Skype 2014-08-26 11:43 - 2014-08-26 11:43 - 00000113 _____ () C:\Users\Main\Desktop\frc angela.txt 2014-08-26 01:38 - 2014-07-18 15:07 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Screaming Bee 2014-08-26 01:38 - 2014-07-18 15:04 - 00000000 ____D () C:\ProgramData\Screaming Bee 2014-08-26 01:38 - 2014-07-18 15:04 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee 2014-08-22 21:07 - 2014-08-29 18:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-22 20:45 - 2014-08-29 18:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-22 19:59 - 2014-08-29 18:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-20 22:37 - 2014-08-20 22:37 - 00156328 _____ (Razer Inc) C:\Windows\system32\Drivers\rzudd.sys 2014-08-19 13:05 - 2014-09-10 01:56 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-19 12:39 - 2014-09-10 01:56 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-18 18:01 - 2014-09-10 01:56 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-18 17:29 - 2014-09-10 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-18 17:29 - 2014-09-10 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-18 17:26 - 2014-09-10 01:56 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-18 17:20 - 2014-09-10 01:56 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-18 17:19 - 2014-09-10 01:56 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-18 17:15 - 2014-09-10 01:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-18 17:15 - 2014-09-10 01:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-18 17:14 - 2014-09-10 01:56 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-18 17:14 - 2014-09-10 01:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-18 17:08 - 2014-09-10 01:56 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-18 17:08 - 2014-09-10 01:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-18 17:08 - 2014-09-10 01:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-18 17:05 - 2014-09-10 01:56 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-18 17:03 - 2014-09-10 01:56 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-18 17:03 - 2014-09-10 01:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-18 17:03 - 2014-09-10 01:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-18 16:57 - 2014-09-10 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-18 16:56 - 2014-09-10 01:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-18 16:51 - 2014-09-10 01:56 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-18 16:46 - 2014-09-10 01:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-18 16:45 - 2014-09-10 01:56 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-18 16:45 - 2014-09-10 01:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-18 16:44 - 2014-09-10 01:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-18 16:44 - 2014-09-10 01:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-18 16:42 - 2014-09-10 01:56 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-18 16:40 - 2014-09-10 01:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-18 16:39 - 2014-09-10 01:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-18 16:39 - 2014-09-10 01:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-18 16:39 - 2014-09-10 01:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-18 16:38 - 2014-09-10 01:56 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-18 16:37 - 2014-09-10 01:56 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-18 16:36 - 2014-09-10 01:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-18 16:35 - 2014-09-10 01:56 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-18 16:27 - 2014-09-10 01:56 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-18 16:25 - 2014-09-10 01:56 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-18 16:25 - 2014-09-10 01:56 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-18 16:23 - 2014-09-10 01:56 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-18 16:23 - 2014-09-10 01:56 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-18 16:22 - 2014-09-10 01:56 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-18 16:19 - 2014-09-10 01:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-18 16:17 - 2014-09-10 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-18 16:17 - 2014-09-10 01:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-18 16:16 - 2014-09-10 01:56 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-18 16:15 - 2014-09-10 01:56 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-18 16:15 - 2014-09-10 01:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-18 16:09 - 2014-09-10 01:56 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-18 16:08 - 2014-09-10 01:56 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-18 16:07 - 2014-09-10 01:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-18 15:55 - 2014-09-10 01:56 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-18 15:46 - 2014-09-10 01:56 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-18 15:38 - 2014-09-10 01:56 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-18 15:38 - 2014-09-10 01:56 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-18 15:36 - 2014-09-10 01:56 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 11:47 - 2014-06-24 16:18 - 00000000 ____D () C:\Users\Main\AppData\Local\PunkBuster Some content of TEMP: ==================== C:\Users\Main\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Main\AppData\Local\Temp\Quarantine.exe C:\Users\Main\AppData\Local\Temp\tmp1b9ed42e.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-06 09:55 ==================== End Of Log ============================ RogueKiller V9.2.10.0 [Jul 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Main [Admin rights] Mode : Scan -- Date : 09/12/2014 02:35:16 ¤¤¤ Bad processes : 2 ¤¤¤ [suspicious.Path] rubyw.exe -- C:\Users\Main\AppData\Local\Temp\ocr5105.tmp\bin\rubyw.exe[-] -> KILLED [TermProc] [suspicious.Path] rubyw.exe -- C:\Users\Main\AppData\Local\Temp\ocr5568.tmp\bin\rubyw.exe[-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 36 ¤¤¤ [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0814avt : C:\Users\Main\AppData\Roaming\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe /PROMPT /mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53 /CMPID=0814avt -> FOUND [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0614t : C:\Users\Main\AppData\Roaming\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe /PROMPT /mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53 /CMPID=0614t -> FOUND [suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ohwqics : regsvr32.exe C:\Users\Main\AppData\Local\Ohwqics\siftDLL.dll -> FOUND [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0814avt : C:\Users\Main\AppData\Roaming\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe /PROMPT /mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53 /CMPID=0814avt -> FOUND [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | AVG-Secure-Search-Update_0614t : C:\Users\Main\AppData\Roaming\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe /PROMPT /mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53 /CMPID=0614t -> FOUND [suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Run | Ohwqics : regsvr32.exe C:\Users\Main\AppData\Local\Ohwqics\siftDLL.dll -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gdrv (\??\C:\Windows\gdrv.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gdrv (\??\C:\Windows\gdrv.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\gdrv (\??\C:\Windows\gdrv.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GPUZ (\??\C:\Windows\TEMP\GPUZ.sys) -> FOUND [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\RzMaelstromVADStreamingService () -> FOUND [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49943;https=127.0.0.1:49943 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49943;https=127.0.0.1:49943 -> FOUND [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49943;https=127.0.0.1:49943 -> FOUND [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:49943;https=127.0.0.1:49943 -> FOUND [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{92DA20C8-012D-48EE-8F8A-A9D8A1E728FF} | DhcpNameServer : 209.222.18.222 209.222.18.218 -> FOUND [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{92DA20C8-012D-48EE-8F8A-A9D8A1E728FF} | DhcpNameServer : 209.222.18.222 209.222.18.218 -> FOUND [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{92DA20C8-012D-48EE-8F8A-A9D8A1E728FF} | DhcpNameServer : 209.222.18.222 209.222.18.218 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND [PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> FOUND [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> FOUND [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1572626095-2694189744-3355439159-1000\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> FOUND ¤¤¤ Scheduled tasks : 8 ¤¤¤ [suspicious.Path] AVG_SYS_TASK_0614t.job -- C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe ( --TASK_START_SYS --CMPID=0614t --mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53) -> FOUND [suspicious.Path] AVG_SYS_TASK_0614t_DELETE.job -- C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe ( /DELETE_FROM_SYSTEM=1) -> FOUND [suspicious.Path] AVG_SYS_TASK_0814avt.job -- C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe ( --TASK_START_SYS --CMPID=0814avt --mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53) -> FOUND [suspicious.Path] AVG_SYS_TASK_0814avt_DELETE.job -- C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe ( /DELETE_FROM_SYSTEM=1) -> FOUND [suspicious.Path] \\AVG_SYS_TASK_0614t -- C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe (--TASK_START_SYS --CMPID=0614t --mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53) -> FOUND [suspicious.Path] \\AVG_SYS_TASK_0614t_DELETE -- C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe (/DELETE_FROM_SYSTEM=1) -> FOUND [suspicious.Path] \\AVG_SYS_TASK_0814avt -- C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe (--TASK_START_SYS --CMPID=0814avt --mid=14c40f7e61da47d2a0f6a59d735378e2-fe46cae6a6cdbb31590cfce24f630f978c5ebb53) -> FOUND [suspicious.Path] \\AVG_SYS_TASK_0814avt_DELETE -- C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe (/DELETE_FROM_SYSTEM=1) -> FOUND ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 2 ¤¤¤ [C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost [C:\Windows\System32\drivers\etc\hosts] ::1 localhost ¤¤¤ Antirootkit : 5 (Driver: NOT LOADED [0xc000036b]) ¤¤¤ [EAT:Addr] (iexplore.exe) nvSCPAPI.dll - DllCanUnloadNow : C:\Windows\SysWOW64\Dxtrans.dll @ 0x6cd521ee [EAT:Addr] (iexplore.exe) nvSCPAPI.dll - DllEnumClassObjects : C:\Windows\SysWOW64\Dxtrans.dll @ 0x6cd61e66 [EAT:Addr] (iexplore.exe) nvSCPAPI.dll - DllGetClassObject : C:\Windows\SysWOW64\Dxtrans.dll @ 0x6cd53e77 [EAT:Addr] (iexplore.exe) nvSCPAPI.dll - DllRegisterServer : C:\Windows\SysWOW64\Dxtrans.dll @ 0x6cd5cfd4 [EAT:Addr] (iexplore.exe) nvSCPAPI.dll - DllUnregisterServer : C:\Windows\SysWOW64\Dxtrans.dll @ 0x6cd5cfd4 ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: WDC WD1003FZEX-00MK2 SCSI Disk Device +++++ --- User --- [MBR] 0086f36f0b7bc8b257f89fc226376c3d [bSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB User = LL1 ... OK User = LL2 ... OK
-
Kevin, thanks for your help. I appreciate it. I've attached the addition.txt Addition.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014Ran by Main (administrator) on MAIN-CYBER on 12-09-2014 02:27:47Running from C:\Users\Main\DesktopPlatform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Intel Corporation) C:\Windows\System32\igfxCUIService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe() C:\ProgramData\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe() C:\ProgramData\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Microsoft Corporation) C:\Windows\System32\regsvr32.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe() C:\Windows\System32\PnkBstrA.exe(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Windows\System32\igfxHK.exe(Intel Corporation) C:\Windows\System32\igfxTray.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(Intel Corporation) C:\Windows\System32\igfxEM.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Program Files\pia_manager\pia_manager.exe(http://www.ruby-lang.org/) C:\Users\Main\AppData\Local\Temp\ocr5105.tmp\bin\rubyw.exe() C:\Program Files\pia_manager\pia_manager.exe(http://www.ruby-lang.org/) C:\Users\Main\AppData\Local\Temp\ocr5568.tmp\bin\rubyw.exe() C:\Program Files\pia_manager\pia_tray\pia_tray.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-08] (NVIDIA Corporation)HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-10] (AVAST Software)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\Run: [AVG-Secure-Search-Update_0814avt] => C:\Users\Main\AppData\Roaming\Avg_Update_0814avt\AVG-Secure-Search-Update_0814avt.exe [2774040 2014-08-19] ()HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\Run: [AVG-Secure-Search-Update_0614t] => C:\Users\Main\AppData\Roaming\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe [2726936 2014-07-03] ()HKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\Run: [Ohwqics] => regsvr32.exe C:\Users\Main\AppData\Local\Ohwqics\siftDLL.dll <===== ATTENTIONHKU\S-1-5-21-1572626095-2694189744-3355439159-1000\...\MountPoints2: {45cc0743-fb19-11e3-a198-74d435b79111} - E:\autorun.exeStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnkShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A780A24278FCF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USSearchScopes: HKCU - {7E4146AD-5302-4257-B4E0-920F6A375A85} URL = https://www.google.com/search?q={searchTerms}SearchScopes: HKCU - {C55A0156-8E58-4997-92EB-2ECA8591D050} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1Tcpip\..\Interfaces\{0B1827B3-DBD7-4990-B608-70EDBFFD4C53}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8Tcpip\..\Interfaces\{92DA20C8-012D-48EE-8F8A-A9D8A1E728FF}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8 FireFox:========FF ProfilePath: C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\x9jmgwv9.default-1410398568131FF Homepage: https://www.google.com/FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll No FileFF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Extension: PlainOldFavorites - C:\Users\Main\AppData\Roaming\Mozilla\Firefox\Profiles\x9jmgwv9.default-1410398568131\Extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37} [2014-09-10]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-02]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-10] Chrome: =======CHR Profile: C:\Users\Main\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-11]CHR Extension: (Google Docs) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-11]CHR Extension: (Google Drive) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-11]CHR Extension: (YouTube) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-11]CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-11]CHR Extension: (Google Search) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-11]CHR Extension: (Google Sheets) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-11]CHR Extension: (Google Wallet) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-11]CHR Extension: (Gmail) - C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-11]CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx []CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-10] (AVAST Software)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-08] (Intel Corporation)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-08] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-08] (NVIDIA Corporation)R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-06-30] ()R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-29] ()R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-10] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-10] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-10] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-10] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-10] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-10] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-10] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-10] ()R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-23] (Disc Soft Ltd)R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)S3 hidusbf; C:\Windows\System32\DRIVERS\hidusbf.sys [6784 2014-06-23] (SweetLow) [File not signed]R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-08] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]S3 gdrv; \??\C:\Windows\gdrv.sys [X]S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-12 02:27 - 2014-09-12 02:28 - 00020421 _____ () C:\Users\Main\Desktop\FRST.txt2014-09-12 02:27 - 2014-09-12 02:27 - 00000000 ____D () C:\FRST2014-09-12 02:26 - 2014-09-12 02:26 - 04859480 _____ () C:\Users\Main\Desktop\RogueKiller.exe2014-09-12 02:25 - 2014-09-12 02:25 - 02105856 _____ (Farbar) C:\Users\Main\Desktop\FRST64.exe2014-09-11 16:05 - 2014-09-11 16:05 - 00000095 _____ () C:\Users\Main\Desktop\va info.txt2014-09-11 03:51 - 2014-09-12 01:56 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-09-11 03:51 - 2014-09-11 03:56 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-09-11 03:51 - 2014-09-11 03:51 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-09-11 03:51 - 2014-09-11 03:51 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-09-11 03:51 - 2014-09-11 03:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-09-10 21:08 - 2014-09-10 21:08 - 00000000 ____D () C:\Users\Main\AppData\Roaming\AVAST Software2014-09-10 21:07 - 2014-09-12 02:08 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2014-09-10 21:07 - 2014-09-10 21:07 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-09-10 21:07 - 2014-09-10 21:07 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-09-10 21:07 - 2014-09-10 21:07 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys2014-09-10 21:07 - 2014-09-10 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast2014-09-10 21:06 - 2014-09-10 21:06 - 00000000 ____D () C:\Program Files\AVAST Software2014-09-10 21:05 - 2014-09-10 21:06 - 00000000 ____D () C:\ProgramData\AVAST Software2014-09-10 20:36 - 2014-09-12 02:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-09-10 20:36 - 2014-09-11 02:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-09-10 20:36 - 2014-09-11 02:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-09-10 20:36 - 2014-09-11 02:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-09-10 20:22 - 2014-09-10 20:22 - 00000000 ____D () C:\Users\Main\Desktop\Old Firefox Data2014-09-10 03:50 - 2014-09-10 04:03 - 00000000 ____D () C:\Program Files\Adblock Plus for IE2014-09-10 03:07 - 2014-09-10 03:07 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2014-09-10 03:07 - 2014-09-10 03:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-09-10 02:40 - 2014-09-10 02:40 - 00000000 ____D () C:\Windows\ERUNT2014-09-10 01:56 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-09-10 01:56 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-09-10 01:56 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-09-10 01:56 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-09-10 01:56 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-09-10 01:56 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-09-10 01:56 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-09-10 01:56 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-09-10 01:56 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-09-10 01:56 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-09-10 01:56 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-09-10 01:56 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-09-10 01:56 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-09-10 01:56 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-09-10 01:56 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-09-10 01:56 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-09-10 01:56 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-09-10 01:56 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-09-10 01:56 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-09-10 01:56 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-09-10 01:56 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-09-10 01:56 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-09-10 01:56 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-09-10 01:56 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-09-10 01:56 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-09-10 01:56 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-09-10 01:56 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-09-10 01:56 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-09-10 01:56 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-09-10 01:56 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-09-10 01:56 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-09-10 01:56 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-09-10 01:56 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-09-10 01:56 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-09-10 01:56 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-09-10 01:56 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-09-10 01:56 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-09-10 01:56 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-09-10 01:56 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-09-10 01:56 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-09-10 01:56 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-09-10 01:56 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-09-10 01:56 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-09-10 01:56 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-09-10 01:56 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-09-10 01:56 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-09-10 01:56 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-09-10 01:56 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-09-10 01:56 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-09-10 01:56 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-09-10 01:56 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-09-10 01:56 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-09-10 01:56 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-09-10 01:56 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-09-10 01:56 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-09-10 01:56 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-09-10 01:48 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-09-10 01:48 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-09-10 01:48 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-09-10 01:48 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-09-10 01:48 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-09-09 22:31 - 2014-09-09 22:31 - 00000000 ____D () C:\Users\Main\Documents\Razer2014-09-09 22:31 - 2014-09-09 22:31 - 00000000 ____D () C:\Users\Main\AppData\Local\Razer_Inc2014-09-08 15:32 - 2014-09-08 15:52 - 00000000 ____D () C:\Windows\pss2014-09-08 11:12 - 2014-09-08 15:08 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Eceqyf2014-09-07 10:25 - 2014-09-10 22:56 - 00000526 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0814avt.job2014-09-07 10:25 - 2014-09-10 22:56 - 00000392 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0814avt_DELETE.job2014-09-07 10:25 - 2014-09-07 10:25 - 00002894 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt_DELETE2014-09-07 10:25 - 2014-09-07 10:25 - 00002820 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0814avt2014-09-07 10:25 - 2014-09-07 10:25 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Avg_Update_0814avt2014-09-06 23:24 - 2014-09-07 10:25 - 00000000 ____D () C:\ProgramData\Avg_Update_0814avt2014-09-06 16:13 - 2014-09-06 16:13 - 716290897 _____ () C:\Windows\MEMORY.DMP2014-09-06 16:13 - 2014-09-06 16:13 - 00298640 _____ () C:\Windows\Minidump\090614-22432-01.dmp2014-09-06 16:13 - 2014-09-06 16:13 - 00000000 ____D () C:\Windows\Minidump2014-09-02 21:33 - 2014-09-10 20:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-09-02 21:17 - 2014-09-02 21:17 - 00000000 ____D () C:\_OTL2014-09-02 00:38 - 2014-09-11 02:32 - 00003018 _____ () C:\Windows\setupact.log2014-09-02 00:38 - 2014-09-02 00:38 - 00000000 _____ () C:\Windows\setuperr.log2014-09-01 21:17 - 2014-09-01 21:17 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Ynisehk2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\ProgramData\Auslogics2014-09-01 21:01 - 2014-09-01 21:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics2014-09-01 20:39 - 2014-09-01 20:39 - 00000000 __SHD () C:\Users\Main\AppData\Local\EmieUserList2014-09-01 20:39 - 2014-09-01 20:39 - 00000000 __SHD () C:\Users\Main\AppData\Local\EmieSiteList2014-09-01 10:27 - 2014-09-01 10:27 - 00000146 _____ () C:\Users\Main\Desktop\NVIDIA Control Panel - Shortcut.lnk2014-08-31 20:29 - 2014-08-31 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-08-31 20:29 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2014-08-31 20:29 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2014-08-31 20:29 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2014-08-31 20:29 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2014-08-31 20:28 - 2014-08-31 20:29 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log2014-08-31 06:09 - 2014-09-10 22:56 - 00000514 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0614t.job2014-08-31 06:09 - 2014-09-10 22:56 - 00000384 _____ () C:\Windows\Tasks\AVG_SYS_TASK_0614t_DELETE.job2014-08-31 06:09 - 2014-08-31 06:09 - 00002886 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t_DELETE2014-08-31 06:09 - 2014-08-31 06:09 - 00002808 _____ () C:\Windows\System32\Tasks\AVG_SYS_TASK_0614t2014-08-31 06:09 - 2014-08-31 06:09 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Avg_Update_0614t2014-08-30 19:08 - 2014-08-31 06:09 - 00000000 ____D () C:\ProgramData\Avg_Update_0614t2014-08-29 19:54 - 2014-08-29 19:54 - 00000000 ____D () C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView2014-08-29 19:54 - 2014-08-29 19:54 - 00000000 ____D () C:\Program Files (x86)\NirSoft2014-08-29 19:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-08-29 19:48 - 2014-09-10 02:13 - 00000000 ____D () C:\AdwCleaner2014-08-29 19:36 - 2014-08-29 19:36 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.02014-08-29 19:03 - 2014-08-29 19:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2014-08-29 19:03 - 2014-08-29 19:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2014-08-29 19:03 - 2014-08-29 19:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2014-08-29 19:03 - 2014-08-29 19:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2014-08-29 19:03 - 2014-08-29 19:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2014-08-29 19:03 - 2014-08-29 19:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2014-08-29 19:03 - 2014-08-29 19:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2014-08-29 19:03 - 2014-08-29 19:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2014-08-29 19:03 - 2014-08-29 19:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2014-08-29 19:02 - 2014-08-29 19:02 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2014-08-29 19:02 - 2014-08-29 19:02 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2014-08-29 19:02 - 2014-08-29 19:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2014-08-29 19:02 - 2014-08-29 19:02 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2014-08-29 19:02 - 2014-08-29 19:02 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2014-08-29 19:02 - 2014-08-29 19:02 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2014-08-29 19:01 - 2014-08-29 19:05 - 00009020 _____ () C:\Windows\IE11_main.log2014-08-29 19:01 - 2014-08-29 19:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2014-08-29 19:01 - 2014-08-29 19:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2014-08-29 18:54 - 2014-08-29 19:37 - 00287794 _____ () C:\Windows\msxml4-KB973688-enu.LOG2014-08-29 18:51 - 2014-09-10 01:55 - 00000000 ____D () C:\Windows\system32\MRT2014-08-29 18:50 - 2014-08-29 19:37 - 00291890 _____ () C:\Windows\msxml4-KB954430-enu.LOG2014-08-29 18:41 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll2014-08-29 18:41 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll2014-08-29 18:41 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe2014-08-29 18:41 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe2014-08-29 18:41 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe2014-08-29 18:41 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll2014-08-29 18:41 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe2014-08-29 18:41 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll2014-08-29 18:40 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-08-29 18:40 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-08-29 18:40 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-08-29 18:40 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-08-29 18:40 - 2014-03-24 21:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-08-29 18:40 - 2014-03-24 21:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-08-29 18:40 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-08-29 18:40 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll2014-08-29 18:40 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-08-29 18:40 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll2014-08-29 18:40 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-08-29 18:40 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll2014-08-29 18:40 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll2014-08-29 18:40 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll2014-08-29 18:40 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll2014-08-29 18:40 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll2014-08-29 18:40 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2014-08-29 18:40 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2014-08-29 18:40 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll2014-08-29 18:40 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll2014-08-29 18:40 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-08-29 18:40 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-08-29 18:40 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-08-29 18:40 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys2014-08-29 18:40 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll2014-08-29 18:40 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2014-08-29 18:40 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2014-08-29 18:40 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2014-08-29 18:40 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2014-08-29 18:40 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2014-08-29 18:39 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2014-08-29 18:39 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2014-08-29 18:39 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2014-08-29 18:39 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2014-08-29 18:39 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-08-29 18:39 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2014-08-29 18:39 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll2014-08-29 18:39 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2014-08-29 18:39 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-08-29 18:39 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2014-08-29 18:39 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll2014-08-29 18:39 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2014-08-29 18:39 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-08-29 18:39 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-08-29 18:39 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-08-29 18:39 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-08-29 18:39 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-08-29 18:39 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-08-29 18:39 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-08-29 18:39 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-08-29 18:39 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-08-29 18:39 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-08-29 18:39 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll2014-08-29 18:39 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll2014-08-29 18:39 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2014-08-29 18:39 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2014-08-29 18:39 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll2014-08-29 18:39 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll2014-08-29 18:39 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2014-08-29 18:39 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2014-08-29 18:39 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2014-08-29 18:39 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys2014-08-29 18:39 - 2013-07-12 05:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2014-08-29 18:39 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2014-08-29 18:39 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2014-08-29 18:39 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2014-08-29 18:39 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2014-08-29 18:39 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2014-08-29 18:39 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2014-08-29 18:39 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2014-08-29 18:39 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2014-08-29 18:39 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2014-08-29 18:38 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2014-08-29 18:38 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2014-08-29 18:38 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-08-29 18:38 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2014-08-29 18:38 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-08-29 18:38 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2014-08-29 18:38 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2014-08-29 18:38 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2014-08-29 18:38 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2014-08-29 18:38 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2014-08-29 18:38 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2014-08-29 18:38 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2014-08-29 18:38 - 2014-03-04 04:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-08-29 18:38 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2014-08-29 18:38 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2014-08-29 18:38 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2014-08-29 18:38 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2014-08-29 18:38 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2014-08-29 18:38 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2014-08-29 18:38 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2014-08-29 18:38 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2014-08-29 18:38 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2014-08-29 18:38 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2014-08-29 18:38 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx2014-08-29 18:38 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll2014-08-29 18:38 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx2014-08-29 18:38 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll2014-08-29 18:38 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe2014-08-29 18:38 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe2014-08-29 18:38 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe2014-08-29 18:38 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe2014-08-29 18:38 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys2014-08-29 18:38 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys2014-08-29 18:38 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-08-29 18:38 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-08-29 18:38 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2014-08-29 18:38 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2014-08-29 18:38 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2014-08-29 18:38 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2014-08-29 18:38 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2014-08-29 18:38 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2014-08-29 18:38 - 2013-07-02 23:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys2014-08-29 18:38 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys2014-08-29 18:38 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2014-08-29 18:38 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys2014-08-29 18:38 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2014-08-29 18:38 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2014-08-29 18:38 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2014-08-29 18:38 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2014-08-29 18:38 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2014-08-29 18:38 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2014-08-29 18:38 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2014-08-29 18:38 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2014-08-29 18:38 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2014-08-29 18:38 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2014-08-29 18:35 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll2014-08-29 18:35 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL2014-08-29 18:35 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL2014-08-29 18:35 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll2014-08-29 18:35 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL2014-08-29 18:35 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll2014-08-29 18:35 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2014-08-29 18:33 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2014-08-29 18:33 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2014-08-29 18:29 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2014-08-29 18:29 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2014-08-29 18:29 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2014-08-29 18:29 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2014-08-29 18:29 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2014-08-29 18:29 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2014-08-29 18:29 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll2014-08-29 18:29 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2014-08-29 18:29 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2014-08-29 18:29 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2014-08-29 18:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2014-08-29 18:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2014-08-29 18:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2014-08-29 18:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2014-08-29 17:03 - 2014-09-10 22:55 - 00000000 ____D () C:\ProgramData\AVG20142014-08-29 17:03 - 2014-08-29 17:03 - 00000000 ____D () C:\Users\Main\AppData\Roaming\TuneUp Software2014-08-29 16:59 - 2014-09-10 22:55 - 00000000 ____D () C:\ProgramData\MFAData2014-08-29 16:59 - 2014-08-29 16:59 - 00000000 ____D () C:\Users\Main\AppData\Local\MFAData2014-08-28 17:23 - 2014-08-29 16:50 - 00000591 _____ () C:\ProgramData\@system2.att2014-08-28 17:23 - 2014-08-29 16:50 - 00000591 _____ () C:\ProgramData\@system.att2014-08-28 17:22 - 2014-08-28 17:22 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp2014-08-28 17:07 - 2014-09-01 20:02 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt2014-08-28 16:52 - 2014-09-09 22:22 - 00000000 ____D () C:\Users\Main\AppData\Local\Olngics2014-08-28 16:52 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Main\AppData\Local\Ohwqics2014-08-27 15:48 - 2014-09-11 02:42 - 00000000 ____D () C:\Users\Main\AppData\Local\Adobe2014-08-27 15:44 - 2014-09-11 03:51 - 00000000 ____D () C:\Users\Main\AppData\Local\Google2014-08-27 15:44 - 2014-09-11 03:51 - 00000000 ____D () C:\Program Files (x86)\Google2014-08-27 01:56 - 2014-08-27 01:56 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper2014-08-26 11:43 - 2014-08-26 11:43 - 00000113 _____ () C:\Users\Main\Desktop\frc angela.txt2014-08-20 22:37 - 2014-08-20 22:37 - 00156328 _____ (Razer Inc) C:\Windows\system32\Drivers\rzudd.sys2014-08-15 00:49 - 2014-09-09 04:29 - 00000000 ____D () C:\Users\Main\Desktop\Counter-strike Global Offensive
-
I keep getting multiple instances of iexplorer.exe without having explorer open. I am however using it to post this because in the last 3 days my firefox freezes anytime I open a site with flash. I am running Windows 7 64bit Firefox doesn't freeze when I have flash uninstalled, but I think it's related to multiple instances of iexplorer.exe because it started as well just a few days ago and I've had some other problems, but either malwarebytes or AVG fixed them. So far I've ran malwarebytes and AVG multiple times, uninstalled AVG and ran Avast once, started firefox in safe mode, reset firefox, uninstalled and reinstalled firefox, used adwarecleaner, junkware cleaner. I'm sure a few other things I can't remember doing. I just wanted to start this thread to start with a clean slate and post logs, because I don't know what to look for in them. Thanks in advance.