Jump to content

OHGODBEES

Members
 View Profile  See their activity

  • Posts

    15

  • Joined

  • Last visited

Reputation

0 Neutral
  1. OHGODBEES
    Sir, I thank you very much for your help and your consideration. I had a bit of a snag uninstalling the old version of Java and had to use JavaRa. In any case, it seemed to have worked and I installed the recommended version from Oracle. I've followed the rest of the steps and have bookmarked the websites you've directed me to. Again, thanks very much!
  2. OHGODBEES
    Great! Should I remove the files I downloaded? Can I just uninstall through Control Panel? Again, thanks very much for your assistance!
  3. OHGODBEES
    Fine...just did a restart and the AAM.exe Bad Image Error didn't come up. What do you think? Am I in the clear? Thanks.
  4. OHGODBEES
    Hi TwinHeadedEagle: Attached is the Fixlog.txt file from the FRST fix. Thanks. Fixlog.txt
  5. OHGODBEES
    Did you want me to repeat this step? Also, I did not touch the Windows Event Log settings. That was already set to "Automatic" when I was having issues with it. Do I need to set this service to "Automatic (Delayed Start)" or just leave it as is? Again, thank you for your help.
  6. OHGODBEES
    Also - it was always set to "Automatic" by the way. Not "Automatic (Delayed Start)" just "Automatic". The right-clicking and starting gave me the above error message.
  7. OHGODBEES
    Error message: "Windows could not start the Windows Event Log service on local computer. Error 1747: The authentication service is unknown." Don't understand why...it's a legal copy of Win 7 and I'm the only user that uses this machine so no other Admins (if that piece of info helps). Thank you.
  8. OHGODBEES
    Hi, TwinHeadedEagle: Not set to started. Thank you.
  9. OHGODBEES
    Okay, it just finished scanning the C: drive. I tried running "eventvwr.exe" and keep getting an error message stating: "Event log service is unavailable. Verify that the service is running." Unfortunately, I have no log to post from the scan. Also, I did not get the bad image error upon reboot this time. Again, thanks for your assistance and I will await your reply.
  10. OHGODBEES
    Okay...it's 10:30pm and my F: drive just finished it's scan: "No problems were found on the device or disk. It is ready to use." It did not create a log file. It said: "Unable to obtain a handle to the event log." I will now scan my C: drive as that is the Windows system disk. I will reply again when that is done. Thank you.
  11. OHGODBEES
    Hello, TwinHeadedEagle: CheckDisk is running on 1 out 2 of my drives. It's been going for an hour and a half and it's taking a long time (the progress bar is barely 1/4 of the way). It looks like I will have to let it run through the night (it's 9pm here). Just giving you a heads up that I'm doing it and there may be a delay in my reply. Thank you for understanding.
  12. OHGODBEES
    Unfortunately, I'm still getting the bad image notification on restart. It's always for the same file "AAM.exe", which I think might be associated with an Adobe program. That has only been popping up during reboots and hasn't popped up while the PC is in use. Not sure if this is malware or a virus since it keeps throwing an error for the same file, but from just searching around it sounds like "bad image" errors can be malware/virus? Thanks for all of your help so far. Do you have any idea what this might be?
  13. OHGODBEES
    I have run ComboFix in accordance with instructions provided. The log file is attached. Thank you! ComboFix.txt
  14. OHGODBEES
    Thank you for your reply, TwinHeadedEagle. I've followed the instructions and have attached the Fixlog.txt file generated by Farbar Recovery Scan and the FSS.txt file generated by Farbar Service Scan. Just an FYI - after running the Farbar Recovery Scan Tool (the 1st set of instructions), it prompted a system restart. So I did the restart and got the bad image error again from the "AAM.exe" file with the same message described in my first post. Not sure if you needed this tidbit of information, but I'm letting you know in case you do. Again, thank you for your assistance and for working with me. Fixlog.txt FSS.txt
  15. OHGODBEES
    Hello. I think I may have a problem. I have gotten random "Bad Image" errors (well, only 3-4 to be exact) upon restarting my system. The bad image error seems to choose a random ".exe" file and provide the following message: "system32/credssp.dll is either not designed to run on windows or contains an error." I only started experiencing this after trying to update Java...I got some spyware on my system, used Malware's free tool to remove it and also did 2 detailed scans with my current AV. So far, everything comes up clean and everything appears to be functioning fine, however; I'm left with a suspicious feeling it isn't due to these random "Bad Image" errors. Here are my logs: FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01 Ran by Amal (administrator) on MANTIX-PC (04-08-2015 21:10:52) Running from C:\Users\Amal\Downloads Loaded Profiles: Amal (Available Profiles: Amal) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Marvell) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe (HP) C:\Windows\System32\HPSIsvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obkagent.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.) HKLM\...\Run: [bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-06-30] (Bitdefender) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated) HKU\S-1-5-21-2807705827-489180472-413613274-1000\...\Run: [bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-06-18] (Bitdefender) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-08-03] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\Users\Amal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-08-03] ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2807705827-489180472-413613274-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2807705827-489180472-413613274-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2807705827-489180472-413613274-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-07-28] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-07-28] (Bitdefender) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{890EE7EC-5AA2-4C67-92A7-9F31C3633CC2}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Amal\AppData\Roaming\Mozilla\Firefox\Profiles\qh8esldv.default FF DefaultSearchEngine.US: Google FF SelectedSearchEngine: Vosteran FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll No File FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-07-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-07-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-12] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-12] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems) FF Extension: NoScript - C:\Users\Amal\AppData\Roaming\Mozilla\Firefox\Profiles\qh8esldv.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-03] FF Extension: Blazer Deals - C:\Users\Amal\AppData\Roaming\Mozilla\Firefox\Profiles\qh8esldv.default\Extensions\{8969b831-9d46-4cc8-8984-68b30af0c1a7}.xpi [2015-07-28] FF Extension: Adblock Plus - C:\Users\Amal\AppData\Roaming\Mozilla\Firefox\Profiles\qh8esldv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-28] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-08-01] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-08-01] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed] R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc) R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [355840 2009-11-18] (Marvell) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-14] (Electronic Arts) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-22] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1540744 2015-07-27] (Bitdefender) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] () R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-13] (Intel Corporation) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC) S3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-04 21:10 - 2015-08-04 21:10 - 02169856 _____ (Farbar) C:\Users\Amal\Downloads\FRST64.exe 2015-08-04 21:10 - 2015-08-04 21:10 - 00012797 _____ C:\Users\Amal\Downloads\FRST.txt 2015-08-04 21:10 - 2015-08-04 21:10 - 00000000 ____D C:\FRST 2015-08-03 19:11 - 2015-08-03 19:11 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Amal\Downloads\mbam-setup-2.1.8.1057.exe 2015-08-03 19:03 - 2015-08-03 19:47 - 00000000 ____D C:\Windows\pss 2015-08-02 03:00 - 2015-08-02 03:00 - 00000000 ____D C:\Windows\CheckSur 2015-08-01 11:44 - 2015-08-01 11:49 - 00000000 ____D C:\Users\Amal\AppData\Roaming\Bitdefender 2015-08-01 11:44 - 2015-08-01 11:44 - 00416250 _____ C:\ProgramData\1438443840.bdinstall.bin 2015-08-01 11:44 - 2015-08-01 11:44 - 00253404 ____H C:\bdr-ld01 2015-08-01 11:44 - 2015-08-01 11:44 - 00009216 ____H C:\bdr-ld01.mbr 2015-08-01 11:44 - 2015-08-01 11:44 - 00002122 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Plus 2015.lnk 2015-08-01 11:44 - 2015-08-01 11:44 - 00000684 ____H C:\bdr-cf01 2015-08-01 11:44 - 2015-08-01 11:44 - 00000385 _____ C:\Users\Amal\AppData\Roaminguser_gensett.xml 2015-08-01 11:44 - 2015-08-01 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 2015-08-01 11:44 - 2015-08-01 11:44 - 00000000 ____D C:\ProgramData\Bitdefender 2015-08-01 11:44 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys 2015-08-01 11:44 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2015-08-01 11:44 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2015-08-01 11:44 - 2015-05-27 17:02 - 49626058 ____H C:\bdr-im01.gz 2015-08-01 11:44 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2015-08-01 11:44 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2015-08-01 11:44 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01 2015-08-01 11:39 - 2015-08-01 11:39 - 02868456 _____ C:\Users\Amal\Downloads\bitdefender_antivirus(2).exe 2015-08-01 11:32 - 2015-08-01 11:32 - 00000385 _____ C:\Windows\system32\user_gensett.xml 2015-08-01 11:31 - 2015-08-04 21:07 - 00000000 ____D C:\ProgramData\BDLogging 2015-08-01 11:31 - 2015-08-01 11:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-08-01 11:31 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2015-08-01 11:29 - 2015-08-01 11:44 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-08-01 11:29 - 2015-08-01 11:44 - 00000000 ____D C:\Program Files\Bitdefender 2015-08-01 11:29 - 2015-08-01 11:29 - 02868456 _____ C:\Users\Amal\Downloads\bitdefender_antivirus(1).exe 2015-08-01 11:29 - 2015-08-01 11:29 - 00000000 ____D C:\Users\Amal\AppData\Roaming\QuickScan 2015-08-01 11:26 - 2015-08-01 11:26 - 02868456 _____ C:\Users\Amal\Downloads\bitdefender_antivirus.exe 2015-08-01 11:15 - 2015-08-01 11:15 - 00003632 ____N C:\bootsqm.dat 2015-07-28 22:31 - 2015-07-28 22:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-28 22:31 - 2015-07-28 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Java Runtime and Options 2015-07-28 22:31 - 2015-07-28 22:31 - 00000000 ____D C:\Program Files (x86)\Java Runtime and Options 2015-07-28 22:31 - 2015-07-28 22:31 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-28 22:25 - 2015-07-28 22:30 - 00000000 ____D C:\Program Files (x86)\CompuClever 2015-07-28 22:25 - 2015-07-28 22:29 - 00000000 ____D C:\Users\Amal\AppData\Local\Chromium 2015-07-28 22:25 - 2015-07-28 22:25 - 00000000 ____D C:\Users\Amal\AppData\Roaming\CompuClever 2015-07-28 19:18 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-28 19:18 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-28 19:18 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-28 19:18 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-28 19:18 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-28 19:18 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-28 19:18 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-28 19:18 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-21 22:39 - 2015-07-21 22:39 - 00000000 ____D C:\Users\Amal\AppData\Local\CEF 2015-07-20 21:07 - 2015-07-14 23:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-07-20 21:07 - 2015-07-14 23:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-20 21:07 - 2015-07-14 23:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-07-20 21:07 - 2015-07-14 23:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-07-20 21:07 - 2015-07-14 22:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-07-20 21:07 - 2015-07-14 22:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-20 21:07 - 2015-07-14 22:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-07-20 21:07 - 2015-07-14 22:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-07-20 21:07 - 2015-07-14 21:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-20 21:07 - 2015-07-14 21:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-15 22:37 - 2015-07-15 22:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-07-15 22:37 - 2015-07-15 22:37 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-07-15 22:35 - 2015-07-15 22:35 - 43221600 _____ (Oracle Corporation) C:\Users\Amal\Downloads\jre-8u51-windows-x64.exe 2015-07-15 22:35 - 2015-07-15 22:35 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-07-15 22:35 - 2015-07-15 22:35 - 00000000 ____D C:\Program Files\Java 2015-07-15 22:26 - 2015-07-09 13:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-15 22:26 - 2015-07-09 13:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-15 22:26 - 2015-07-09 13:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-15 22:26 - 2015-07-09 13:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-07-15 22:26 - 2015-07-09 13:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-15 22:26 - 2015-07-09 13:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-15 22:26 - 2015-07-09 13:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-15 22:26 - 2015-07-09 13:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-15 22:26 - 2015-07-09 13:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-15 22:26 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-15 22:26 - 2015-07-02 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-07-15 22:26 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-15 22:26 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-15 22:26 - 2015-07-02 16:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-15 22:26 - 2015-07-02 16:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-15 22:26 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-15 22:26 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-15 22:26 - 2015-07-02 16:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-15 22:26 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-15 22:26 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-15 22:26 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-15 22:26 - 2015-06-26 22:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-07-15 22:26 - 2015-06-26 22:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-15 22:26 - 2015-06-26 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-07-15 22:26 - 2015-06-26 21:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-15 22:26 - 2015-06-25 14:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-15 22:26 - 2015-06-25 13:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-15 22:26 - 2015-06-25 04:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 22:26 - 2015-06-20 16:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-07-15 22:26 - 2015-06-20 15:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-15 22:26 - 2015-06-20 15:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-15 22:26 - 2015-06-20 15:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-15 22:26 - 2015-06-20 15:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-07-15 22:26 - 2015-06-20 15:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-15 22:26 - 2015-06-20 15:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-15 22:26 - 2015-06-20 15:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-15 22:26 - 2015-06-20 15:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-15 22:26 - 2015-06-20 15:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-15 22:26 - 2015-06-20 15:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-07-15 22:26 - 2015-06-20 15:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-15 22:26 - 2015-06-20 15:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-15 22:26 - 2015-06-20 15:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-15 22:26 - 2015-06-20 15:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-15 22:26 - 2015-06-20 15:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-15 22:26 - 2015-06-20 15:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-15 22:26 - 2015-06-20 14:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-15 22:26 - 2015-06-20 14:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-15 22:26 - 2015-06-20 14:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-15 22:26 - 2015-06-20 14:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-15 22:26 - 2015-06-20 14:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-15 22:26 - 2015-06-20 14:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-15 22:26 - 2015-06-19 14:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-15 22:26 - 2015-06-19 14:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-07-15 22:26 - 2015-06-19 14:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-07-15 22:26 - 2015-06-19 14:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-15 22:26 - 2015-06-19 14:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-15 22:26 - 2015-06-19 14:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-07-15 22:26 - 2015-06-19 14:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-07-15 22:26 - 2015-06-19 14:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-15 22:26 - 2015-06-19 14:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-07-15 22:26 - 2015-06-19 14:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-07-15 22:26 - 2015-06-19 13:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-15 22:26 - 2015-06-19 13:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-15 22:26 - 2015-06-19 13:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-15 22:26 - 2015-06-19 13:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-15 22:26 - 2015-06-19 13:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-15 22:26 - 2015-06-19 13:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-15 22:26 - 2015-06-19 13:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-15 22:26 - 2015-06-19 13:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-15 22:26 - 2015-06-19 13:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-15 22:26 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 22:26 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 22:26 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 22:26 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 22:25 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 22:25 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 22:25 - 2015-07-01 16:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 22:25 - 2015-07-01 16:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-15 22:25 - 2015-07-01 16:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00729088 _____ C:\Windows\system32\kerberos.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-15 22:25 - 2015-07-01 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-15 22:25 - 2015-07-01 16:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-07-15 22:25 - 2015-07-01 16:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-15 22:25 - 2015-07-01 16:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-15 22:25 - 2015-07-01 16:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-15 22:25 - 2015-07-01 16:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-15 22:25 - 2015-07-01 16:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-15 22:25 - 2015-07-01 16:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-07-15 22:25 - 2015-07-01 16:30 - 00017408 _____ C:\Windows\SysWOW64\credssp.dll 2015-07-15 22:25 - 2015-07-01 16:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 22:25 - 2015-07-01 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-07-15 22:25 - 2015-07-01 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-07-15 22:25 - 2015-07-01 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-07-15 22:25 - 2015-07-01 16:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-07-15 22:25 - 2015-07-01 16:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-07-15 22:25 - 2015-07-01 15:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 22:25 - 2015-07-01 15:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 22:25 - 2015-07-01 15:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 22:25 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 22:25 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 22:25 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 22:25 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 22:25 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 22:25 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 22:25 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 22:25 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 22:25 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 22:25 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 22:25 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 22:25 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-15 22:25 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-15 22:25 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-15 22:25 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-15 22:25 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-15 22:25 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-07-15 22:25 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-07-15 22:25 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-07-15 22:25 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-07-08 22:01 - 2015-07-09 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-06 21:42 - 2015-07-06 21:42 - 00000747 _____ C:\Users\Amal\AppData\Roaming\Microsoft\Windows\Start Menu\SKSE.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-04 21:04 - 2014-12-28 23:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-04 20:21 - 2014-12-25 03:12 - 01069823 _____ C:\Windows\WindowsUpdate.log 2015-08-04 07:14 - 2009-07-14 00:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-04 07:14 - 2009-07-14 00:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-04 07:11 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-04 07:06 - 2014-12-25 03:41 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-04 07:06 - 2009-07-14 00:51 - 00039955 _____ C:\Windows\setupact.log 2015-08-03 19:27 - 2014-12-25 14:36 - 00000000 ____D C:\Users\Amal\AppData\Local\Adobe 2015-08-03 19:25 - 2010-11-20 23:47 - 00052818 _____ C:\Windows\PFRO.log 2015-08-03 19:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PLA 2015-08-03 19:12 - 2014-12-28 23:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-08-01 11:02 - 2015-01-23 21:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-30 19:39 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-29 00:01 - 2014-12-25 22:31 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-28 22:31 - 2015-01-01 05:20 - 00000000 ____D C:\ProgramData\Oracle 2015-07-28 22:27 - 2014-12-29 11:08 - 00000000 __SHD C:\Users\Amal\AppData\Local\EmieUserList 2015-07-28 22:27 - 2014-12-29 11:08 - 00000000 __SHD C:\Users\Amal\AppData\Local\EmieSiteList 2015-07-28 22:27 - 2014-12-29 11:08 - 00000000 __SHD C:\Users\Amal\AppData\Local\EmieBrowserModeList 2015-07-25 17:13 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-25 08:31 - 2014-12-25 03:36 - 00000000 ____D C:\Users\Amal\AppData\Local\Battle.net 2015-07-21 16:26 - 2009-07-14 00:45 - 00299392 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-18 08:24 - 2015-06-07 12:51 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-07-16 18:50 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2015-07-16 18:24 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-16 18:24 - 2014-12-25 22:31 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-16 18:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-16 00:02 - 2014-12-25 18:47 - 00000000 ____D C:\Windows\system32\MRT 2015-07-15 22:37 - 2015-03-13 20:35 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-15 22:37 - 2015-03-08 09:34 - 00000000 ____D C:\ProgramData\Adobe 2015-07-15 22:37 - 2015-03-08 09:34 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-07-15 22:34 - 2015-01-23 21:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-15 22:34 - 2014-12-25 14:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-15 22:34 - 2014-12-25 14:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-09 20:33 - 2014-12-25 06:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2014-12-28 23:03 - 2014-12-28 23:03 - 0007602 _____ () C:\Users\Amal\AppData\Local\Resmon.ResmonCfg 2015-08-01 11:44 - 2015-08-01 11:44 - 0416250 _____ () C:\ProgramData\1438443840.bdinstall.bin 2014-12-25 03:32 - 2014-12-25 03:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-13 19:15 ==================== End of log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01 Ran by Amal (2015-08-04 21:11:03) Running from C:\Users\Amal\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2807705827-489180472-413613274-500 - Administrator - Disabled) Amal (S-1-5-21-2807705827-489180472-413613274-1000 - Administrator - Enabled) => C:\Users\Amal Guest (S-1-5-21-2807705827-489180472-413613274-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.2.0.142 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts) Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - ) HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP) Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation) NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7233 - Realtek Semiconductor Corp.) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts) TERA (HKLM-x32\...\Steam App 323370) (Version: - En Masse Entertainment) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 21-07-2015 00:22:18 Windows Update 24-07-2015 22:27:04 Windows Update 28-07-2015 19:18:42 Windows Update 29-07-2015 00:01:29 Windows Update 01-08-2015 11:27:16 Windows Update 02-08-2015 03:00:11 Windows Update 02-08-2015 23:49:23 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1918A087-D2DA-453E-BEC7-58F5F0A444BE} - \Digital Sites No Task File <==== ATTENTION Task: {3726BE03-1FB4-4716-90F7-0D5F68A13626} - System32\Tasks\{4F8D7B18-BDD5-4B5A-8AB1-A380845EB3B2} => F:\Program Files (x86)\iTunes\iTunes.exe Task: {446B945F-817B-48F9-B4F8-E82644F11DBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {69AA4CB8-DBAD-4878-8201-2B5D1458A2F8} - System32\Tasks\AdobeAAMUpdater-1.0-Mantix-PC-Amal => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated) Task: {7F48D7C1-4F17-4D15-BD36-6A8C28A1E46C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9E3ABEAF-255E-40FE-8ADE-2F5A0492EE86} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-01 11:44 - 2015-04-22 16:55 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2015-08-01 11:44 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll 2015-08-01 11:44 - 2015-07-28 19:06 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2015-08-01 11:44 - 2015-07-21 15:39 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl 2015-08-01 11:44 - 2015-07-21 15:39 - 00743000 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl 2015-08-01 11:44 - 2015-07-21 15:39 - 02795272 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl 2015-08-01 11:44 - 2015-07-21 15:39 - 01414048 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl 2015-03-08 09:26 - 2012-09-29 13:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL 2015-03-08 09:26 - 2012-09-29 13:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL 2014-12-25 03:40 - 2014-12-13 04:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-12-25 03:30 - 2014-01-27 23:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2014-12-25 03:30 - 2014-04-24 02:29 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2015-02-11 15:13 - 2015-02-11 15:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-08-01 11:44 - 2015-06-25 11:06 - 00472080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdidntconp.dll 2015-08-01 11:44 - 2015-07-28 19:06 - 00188928 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\ui\bdidntconp.ui 2014-12-25 03:30 - 2015-08-04 07:06 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2014-12-25 03:30 - 2014-01-27 23:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2011-01-17 17:19 - 2015-01-24 14:39 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2015-08-01 11:44 - 2015-04-22 16:53 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll 2015-08-01 11:44 - 2015-05-12 15:48 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Amal\Downloads\bitdefender_antivirus(2).exe:BDU AlternateDataStreams: C:\Users\Amal\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Amal\Downloads\mbam-setup-2.1.8.1057.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2807705827-489180472-413613274-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Amal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{22D9A19E-2501-425F-899C-9AAA3ABEE75D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{0AFA3247-C4DC-4F76-B0B1-8D5B57272297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{2225A6AF-AC3E-4B6E-973C-DF831E09FB5D}] => (Allow) F:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{BCAEA032-32FB-4660-8FAF-22E5525C179F}] => (Allow) F:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{261031B9-40A0-4E4B-8C5F-17F102E8DAD7}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{804E922B-F436-40AD-9CF0-39D33713ED13}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{422E3B8F-E07C-4446-A31D-6950B9CC87CB}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{F6B874E3-1E8D-4A61-A76C-153C445BC1D8}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{EFB70F35-E22E-4D67-99C6-362C29557C62}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{9BD67133-EE17-4913-868C-27FBF1515EF6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{3716E58C-6555-4240-B484-B837BF419EE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8CC6FE38-FB42-492F-9BB6-2F5B7326DBA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{19736B8A-73BE-4586-89F3-C87E00ABB83E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D861DF6E-02DF-4FAD-A993-4DD6DCA128D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E49F8FE9-CB8A-4632-9EC6-E79FFAE4ECD1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{239E3DB9-CC70-4B7A-9BBF-0738D64F5D54}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{123FC9C7-650B-44B4-BFCD-73E190685E08}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{324E0A5A-4FF4-4716-842E-046285D6A284}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{F41095C2-0D6E-47F5-B658-A945995306A1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{15079C1C-661A-49E8-B8C5-1CB9659464DE}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{B9CB6834-79D4-4A19-9D5C-F96215231D7C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{07A4EC2B-E553-4166-9C43-F73FF9FA3291}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{C5CD4763-9B7D-4AC3-805A-00D8A3722225}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{900F66B7-3DFC-4A6A-A164-2139A938CE4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{3164304E-419F-488F-B018-F5F6B67DA7BF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{64486EFB-F246-4F04-8555-62B8037A900D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{695F8511-ECEC-4C92-8C92-F4DDD742BAC3}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe FirewallRules: [{4D87C1B8-0D96-465E-8A41-B83957C0506D}] => (Allow) F:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe FirewallRules: [{A2CCC575-8FC0-4716-9875-C506655BC2BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{6F5620FC-6E7D-4B7E-987A-F8F12750A2CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [TCP Query User{AEA34414-81AA-4512-9FFC-04B155BBD999}F:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) F:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [uDP Query User{9580475D-11F2-46A7-945B-83CF38C83C46}F:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) F:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{E3170711-757B-4843-8421-53B714188CF9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe FirewallRules: [{84BDF12F-5126-43E5-B926-03D2A0595AB7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Endless Legend\EndlessLegend.exe FirewallRules: [{F2EA1153-DAED-46A1-AA8B-EAB06A2C405A}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{1B466E40-1A98-473D-8241-13052E692380}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [TCP Query User{E939DC71-3211-4F10-810E-DF6439B0BBDC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [uDP Query User{9502CACB-4E45-4725-88D7-E38BAC9820F3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{908DCAAC-4E29-4400-BF24-A4CE894E0345}F:\games\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\games\starcraft ii\versions\base32283\sc2.exe FirewallRules: [uDP Query User{E29BE199-44D9-4648-89EF-4C58B2FA7DBB}F:\games\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\games\starcraft ii\versions\base32283\sc2.exe FirewallRules: [{17C9F424-65E4-4BD9-9437-96FFD36CFC7D}] => (Allow) F:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{A7D012CC-E643-46BE-BF25-1EC7B2EE2314}] => (Allow) F:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{8F5CA32E-86DD-4965-9AB0-9AA052AD151A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe FirewallRules: [{CB78C04D-0B7A-45DA-B11E-BFCE9D95F468}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe FirewallRules: [{5680681D-4DBC-4207-966C-65DF05E88177}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{19ABF1FE-B429-478F-ADB0-9761EA13560A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [uDP Query User{76FB6557-4B6C-4DF4-AB1D-F543125B581D}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [{B0971CDB-F1B4-4F72-9011-772E499028BD}] => (Allow) C:\Program Files (x86)\steam\steamapps\common\skyrim\CreationKit.exe FirewallRules: [{53511B39-E7F1-4EAB-9B31-EE540427B34E}] => (Allow) C:\Program Files (x86)\steam\steamapps\common\skyrim\CreationKit.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Could not start eventlog service, could not read events. The Windows Event Log service is starting. The Windows Event Log service could not be started. A system error has occurred. System error 1747 has occurred. The authentication service is unknown. ==================== Memory info =========================== Processor: Intel® Core i7-4790K CPU @ 4.00GHz Percentage of memory in use: 17% Total physical RAM: 16326.89 MB Available physical RAM: 13390.01 MB Total Virtual: 32651.99 MB Available Virtual: 29170.97 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:40.63 GB) NTFS Drive d: (Jun 19 2015) (CDROM) (Total:4.38 GB) (Free:3.91 GB) UDF Drive e: (System) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive f: (Windows) (Fixed) (Total:931.41 GB) (Free:348.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6F8D9573) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BE7B7FEE) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End of log ============================ Any assistance is appreciated! I will refrain from making any changes to my system as instructed and will await a reply within the next 48 hours. Thank you very much for your help. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.