Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014 Ran by marian (administrator) on DELL on 26-06-2014 08:23:04 Running from C:\Users\marian\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MSK\msksrver.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan\mcvsshld.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] () Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1 SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll () BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll () BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 204.255.24.106 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) ==================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [89600 2010-03-17] (Andrea Electronics Corporation) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] R2 mcmscsvc; C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [865832 2010-06-10] (McAfee, Inc.) R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [696848 2010-02-24] (McAfee, Inc.) R2 McProxy; C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-07-08] (McAfee, Inc.) R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [155456 2010-02-17] (McAfee, Inc.) R3 McSysmon; C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736 2010-02-17] (McAfee, Inc.) R2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [895696 2009-10-27] (McAfee, Inc.) R2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-10-02] (McAfee, Inc.) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe [244736 2010-03-17] (IDT, Inc.) R2 McNASvc; %CommonProgramFiles(x86)%\mcafee\mna\mcnasvc.exe [X] ==================== Drivers (Whitelisted) ==================== R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102472 2010-02-17] (McAfee, Inc.) S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [41032 2009-06-18] (McAfee, Inc.) R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [308296 2010-02-17] (McAfee, Inc.) S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.) R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.) R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2010-07-15] (McAfee, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-26 07:46 - 2014-06-26 07:46 - 00005556 _____ () C:\Users\marian\Desktop\AdwCleaner[S0].txt 2014-06-26 07:44 - 2014-06-26 07:45 - 00000000 ____D () C:\AdwCleaner 2014-06-26 07:42 - 2014-06-26 07:42 - 01342659 _____ () C:\Users\marian\Downloads\adwcleaner_3.213.exe 2014-06-25 22:15 - 2014-06-25 22:15 - 00002010 _____ () C:\Users\marian\Desktop\gmer.txt 2014-06-25 22:03 - 2014-06-25 22:03 - 00058256 _____ () C:\Users\marian\Desktop\Extras.Txt 2014-06-25 22:00 - 2014-06-25 22:00 - 00416918 _____ () C:\Users\marian\Desktop\OTL.Txt 2014-06-25 21:51 - 2014-06-25 21:51 - 00024623 _____ () C:\Users\marian\Desktop\Addition.txt 2014-06-25 21:50 - 2014-06-26 08:23 - 00009823 _____ () C:\Users\marian\Desktop\FRST.txt 2014-06-25 21:50 - 2014-06-26 08:23 - 00000000 ____D () C:\FRST 2014-06-25 21:49 - 2014-10-26 15:00 - 02082816 _____ (Farbar) C:\Users\marian\Desktop\FRST64.exe 2014-06-25 21:49 - 2014-10-26 15:00 - 00380416 _____ () C:\Users\marian\Desktop\su2wfrhd.exe 2014-06-25 21:49 - 2014-10-26 14:59 - 00602112 _____ (OldTimer Tools) C:\Users\marian\Desktop\OTL.exe 2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieUserList 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieSiteList 2014-06-25 18:54 - 2014-06-26 07:46 - 00099076 _____ () C:\windows\PFRO.log 2014-06-25 18:53 - 2014-06-25 18:53 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-06-25 18:22 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys 2014-06-25 18:22 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-06-25 18:22 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-06-25 18:22 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll 2014-06-25 18:22 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll 2014-06-25 18:22 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2014-06-25 18:22 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll 2014-06-25 18:22 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll 2014-06-25 18:22 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll 2014-06-25 18:22 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll 2014-06-25 18:22 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2014-06-25 18:22 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe 2014-06-25 18:22 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll 2014-06-25 18:22 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe 2014-06-25 18:22 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll 2014-06-25 18:22 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe 2014-06-25 18:22 - 2013-10-01 15:57 - 06578176 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2014-06-25 18:22 - 2013-10-01 15:55 - 05698048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2014-06-25 18:05 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-25 18:05 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys 2014-06-25 18:05 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll 2014-06-25 18:05 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpendp_winip.dll 2014-06-25 18:05 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\rdpendp_winip.dll 2014-06-25 18:05 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-25 17:53 - 2014-06-25 17:53 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Roxio Log Files 2014-06-25 17:52 - 2014-06-25 17:53 - 00000353 _____ () C:\windows\SynInst.log 2014-06-25 17:44 - 2014-06-08 04:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-25 17:44 - 2014-06-08 04:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-06-25 17:44 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-25 17:44 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-25 17:44 - 2014-05-30 05:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-06-25 17:44 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-25 17:44 - 2014-05-30 04:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-06-25 17:44 - 2014-05-30 04:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-25 17:44 - 2014-05-30 04:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-06-25 17:44 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-25 17:44 - 2014-05-30 04:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-25 17:44 - 2014-05-30 04:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-06-25 17:44 - 2014-05-30 04:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-06-25 17:44 - 2014-05-30 04:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-06-25 17:44 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-06-25 17:44 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-25 17:44 - 2014-05-30 04:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-06-25 17:44 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-25 17:44 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-25 17:44 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-25 17:44 - 2014-05-30 03:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-06-25 17:44 - 2014-05-30 03:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-25 17:44 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-25 17:44 - 2014-05-30 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-06-25 17:44 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-25 17:44 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-25 17:44 - 2014-05-30 03:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-06-25 17:44 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-25 17:44 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-25 17:44 - 2014-05-30 03:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-25 17:44 - 2014-05-30 03:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-25 17:44 - 2014-05-30 03:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-06-25 17:44 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-25 17:44 - 2014-05-30 03:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-06-25 17:44 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-06-25 17:44 - 2014-05-30 03:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-06-25 17:44 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-25 17:44 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-25 17:44 - 2014-05-30 03:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-25 17:44 - 2014-05-30 03:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-25 17:44 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-25 17:44 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-25 17:44 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-25 17:44 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-25 17:44 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-25 17:44 - 2014-05-30 02:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-06-25 17:44 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-25 17:44 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-25 17:44 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-25 17:44 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-25 17:44 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-25 17:44 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-25 17:44 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-06-25 17:44 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-06-25 17:44 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-25 17:44 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2014-06-25 17:44 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2014-06-25 17:44 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll 2014-06-25 17:43 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2014-06-25 17:43 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2014-06-25 17:43 - 2014-04-11 21:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2014-06-25 17:43 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2014-06-25 17:43 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2014-06-25 17:43 - 2014-04-11 21:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-06-25 17:43 - 2014-04-11 21:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-06-25 17:43 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2014-06-25 17:43 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2014-06-25 17:43 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2014-06-25 17:43 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2014-06-25 17:43 - 2014-03-04 04:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2014-06-25 17:43 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2014-06-25 17:43 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2014-06-25 17:43 - 2014-03-04 04:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2014-06-25 17:43 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2014-06-25 17:43 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2014-06-25 17:43 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2014-06-25 17:43 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2014-06-25 17:43 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2014-06-25 17:42 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2014-06-25 17:42 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-25 17:42 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2014-06-25 17:42 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2014-06-25 17:42 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2014-06-25 17:42 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-25 17:42 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2014-06-25 17:42 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2014-06-25 17:42 - 2014-03-24 21:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2014-06-25 17:42 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2014-06-25 17:42 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2014-06-25 17:41 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2014-06-25 17:41 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2014-06-25 17:41 - 2014-03-24 21:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2014-06-25 17:41 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2014-06-25 17:41 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2014-06-25 17:41 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2014-06-25 17:41 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2014-06-25 17:41 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll 2014-06-25 17:30 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-10-26 15:00 - 2014-06-25 21:49 - 02082816 _____ (Farbar) C:\Users\marian\Desktop\FRST64.exe 2014-10-26 15:00 - 2014-06-25 21:49 - 00380416 _____ () C:\Users\marian\Desktop\su2wfrhd.exe 2014-10-26 14:59 - 2014-06-25 21:49 - 00602112 _____ (OldTimer Tools) C:\Users\marian\Desktop\OTL.exe 2014-06-26 08:24 - 2014-06-25 21:50 - 00009823 _____ () C:\Users\marian\Desktop\FRST.txt 2014-06-26 08:23 - 2014-06-25 21:50 - 00000000 ____D () C:\FRST 2014-06-26 08:08 - 2009-07-13 23:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-26 08:08 - 2009-07-13 23:45 - 00013872 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-26 08:05 - 2009-07-14 00:13 - 00006222 _____ () C:\windows\system32\PerfStringBackup.INI 2014-06-26 08:04 - 2010-04-30 17:14 - 01564377 _____ () C:\windows\WindowsUpdate.log 2014-06-26 08:02 - 2010-06-27 11:41 - 00013507 _____ () C:\windows\system32\Config.MPF 2014-06-26 08:01 - 2013-10-31 14:59 - 00003156 _____ () C:\windows\setupact.log 2014-06-26 08:01 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-06-26 07:46 - 2014-06-26 07:46 - 00005556 _____ () C:\Users\marian\Desktop\AdwCleaner[S0].txt 2014-06-26 07:46 - 2014-06-25 18:54 - 00099076 _____ () C:\windows\PFRO.log 2014-06-26 07:45 - 2014-06-26 07:44 - 00000000 ____D () C:\AdwCleaner 2014-06-26 07:42 - 2014-06-26 07:42 - 01342659 _____ () C:\Users\marian\Downloads\adwcleaner_3.213.exe 2014-06-26 07:39 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF 2014-06-25 22:15 - 2014-06-25 22:15 - 00002010 _____ () C:\Users\marian\Desktop\gmer.txt 2014-06-25 22:03 - 2014-06-25 22:03 - 00058256 _____ () C:\Users\marian\Desktop\Extras.Txt 2014-06-25 22:00 - 2014-06-25 22:00 - 00416918 _____ () C:\Users\marian\Desktop\OTL.Txt 2014-06-25 21:51 - 2014-06-25 21:51 - 00024623 _____ () C:\Users\marian\Desktop\Addition.txt 2014-06-25 20:48 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache 2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieUserList 2014-06-25 19:29 - 2014-06-25 19:29 - 00000000 __SHD () C:\Users\marian\AppData\Local\EmieSiteList 2014-06-25 18:59 - 2010-06-27 11:40 - 00076312 _____ () C:\Users\marian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-25 18:57 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-25 18:55 - 2009-07-13 23:45 - 00324368 _____ () C:\windows\system32\FNTCACHE.DAT 2014-06-25 18:53 - 2014-06-25 18:53 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-06-25 18:53 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2014-06-25 18:03 - 2010-04-30 17:35 - 00000000 ____D () C:\ProgramData\WildTangent 2014-06-25 18:03 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-25 17:56 - 2011-02-19 15:23 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Philipp Winterberg 2014-06-25 17:53 - 2014-06-25 17:53 - 00000000 ____D () C:\Users\marian\AppData\Roaming\Roxio Log Files 2014-06-25 17:53 - 2014-06-25 17:52 - 00000353 _____ () C:\windows\SynInst.log 2014-06-25 17:49 - 2010-04-30 17:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-25 17:48 - 2010-11-27 13:49 - 00000000 ____D () C:\ProgramData\CyberLink 2014-06-25 17:44 - 2010-07-05 14:04 - 00000000 ____D () C:\ProgramData\Leapfrog 2014-06-25 17:44 - 2010-07-05 14:04 - 00000000 ____D () C:\Program Files (x86)\LeapFrog 2014-06-25 17:38 - 2010-04-30 17:46 - 00000000 ____D () C:\Program Files (x86)\Creative 2014-06-25 17:31 - 2011-02-03 20:43 - 00000000 ____D () C:\Users\marian\AppData\Local\Downloaded Installations 2014-06-25 17:31 - 2011-02-03 20:09 - 00000000 ____D () C:\ProgramData\Fisher-Price 2014-06-25 17:27 - 2010-04-30 17:44 - 00000000 ____D () C:\ProgramData\Cozi 2014-06-25 17:13 - 2010-06-27 13:39 - 00000000 ____D () C:\Users\marian\Tracing 2014-06-08 04:13 - 2014-06-25 17:44 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-08 04:08 - 2014-06-25 17:44 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-06-01 17:17 - 2012-07-18 18:23 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-05-30 05:21 - 2014-06-25 17:44 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-30 05:02 - 2014-06-25 17:44 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-30 05:02 - 2014-06-25 17:44 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-05-30 04:45 - 2014-06-25 17:44 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-05-30 04:39 - 2014-06-25 17:44 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-05-30 04:39 - 2014-06-25 17:44 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-05-30 04:38 - 2014-06-25 17:44 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-05-30 04:28 - 2014-06-25 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-05-30 04:27 - 2014-06-25 17:44 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-05-30 04:24 - 2014-06-25 17:44 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-05-30 04:21 - 2014-06-25 17:44 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-05-30 04:21 - 2014-06-25 17:44 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-05-30 04:20 - 2014-06-25 17:44 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-05-30 04:18 - 2014-06-25 17:44 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-05-30 04:11 - 2014-06-25 17:44 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-05-30 04:08 - 2014-06-25 17:44 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-05-30 04:06 - 2014-06-25 17:44 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-05-30 04:02 - 2014-06-25 17:44 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-05-30 03:55 - 2014-06-25 17:44 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 03:49 - 2014-06-25 17:44 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-05-30 03:46 - 2014-06-25 17:44 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-05-30 03:44 - 2014-06-25 17:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-05-30 03:44 - 2014-06-25 17:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-05-30 03:43 - 2014-06-25 17:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-05-30 03:42 - 2014-06-25 17:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-05-30 03:38 - 2014-06-25 17:44 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-05-30 03:35 - 2014-06-25 17:44 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-05-30 03:34 - 2014-06-25 17:44 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-05-30 03:33 - 2014-06-25 17:44 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-05-30 03:30 - 2014-06-25 17:44 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-05-30 03:29 - 2014-06-25 17:44 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-05-30 03:28 - 2014-06-25 17:44 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-05-30 03:27 - 2014-06-25 17:44 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-05-30 03:24 - 2014-06-25 17:44 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-05-30 03:23 - 2014-06-25 17:44 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-05-30 03:16 - 2014-06-25 17:44 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-05-30 03:10 - 2014-06-25 17:44 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 03:06 - 2014-06-25 17:44 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-05-30 03:04 - 2014-06-25 17:44 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-05-30 03:02 - 2014-06-25 17:44 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-05-30 02:56 - 2014-06-25 17:44 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-05-30 02:56 - 2014-06-25 17:44 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-05-30 02:54 - 2014-06-25 17:44 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-05-30 02:50 - 2014-06-25 17:44 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-05-30 02:49 - 2014-06-25 17:44 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-05-30 02:43 - 2014-06-25 17:44 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-05-30 02:40 - 2014-06-25 17:44 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-05-30 02:30 - 2014-06-25 17:44 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-05-30 02:21 - 2014-06-25 17:44 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-05-30 02:15 - 2014-06-25 17:44 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-05-30 02:13 - 2014-06-25 17:44 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-05-30 02:13 - 2014-06-25 17:44 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll Some content of TEMP: ==================== C:\Users\marian\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-25 20:41 ==================== End Of Log ============================