Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
the virus is called is labeled HELP_DECRYPT
I have this weird virus on my computer. it seems to have encrypted a few of my files and I'm not quite sure what to do about it
this is the website it directs me to
Edit by paws: above link de-activated
Edit by Ken545: Removed link as it was still active
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Eboni (administrator) on DABESTPC (03-09-2015 22:59:56)
Running from C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\E6TSL39D
Loaded Profiles: Eboni (Available Profiles: Eboni & Administrator)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\updater\appupdater.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
() C:\Program Files (x86)\Steam\steamapps\common\Karos Returns\AMo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.17994_x64__8wekyb3d8bbwe\glcnd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Comedy Central) C:\Users\Eboni\AppData\Local\Temp\69713pynxo
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\commonbuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-11-11] (McAfee, Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [Sidebars] => C:\Users\Eboni\AppData\Roaming\winamfes.exe [330240 2015-09-03] (Comedy Central)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-05] (Qualcomm®Atheros®)
HKU\S-1-5-21-3491398223-2635348887-2005758328-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Eboni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.HTML [2015-09-03] ()
Startup: C:\Users\Eboni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.PNG [2015-09-03] ()
Startup: C:\Users\Eboni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.TXT [2015-09-03] ()
InternetURL: C:\Users\Eboni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HELP_DECRYPT.URL -> hxxp://ayh2m57ruxjtwyd5.speralreaopio.com/1ffex4f
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 4.2.2.1
Tcpip\..\Interfaces\{A948F241-3A7C-41F6-8E2C-29CC06142884}: [DhcpNameServer] 4.2.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3491398223-2635348887-2005758328-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-3491398223-2635348887-2005758328-1001 -> DefaultScope {225E1228-DE0F-4E9F-9BC0-DB893AFCE290} URL =
SearchScopes: HKU\S-1-5-21-3491398223-2635348887-2005758328-1001 -> {225E1228-DE0F-4E9F-9BC0-DB893AFCE290} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2013-11-11] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2013-11-11] (McAfee, Inc.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2013-11-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2013-11-11] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-05] (Windows ® Win 7 DDK provider) [File not signed]
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [145288 2015-04-09] (Dell Inc.)
S2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [116424 2015-08-18] (Dell)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-11] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [333584 2013-09-26] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601920 2013-12-04] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3512928 2015-07-22] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-03] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2015-01-14] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-01-14] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [94440 2014-07-07] (UB658)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-27] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-27] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-03 22:59 - 2015-09-03 23:00 - 00000000 ____D C:\FRST
2015-09-03 22:47 - 2015-09-03 22:47 - 00001286 _____ C:\Users\Eboni\Desktop\Revo Uninstaller.lnk
2015-09-03 22:47 - 2015-09-03 22:47 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-03 21:07 - 2015-09-03 21:07 - 00020480 ___SH C:\Users\Eboni\Desktop\Thumbs.db
2015-09-03 21:04 - 2015-09-03 21:04 - 00000000 ____H C:\Users\Eboni\Documents\Default.rdp
2015-09-03 20:33 - 2015-09-03 20:33 - 00000000 ___RD C:\Users\Eboni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-09-03 13:47 - 2015-09-03 13:47 - 00008654 _____ C:\Users\HELP_DECRYPT.HTML
2015-09-03 13:47 - 2015-09-03 13:47 - 00008654 _____ C:\Users\Eboni\HELP_DECRYPT.HTML
2015-09-03 13:47 - 2015-09-03 13:47 - 00008654 _____ C:\Users\Eboni\Desktop\HELP_DECRYPT.HTML
2015-09-03 13:47 - 2015-09-03 13:47 - 00008654 _____ C:\HELP_DECRYPT.HTML
2015-09-03 13:47 - 2015-09-03 13:47 - 00004270 _____ C:\Users\HELP_DECRYPT.TXT
2015-09-03 13:47 - 2015-09-03 13:47 - 00004270 _____ C:\Users\Eboni\HELP_DECRYPT.TXT
2015-09-03 13:47 - 2015-09-03 13:47 - 00004270 _____ C:\Users\Eboni\Desktop\HELP_DECRYPT.TXT
2015-09-03 13:47 - 2015-09-03 13:47 - 00004270 _____ C:\HELP_DECRYPT.TXT
2015-09-03 13:47 - 2015-09-03 13:47 - 00000296 _____ C:\Users\HELP_DECRYPT.URL
2015-09-03 13:47 - 2015-09-03 13:47 - 00000296 _____ C:\Users\Eboni\HELP_DECRYPT.URL
2015-09-03 13:47 - 2015-09-03 13:47 - 00000296 _____ C:\Users\Eboni\Desktop\HELP_DECRYPT.URL
2015-09-03 13:47 - 2015-09-03 13:47 - 00000296 _____ C:\HELP_DECRYPT.URL
2015-09-03 12:40 - 2015-09-03 12:40 - 00330240 _____ (Comedy Central) C:\Users\Eboni\AppData\Roaming\winamfes.exe
2015-09-03 12:20 - 2015-09-03 22:26 - 00000450 _____ C:\Users\Eboni\Downloads\HELP_DECRYPT.URL
2015-09-03 12:20 - 2015-09-03 12:20 - 00008654 _____ C:\Users\Eboni\Downloads\HELP_DECRYPT.HTML
2015-09-03 12:20 - 2015-09-03 12:20 - 00008654 _____ C:\Users\Eboni\Documents\HELP_DECRYPT.HTML
2015-09-03 12:20 - 2015-09-03 12:20 - 00004270 _____ C:\Users\Eboni\Downloads\HELP_DECRYPT.TXT
2015-09-03 12:20 - 2015-09-03 12:20 - 00004270 _____ C:\Users\Eboni\Documents\HELP_DECRYPT.TXT
2015-09-03 12:20 - 2015-09-03 12:20 - 00000296 _____ C:\Users\Eboni\Documents\HELP_DECRYPT.URL
2015-09-03 11:29 - 2015-09-03 11:29 - 00008654 _____ C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.HTML
2015-09-03 11:29 - 2015-09-03 11:29 - 00008654 _____ C:\Users\Eboni\AppData\HELP_DECRYPT.HTML
2015-09-03 11:29 - 2015-09-03 11:29 - 00004270 _____ C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.TXT
2015-09-03 11:29 - 2015-09-03 11:29 - 00004270 _____ C:\Users\Eboni\AppData\HELP_DECRYPT.TXT
2015-09-03 11:29 - 2015-09-03 11:29 - 00000296 _____ C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.URL
2015-09-03 11:29 - 2015-09-03 11:29 - 00000296 _____ C:\Users\Eboni\AppData\HELP_DECRYPT.URL
2015-09-03 11:28 - 2015-09-03 11:28 - 00008654 _____ C:\Users\Eboni\AppData\Local\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 00008654 _____ C:\Users\Administrator\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 00008654 _____ C:\Users\Administrator\AppData\Local\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 00008654 _____ C:\Users\Administrator\AppData\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 00008654 _____ C:\ProgramData\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 00004270 _____ C:\Users\Eboni\AppData\Local\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 00004270 _____ C:\Users\Administrator\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 00004270 _____ C:\Users\Administrator\AppData\Local\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 00004270 _____ C:\Users\Administrator\AppData\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 00004270 _____ C:\ProgramData\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 00000296 _____ C:\Users\Eboni\AppData\Local\HELP_DECRYPT.URL
2015-09-03 11:28 - 2015-09-03 11:28 - 00000296 _____ C:\Users\Administrator\HELP_DECRYPT.URL
2015-09-03 11:28 - 2015-09-03 11:28 - 00000296 _____ C:\Users\Administrator\AppData\Local\HELP_DECRYPT.URL
2015-09-03 11:28 - 2015-09-03 11:28 - 00000296 _____ C:\Users\Administrator\AppData\HELP_DECRYPT.URL
2015-09-03 11:28 - 2015-09-03 11:28 - 00000296 _____ C:\ProgramData\HELP_DECRYPT.URL
2015-09-03 09:44 - 2015-09-03 16:01 - 00000000 ____D C:\Users\Eboni\AppData\Local\CrashDumps
2015-09-03 01:44 - 2015-09-03 01:44 - 00000000 ____D C:\Users\Eboni\AppData\Local\Intel_Corporation
2015-09-01 18:20 - 2015-09-01 18:20 - 00301793 _____ C:\Users\Eboni\Downloads\watermark
2015-08-31 02:10 - 2015-08-31 02:10 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-08-31 02:10 - 2015-08-31 02:10 - 00001323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-08-31 02:10 - 2015-08-31 02:10 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-31 02:10 - 2015-08-31 02:10 - 00000000 ____D C:\WINDOWS\en
2015-08-31 02:10 - 2015-08-31 02:10 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-08-31 02:10 - 2015-08-31 02:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-08-31 01:52 - 2015-09-03 12:20 - 00000000 ____D C:\Users\Eboni\Documents\Expression
2015-08-31 01:39 - 2015-08-31 02:01 - 00001735 _____ C:\Users\Eboni\Desktop\CyberLink_PowerDirector_Downloader.lnk
2015-08-31 01:39 - 2015-08-31 02:01 - 00000000 ____D C:\Users\Eboni\Documents\cybr13
2015-08-30 14:34 - 2015-08-30 14:34 - 00000222 _____ C:\Users\Eboni\Desktop\Company of Heroes 2.url
2015-08-29 13:32 - 2015-07-22 03:26 - 03512928 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des
2015-08-29 13:32 - 2004-12-29 23:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys
2015-08-29 13:32 - 2003-07-15 08:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd
2015-08-29 13:31 - 2015-08-29 13:31 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2015-08-28 20:40 - 2015-08-28 20:40 - 00000222 _____ C:\Users\Eboni\Desktop\Let the Cat In.url
2015-08-28 19:43 - 2015-08-28 19:43 - 00000000 ____D C:\Users\Eboni\AppData\Roaming\.mono
2015-08-28 19:43 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-08-28 19:43 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-08-28 19:43 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-08-28 19:43 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-08-28 19:43 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-08-28 19:43 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-08-28 19:43 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-08-28 19:43 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-08-28 19:43 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-08-28 19:43 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-08-28 19:43 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-08-28 19:43 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-08-28 19:43 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-08-28 19:43 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-08-28 19:43 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-08-28 19:43 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-08-28 19:43 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-08-28 19:43 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-08-28 19:43 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-08-28 19:42 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-08-28 19:42 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-08-28 19:42 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-08-28 19:42 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-08-28 19:42 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-08-28 19:42 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-08-28 19:42 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-08-28 19:42 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-08-28 19:42 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-08-28 19:42 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-08-28 19:42 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-08-28 19:42 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-08-28 19:42 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-08-28 19:42 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-08-28 19:42 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-08-28 19:42 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-08-28 19:42 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-08-28 19:42 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-08-28 19:42 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-08-28 19:42 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-08-28 19:42 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-08-28 19:42 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-08-28 19:42 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-08-28 19:42 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-08-28 19:42 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-08-28 19:42 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-08-28 19:42 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-08-28 19:42 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-08-28 19:42 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-08-28 19:42 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-08-28 19:42 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-08-28 19:42 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-08-28 19:42 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-08-28 19:42 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-08-28 19:42 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-08-28 19:42 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-08-28 19:42 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-08-28 19:42 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-08-28 19:42 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-08-28 19:42 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-08-28 19:42 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-08-28 19:42 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-08-28 19:42 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-08-28 19:42 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-08-28 19:42 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-08-28 19:42 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-08-28 19:42 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-08-28 19:42 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-08-28 19:42 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-08-28 19:42 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-08-28 19:42 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-08-28 19:42 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-08-28 19:42 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-08-28 19:42 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-08-28 19:42 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-08-28 19:42 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-08-28 19:42 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-08-28 19:42 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-08-28 19:42 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-08-28 19:42 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-08-28 19:42 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-08-28 19:42 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-08-28 19:42 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-08-28 19:42 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-08-28 19:42 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-08-28 19:42 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-08-28 19:42 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-08-28 19:42 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-08-28 19:42 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-08-28 19:42 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-08-28 19:42 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-08-28 19:42 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-08-28 19:42 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-08-28 19:42 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-08-28 19:42 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-08-28 19:42 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-08-28 19:42 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-08-28 19:42 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-08-28 19:42 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-08-28 19:42 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-08-28 19:42 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-08-28 19:42 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-08-28 19:42 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-08-28 19:42 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-08-28 19:42 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-08-28 19:42 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-08-28 19:42 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-08-28 17:18 - 2015-08-28 18:18 - 00003348 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2015-08-28 17:18 - 2015-08-28 17:18 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-28 16:38 - 2015-08-28 16:38 - 00000222 _____ C:\Users\Eboni\Desktop\Lamia Must Die.url
2015-08-28 16:36 - 2015-08-28 16:36 - 00000222 _____ C:\Users\Eboni\Desktop\Clown House (Palyao Evi).url
2015-08-28 16:35 - 2015-08-28 16:35 - 00000222 _____ C:\Users\Eboni\Desktop\Karos Returns.url
2015-08-28 16:32 - 2015-08-28 16:32 - 00000222 _____ C:\Users\Eboni\Desktop\Fishing Planet.url
2015-08-28 16:30 - 2015-08-28 16:30 - 00000161 _____ C:\Program
2015-08-28 16:22 - 2015-08-28 16:22 - 00000000 ____D C:\Program Files (x86)\Sony
2015-08-28 16:19 - 2015-08-28 16:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\Aviata
2015-08-28 16:06 - 2015-08-28 16:06 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-08-28 16:06 - 2015-08-28 16:06 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2015-08-28 16:04 - 2015-08-28 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-08-16 00:13 - 2015-08-16 00:13 - 00001502 _____ C:\Users\Eboni\Desktop\Witcher 3.lnk
2015-08-15 22:03 - 2015-08-15 22:03 - 00090289 _____ C:\Users\Eboni\Documents\jj.wma
2015-08-15 22:02 - 2015-08-15 22:02 - 00076819 _____ C:\Users\Eboni\Documents\h.wma
2015-08-06 15:49 - 2015-09-03 10:57 - 00000436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-08-05 14:57 - 2015-08-05 14:57 - 00000000 ____D C:\Users\Eboni\AppData\Local\Amazon_Services_LLC
2015-08-04 21:52 - 2015-08-04 21:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-04 21:04 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-08-04 21:04 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-08-04 21:04 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-08-04 21:04 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-08-04 21:02 - 2015-09-03 21:07 - 00000000 ____D C:\Users\Eboni\AppData\Local\Windows Live
2015-08-04 18:04 - 2015-08-06 15:57 - 00000000 ___DC C:\Users\Eboni\AppData\Local\MigWiz
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-03 23:00 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-03 21:15 - 2015-01-14 23:10 - 02035622 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-03 21:07 - 2015-02-27 18:30 - 00000000 ____D C:\Users\Eboni\AppData\Local\Packages
2015-09-03 21:05 - 2015-07-19 05:27 - 00157696 ___SH C:\Users\Eboni\Downloads\Thumbs.db
2015-09-03 21:02 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-03 20:33 - 2015-02-27 18:31 - 00000000 ____D C:\Users\Eboni\Documents\Bluetooth Folder
2015-09-03 13:47 - 2015-07-28 14:39 - 00000000 ____D C:\Windows.old
2015-09-03 13:47 - 2015-07-28 10:41 - 00000000 ____D C:\Users\Eboni
2015-09-03 12:21 - 2015-02-27 18:36 - 00000000 ___DO C:\Users\Eboni\OneDrive
2015-09-03 12:20 - 2015-05-23 23:28 - 00000000 ____D C:\Users\Eboni\Documents\The Witcher 3
2015-09-03 12:20 - 2015-04-26 00:01 - 00000000 ____D C:\Users\Eboni\Documents\Klei
2015-09-03 12:20 - 2015-03-05 21:17 - 00000000 ____D C:\Users\Eboni\Documents\CyberLink
2015-09-03 11:29 - 2015-07-29 22:25 - 00000000 ____D C:\Users\Eboni\AppData\Roaming\PCDr
2015-09-03 11:28 - 2015-08-01 02:38 - 00000000 ____D C:\Users\Eboni\AppData\Local\Astray
2015-09-03 11:28 - 2015-07-28 10:50 - 00000000 ____D C:\Users\Eboni\AppData\Local\CyberLink
2015-09-03 11:28 - 2015-01-14 23:19 - 00000000 ____D C:\ProgramData\PCDr
2015-09-03 11:28 - 2015-01-14 23:15 - 00000000 ____D C:\ProgramData\Dell
2015-09-03 11:28 - 2015-01-14 23:05 - 00000000 ____D C:\Users\Administrator
2015-08-31 23:46 - 2015-07-28 10:49 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3491398223-2635348887-2005758328-1001
2015-08-31 05:41 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-31 02:10 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-31 02:09 - 2015-08-01 02:38 - 00011452 _____ C:\WINDOWS\DirectX.log
2015-08-31 01:59 - 2015-02-27 18:43 - 00001152 _____ C:\Users\Public\Desktop\Game Capture HD.lnk
2015-08-31 01:39 - 2015-01-14 23:12 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-31 01:25 - 2015-01-14 23:12 - 00000000 ____D C:\ProgramData\Temp
2015-08-31 01:24 - 2015-01-14 23:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-29 16:53 - 2015-07-28 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-29 13:09 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 00:12 - 2013-08-22 11:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-28 19:42 - 2015-01-14 23:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-28 19:17 - 2014-03-18 05:53 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-28 19:15 - 2015-01-14 23:20 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-08-28 19:12 - 2015-01-14 23:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-28 19:12 - 2014-03-18 05:44 - 00005224 _____ C:\WINDOWS\PFRO.log
2015-08-28 19:12 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-28 18:18 - 2015-01-14 23:22 - 00000000 ____D C:\ProgramData\McAfee
2015-08-28 16:13 - 2015-01-14 23:24 - 00000000 ____D C:\Program Files\Dell
2015-08-28 16:13 - 2015-01-14 23:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-08-28 16:07 - 2015-07-28 10:43 - 00000000 ____D C:\Users\Eboni\AppData\Local\VirtualStore
2015-08-27 21:57 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-27 21:55 - 2013-08-22 09:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-23 15:38 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-20 07:44 - 2013-08-22 10:46 - 00034004 _____ C:\WINDOWS\setupact.log
2015-08-11 16:48 - 2015-01-14 23:14 - 00000000 ____D C:\Users\Public\CyberLink
2015-08-04 21:07 - 2015-07-28 10:51 - 00000000 ____D C:\Users\Eboni\AppData\Roaming\CyberLink
==================== Files in the root of some directories =======
2015-09-03 11:29 - 2015-09-03 11:29 - 0008654 _____ () C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.HTML
2015-09-03 11:29 - 2015-09-03 11:29 - 0046151 _____ () C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.PNG
2015-09-03 11:29 - 2015-09-03 11:29 - 0004270 _____ () C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.TXT
2015-09-03 11:29 - 2015-09-03 11:29 - 0000296 _____ () C:\Users\Eboni\AppData\Roaming\HELP_DECRYPT.URL
2015-09-03 12:40 - 2015-09-03 12:40 - 0330240 _____ (Comedy Central) C:\Users\Eboni\AppData\Roaming\winamfes.exe
2015-09-03 11:28 - 2015-09-03 11:28 - 0008654 _____ () C:\Users\Eboni\AppData\Local\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 0046151 _____ () C:\Users\Eboni\AppData\Local\HELP_DECRYPT.PNG
2015-09-03 11:28 - 2015-09-03 11:28 - 0004270 _____ () C:\Users\Eboni\AppData\Local\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 0000296 _____ () C:\Users\Eboni\AppData\Local\HELP_DECRYPT.URL
2015-01-14 23:15 - 2015-01-14 23:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-03 11:28 - 2015-09-03 11:28 - 0008654 _____ () C:\ProgramData\HELP_DECRYPT.HTML
2015-09-03 11:28 - 2015-09-03 11:28 - 0046151 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-09-03 11:28 - 2015-09-03 11:28 - 0004270 _____ () C:\ProgramData\HELP_DECRYPT.TXT
2015-09-03 11:28 - 2015-09-03 11:28 - 0000296 _____ () C:\ProgramData\HELP_DECRYPT.URL
2015-01-14 23:14 - 2015-01-14 23:14 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-01-14 23:12 - 2015-01-14 23:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-01-14 23:12 - 2015-01-14 23:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-01-14 23:13 - 2015-01-14 23:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-01-14 23:12 - 2015-01-14 23:12 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\Eboni\AppData\Local\Temp\COMAP.EXE
C:\Users\Eboni\AppData\Local\Temp\wideawake.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-29 13:01
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eboni (2015-09-03 23:00:45)
Running from C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\E6TSL39D
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3491398223-2635348887-2005758328-500 - Administrator - Disabled) => C:\Users\Administrator
Eboni (S-1-5-21-3491398223-2635348887-2005758328-1001 - Administrator - Enabled) => C:\Users\Eboni
Guest (S-1-5-21-3491398223-2635348887-2005758328-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3491398223-2635348887-2005758328-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Astray (HKLM-x32\...\Steam App 329200) (Version: - Aegon Games)
Clown House (Palyaço Evi) (HKLM-x32\...\Steam App 387970) (Version: - gord10)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version: - Team Psykskallar)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{D605CD24-103D-4DB6-B572-653851213C46}) (Version: 2.2.65.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Elgato Game Capture HD (HKLM-x32\...\{8BFE56C3-87F4-4F34-ACF7-B5CD7ECCAE34}) (Version: 2.11.43.962 - Elgato Systems GmbH)
Fishing Planet (HKLM-x32\...\Steam App 380600) (Version: - Fishing Planet LLC)
Five Nights at Freddy's 3 (HKLM-x32\...\Steam App 354140) (Version: - Scott Cawthon)
Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Karos Returns (HKLM-x32\...\Steam App 371310) (Version: - Galaxy Gate)
Lamia Must Die (HKLM-x32\...\Steam App 385260) (Version: - Tuomo Laine)
Let the Cat In (HKLM-x32\...\Steam App 369400) (Version: - Eforb)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.0.244 - McAfee, Inc.)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.304 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Serena (HKLM-x32\...\Steam App 272060) (Version: - Senscape)
Squishy the Suicidal Pig (HKLM-x32\...\Steam App 318430) (Version: - Tomi Maarela)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
15-08-2015 13:33:12 Windows Update
28-08-2015 16:06:39 Dell Update: Dell Customer Connect
31-08-2015 01:24:38 Installed PowerDirector
03-09-2015 22:49:22 Revo Uninstaller's restore point - Fishing Planet
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C6FBECF-B8EC-46AF-B723-2147409F811C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {3568F8A0-5D70-42C0-899E-6197B05FF88D} - System32\Tasks\Aviata\PowerRegister\Dell Reminder (Eboni) => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {42703BD5-7FE4-4EDD-825C-F5ADE9E7FE52} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {455091A4-62C2-4DF4-B012-CA11A5913A64} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {4A9FF4FC-57EE-464E-BF69-594A99BEB1C8} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {5CF18162-C1F0-4186-8BA9-E5BB9BE6F0E8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {6167CF9F-EFC0-40A3-83CD-DE4117BAB7C9} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {69864698-B302-47F7-B2CB-7C81EBAC9B7B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {707ADDD1-1097-42C4-AADA-3382C2E804EC} - System32\Tasks\PocketCloudUpdater => C:\Program [2015-08-28] ()
Task: {B3FE49C9-F429-433D-89EE-564B7DE164ED} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {D8DC594F-B7CF-4C55-B8AB-AA4E532E5D43} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {F6C9D75A-C2C6-4F10-92DA-D1CBF0CAB067} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2013-08-22 15:40 - 2013-08-22 15:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 15:40 - 2013-08-22 15:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 15:40 - 2013-08-22 15:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2015-01-14 23:21 - 2014-06-04 19:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2015-01-14 23:21 - 2014-06-04 19:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2015-01-14 23:21 - 2014-06-04 19:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-09-05 03:20 - 2013-09-05 03:20 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-05 03:17 - 2013-09-05 03:17 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-09-02 15:40 - 2014-09-02 15:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2015-08-28 16:34 - 2015-08-28 19:42 - 01611264 _____ () C:\Program Files (x86)\Steam\steamapps\common\Karos Returns\AMo.exe
2015-07-28 18:34 - 2015-07-03 12:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-07-28 18:34 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-07-28 18:34 - 2015-08-19 16:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-07-28 18:34 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-07-28 18:34 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-07-28 18:34 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-07-28 18:34 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-07-28 18:34 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-07-28 18:34 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-07-28 18:34 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-07-28 18:34 - 2015-08-19 16:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-28 18:34 - 2015-07-26 21:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-09-02 15:40 - 2014-09-02 15:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-02 15:40 - 2014-09-02 15:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2015-01-14 23:12 - 2013-03-04 23:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 15:41 - 2013-03-05 15:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-07-28 18:34 - 2015-07-03 12:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-01-14 23:15 - 2013-12-09 18:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-01-14 23:13 - 2013-03-27 00:40 - 00045129 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2015-08-28 16:35 - 2015-08-28 21:56 - 02674688 _____ () C:\Program Files (x86)\Steam\steamapps\common\Karos Returns\Shader.dll
2011-11-23 01:03 - 2011-11-23 01:03 - 00254760 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\mediacache\libebml.dll
2011-11-23 01:03 - 2011-11-23 01:03 - 00553768 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\mediacache\libmatroska.dll
2010-06-17 19:33 - 2010-06-17 19:33 - 00193320 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\HanumanCache.dll
2010-06-07 20:25 - 2010-06-07 20:25 - 00162088 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\CLVistaAudioMixer.dll
2015-01-14 23:13 - 2012-04-09 14:20 - 00146728 ____N () C:\Program Files (x86)\CyberLink\Shared files\PlugIn\8.0\CES_Blender.dll
2011-07-20 20:24 - 2011-07-20 20:24 - 01300264 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\magicModule\cv110.dll
2011-07-20 20:24 - 2011-07-20 20:24 - 01316136 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\magicModule\cxcore110.dll
2011-07-20 20:24 - 2011-07-20 20:24 - 00752424 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\magicModule\highgui110.dll
2015-01-14 23:13 - 2011-09-01 18:35 - 00151336 ____N () C:\Program Files (x86)\CyberLink\Shared files\PlugIn\8.0\CMWrapper.dll
2013-06-05 17:33 - 2013-06-05 17:33 - 01798408 _____ () C:\Program Files (x86)\CyberLink\PowerDirector10\runtime\authoring\AuroraU.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Eboni\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3491398223-2635348887-2005758328-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eboni\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 4.2.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{478A73A0-92D3-4E68-A9FC-E40124454FE5}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{FB63B3DC-E0F2-4ABC-B97F-3D8196593084}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\AetherWindowsService.exe
FirewallRules: [{53F35627-998F-40CB-8437-99E691995122}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{71DF1DCB-B16D-4BA6-A9D7-8289BEC4CEE6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7E74FA9F-8E06-4882-A3D1-512F1000E492}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{80045CB9-69D5-4354-AD07-B711A6414B5A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5DB4BEE6-6926-4EBB-83A0-8472043D44E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{17E4098C-40D9-4A93-A1E8-D2CA633F4085}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F23EBB16-22C0-4E45-8B81-7B89A494E442}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0F03BFAC-3B0B-459C-A3BF-A0F45524757E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F9611896-044A-4167-8EA8-6D54FB3EEBAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serena\Dagon64.exe
FirewallRules: [{A3A61DEA-9172-449A-825F-5910C755DD1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serena\Dagon64.exe
FirewallRules: [{B0A0C1A5-BC00-4BBE-9C46-2C8654D09F2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squishy\bin\squishy.exe
FirewallRules: [{1F5AA37C-D809-499A-9E5B-A939B4CF481F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squishy\bin\squishy.exe
FirewallRules: [{57E990AA-6EE0-484B-8129-2A2CF0CE7C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Astray\Astray.exe
FirewallRules: [{069F59E6-BB41-4853-B51C-48AF8E6AEA28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Astray\Astray.exe
FirewallRules: [{8427EF76-B5E9-4943-AA7A-B076E9E57A34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{F4D7B7B4-14BC-4A9D-83BF-A418D97D658E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{D507E356-E1D1-4D72-87CD-A1418B45CFFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{EB8FFF0B-0555-4FC7-BFDE-12F168AC33F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{FBC807BF-475F-4A75-81D5-04452E5F778F}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{FD8CFBAA-D211-497D-B497-EBCCD89B17F7}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{568FD2D3-98AA-4FF7-BC1F-D15BCC3A67D4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7D8ED0DF-EEDE-41F3-90BC-A7398CD7C8D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{B276F8B2-AD15-41B0-B190-DFB36A7AB814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{7CFBEBB9-E1E3-4DCE-A187-32F59ADEF36E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Karos Returns\LaunchKaros.exe
FirewallRules: [{B9872A31-1846-4632-90AA-E3C571D17AEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Karos Returns\LaunchKaros.exe
FirewallRules: [{A014862F-E6DB-49F1-B3CA-8D5AEC3D59FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lamia Must Die\Game.exe
FirewallRules: [{3CD7CFD6-5848-4B87-8EA2-15F942930EA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lamia Must Die\Game.exe
FirewallRules: [{DCB74753-35B0-4745-9071-642CAB560A1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clown House\ClownHouse.exe
FirewallRules: [{5C29E920-4372-4926-841A-774998DCF07A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clown House\ClownHouse.exe
FirewallRules: [{E786911C-B2BF-4256-B24A-185562673647}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{09484ECA-AEA3-43AF-9EEC-864F0295C8A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let the Cat In\ltci_win.exe
FirewallRules: [{5A6EDD88-5F9E-4475-8E31-58E92F72727A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EEA0AFE3-6721-4AD6-86BF-EC20028B43E8}] => (Allow) LPort=2869
FirewallRules: [{2E27512E-AD6B-4284-B900-A6D7BF13C087}] => (Allow) LPort=1900
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2015 04:01:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pcdrcui.exe, version: 6.0.6426.22, time stamp: 0x52cfadb3
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fb
Exception code: 0xe0434352
Fault offset: 0x0000000000005bf8
Faulting process id: 0xafc4
Faulting application start time: 0xpcdrcui.exe0
Faulting application path: pcdrcui.exe1
Faulting module path: pcdrcui.exe2
Report Id: pcdrcui.exe3
Faulting package full name: pcdrcui.exe4
Faulting package-relative application ID: pcdrcui.exe5
Error: (09/03/2015 04:01:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Pcd.DataStore.DatabaseError
Stack:
at Pcd.DataStore.AppStateDataStore..ctor()
at pcd.models.properties.UserSetting.Init()
at pcd.controllers.MainController.InitializeProperties()
at pcd.controllers.MainController.BackgroundStartThread()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (09/03/2015 04:01:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (09/03/2015 09:44:19 AM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name Coordinator is [0x80040154, Class not registered
].
Error: (09/03/2015 09:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17126, time stamp: 0x53882e30
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000374
Fault offset: 0x000df636
Faulting process id: 0x446c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
Error: (09/02/2015 09:47:52 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error: (08/31/2015 11:12:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/31/2015 02:02:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CyberLink_PowerDirector_Downloader.exe version 2.9.1.6109 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 610c
Start Time: 01d0e3b281cf349a
Termination Time: 5
Application Path: C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\VKHZFNAD\CyberLink_PowerDirector_Downloader.exe
Report Id: cd95ff63-4fa5-11e5-8261-2c337a47600a
Faulting package full name:
Faulting package-relative application ID:
Error: (08/31/2015 01:40:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CyberLink_PowerDirector_Downloader.exe version 2.9.1.6109 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 406c
Start Time: 01d0e3af64e1b374
Termination Time: 4
Application Path: C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\VKHZFNAD\CyberLink_PowerDirector_Downloader.exe
Report Id: d4aabcb1-4fa2-11e5-8261-2c337a47600a
Faulting package full name:
Faulting package-relative application ID:
Error: (08/31/2015 01:26:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PDR10.exe version 10.0.1.4419 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10f8
Start Time: 01d0e3ad82a81530
Termination Time: 19
Application Path: C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe
Report Id: d1a00096-4fa0-11e5-8261-2c337a47600a
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/03/2015 10:43:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 10:26:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A948F241-3A7C-41F6-8E2C-29CC06142884}.
The master browser is stopping or an election is being forced.
Error: (09/03/2015 10:13:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 09:43:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 09:13:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 08:43:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 08:38:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer PETE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A948F241-3A7C-41F6-8E2C-29CC06142884}.
The master browser is stopping or an election is being forced.
Error: (09/03/2015 08:33:22 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (09/03/2015 02:18:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Error: (09/03/2015 01:58:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1
Microsoft Office:
=========================
Error: (09/03/2015 04:01:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pcdrcui.exe6.0.6426.2252cfadb3KERNELBASE.dll6.3.9600.17055532954fbe04343520000000000005bf8afc401d0e68341a15276C:\Program Files\My Dell\pcdrcui.exeC:\WINDOWS\system32\KERNELBASE.dll80c8f08b-5276-11e5-8261-2c337a47600a
Error: (09/03/2015 04:01:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: pcdrcui.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Pcd.DataStore.DatabaseError
Stack:
at Pcd.DataStore.AppStateDataStore..ctor()
at pcd.models.properties.UserSetting.Init()
at pcd.controllers.MainController.InitializeProperties()
at pcd.controllers.MainController.BackgroundStartThread()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (09/03/2015 04:01:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (09/03/2015 09:44:19 AM) (Source: VSS) (EventID: 22) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80040154, Class not registered
Error: (09/03/2015 09:44:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1712653882e30ntdll.dll6.3.9600.1711453648f36c0000374000df636446c01d0e60baf73b441C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\ntdll.dlld5643653-5241-11e5-8261-2c337a47600a
Error: (09/02/2015 09:47:52 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (08/31/2015 11:12:52 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/31/2015 02:02:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CyberLink_PowerDirector_Downloader.exe2.9.1.6109610c01d0e3b281cf349a5C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\VKHZFNAD\CyberLink_PowerDirector_Downloader.execd95ff63-4fa5-11e5-8261-2c337a47600a
Error: (08/31/2015 01:40:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CyberLink_PowerDirector_Downloader.exe2.9.1.6109406c01d0e3af64e1b3744C:\Users\Eboni\AppData\Local\Microsoft\Windows\INetCache\IE\VKHZFNAD\CyberLink_PowerDirector_Downloader.exed4aabcb1-4fa2-11e5-8261-2c337a47600a
Error: (08/31/2015 01:26:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PDR10.exe10.0.1.441910f801d0e3ad82a8153019C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exed1a00096-4fa0-11e5-8261-2c337a47600a
CodeIntegrity:
===================================
Date: 2015-07-28 10:46:51.607
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 12204.93 MB
Available physical RAM: 8674.98 MB
Total Virtual: 14214.46 MB
Available Virtual: 8735.54 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1855.11 GB) (Free:1414.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CAFFE1CC)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by ebonit24, 04 September 2015 - 07:27 PM.
