Jump to content

garytkh

Members
 View Profile  See their activity

  • Posts

    15

  • Joined

  • Last visited

Reputation

0 Neutral
  1. garytkh

    Thanks for your patience and expertise in helping me resolve my malware infection, MrCharlie!

  2. garytkh
    Hi MrC, I found out where the problem was and fixed it!! Why the browser kept going to Dosearch.com was because the command to do so was hidden in my browser shortcuts. I found out and fixed it following these instructions: Right-click your browser’s shortcut. Choose Properties. Go to Shortcut tab and navigate to Target line. There should be only your browser’s directory in the Targetline: Internet Explorer – C:Program FilesInternet Exploreriexplore.exe Mozilla Firefox –C:Program FilesMozilla Firefoxfirefox.exe Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exeI got it from this website: http://www.2-removevirus.com/remove-dosearches-com/ Thank you very much for all your advise and help these last few days, I really really appreciate it! One final question: other than Malwarebytes Anti-Malware, what other program should I keep to regularly scan for malware?
  3. garytkh
    Hi MrC, 1. The below-mentioned registry entries are not there, please see attached registry screenshots: Can you manually go into the registry and change if they're still present: (You would want to remove the items in bold) [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearche...8&ts=1381309315" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\Google Chrome\shell\open\command] @=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearche...8&ts=1381309315" 2. AdwCleaner and Malwarebytes reports as below: # AdwCleaner v3.007 - Report created 12/10/2013 at 21:55:30 # Updated 09/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : GaryLina - GARYLINA-PC# Running from : C:\Users\GaryLina\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Google Chrome v30.0.1599.69 [ File : C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R1].txt - [772 octets] - [11/10/2013 16:49:08]AdwCleaner[R2].txt - [890 octets] - [11/10/2013 16:51:48]AdwCleaner[R3].txt - [949 octets] - [11/10/2013 16:56:08]AdwCleaner[R4].txt - [1008 octets] - [11/10/2013 17:01:18]AdwCleaner[R5].txt - [1129 octets] - [11/10/2013 17:15:38]AdwCleaner[R6].txt - [1189 octets] - [11/10/2013 17:16:32]AdwCleaner[R7].txt - [2067 octets] - [12/10/2013 21:54:06]AdwCleaner[s1].txt - [832 octets] - [11/10/2013 16:50:28]AdwCleaner[s2].txt - [1069 octets] - [11/10/2013 17:02:08]AdwCleaner[s3].txt - [1992 octets] - [12/10/2013 21:55:30] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [2052 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.10.12.03 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721GaryLina :: GARYLINA-PC [administrator] 10/12/2013 9:57:38 PMmbam-log-2013-10-12 (21-57-38).txt Scan type: Full scan (C:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 383619Time elapsed: 13 minute(s), 42 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) 3. I'm willing to open remote access to my PC if that will better assist your efforts to solve this. Thanks!
  4. garytkh
    Hi MrC, 1. FRST report here: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013Ran by GaryLina at 2013-10-12 10:27:22 Run:1Running from C:\Users\GaryLina\Desktop\FRST_MainBoot Mode: Normal============================================== Content of fixlist:*****************CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.dosearche...8&ts=1381309315 ***************** HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully. ==== End of Fixlog ==== 2. JRT report here: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.4 (10.06.2013:1)OS: Windows 7 Home Premium x64Ran by GaryLina on Sat 10/12/2013 at 12:14:04.09~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCSSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\GaryLina\appdata\local\cre" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sat 10/12/2013 at 12:17:42.56End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3. Do Search is still there. 4. Question: Is it usually this hard to remove this virus? Getting a bit desperate here
  5. garytkh
    Hi MrC, Here's the latest SystemlLook report: SystemLook 30.07.11 by jpshortstuffLog created at 17:41 on 11/10/2013 by GaryLinaAdministrator - Elevation successful ========== Filefind ========== Searching for "dosearches"No files found. ========== regfind ========== Searching for "dosearches"[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]@=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\Google Chrome\shell\open\command]@=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315" -= EOF =-
  6. garytkh
    Did exactly everything you said in last post, "Do searches.com" still pops up when I launch browser. .
  7. garytkh
    Hi MrC, 1. For Chrome settings, as per my earlier screenshots, manually setting them to my preferences doesn't resolve the issue. 2. SystemLook report as below. 3. Question: this malware/virus command line contains these words "Corsair Neutron GTX". This is the brand of my RAM. Has the virus somehow affected my RAM hence the difficulty in purging it? SystemLook 30.07.11 by jpshortstuffLog created at 00:26 on 11/10/2013 by GaryLinaAdministrator - Elevation successful ========== Filefind ========== Searching for "dosearches"No files found. ========== regfind ========== Searching for "dosearches"[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]@=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315"[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\Google Chrome\shell\open\command]@=""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315" -= EOF =-
  8. garytkh
    Hi MrC, Thanks for all your help thus far, here's the fixlog.txt. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013Ran by GaryLina at 2013-10-10 13:03:44 Run:1Running from C:\Boot Mode: Normal============================================== Content of fixlist:*****************CHR HKLM-x32\...\Chrome\Extension: [jekmiciaamoabjccmachncgdfpgfpbfg] - C:\ProgramData\SaveAs\jekmiciaamoabjccmachncgdfpgfpbfg.crxCHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\GaryLina\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx***************** HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jekmiciaamoabjccmachncgdfpgfpbfg => Key deleted successfully."C:\ProgramData\SaveAs\jekmiciaamoabjccmachncgdfpgfpbfg.crx" => File/Directory not found.HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk => Key deleted successfully.C:\Users\GaryLina\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx => Moved successfully. ==== End of Fixlog ====
  9. garytkh
    Hi MrC, Did everything you said except: 1. Can't find the below to delete (please see screenshot): CHR HKLM-x32\...\Chrome\Extension: [jekmiciaamoabjccmachncgdfpgfpbfg] - C:\ProgramData\SaveAs\jekmiciaamoabjccmachncgdfpgfpbfg.crx CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\GaryLina\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx 1. Problem still persists despite all the steps taken in Chrome (please see screenshots) Gary
  10. garytkh
    Hi MrC, AdwCleaner report # AdwCleaner v3.007 - Report created 10/10/2013 at 08:44:46# Updated 09/10/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : GaryLina - GARYLINA-PC# Running from : C:\Users\GaryLina\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\eSafeFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repairFolder Deleted : C:\Users\GaryLina\AppData\Local\Bundled software uninstallerFolder Deleted : C:\Users\GaryLina\AppData\LocalLow\ConduitFolder Deleted : C:\Users\GaryLina\AppData\LocalLow\Toolbar4 ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequestKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTaskKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelperKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifierKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImplKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManagerKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHookKey Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvcKey Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32D47EA5-9473-4CAD-805D-9999F15D5AE2}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]Key Deleted : HKCU\Software\BIKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\smartbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Google Chrome v30.0.1599.69 [ File : C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4303 octets] - [10/10/2013 08:40:34]AdwCleaner[s0].txt - [4181 octets] - [10/10/2013 08:44:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4241 octets] ########## The Malwarebytes report is also attached here. FRST ReportScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013Ran by GaryLina (administrator) on GARYLINA-PC on 10-10-2013 08:56:32Running from C:\Users\GaryLina\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.17\aaHMSvc.exe() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)BootExecute: autocheck autochk * ????? ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearchBHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Winsock: Catalog9 01 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)Winsock: Catalog9 02 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)Winsock: Catalog9 03 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)Winsock: Catalog9 04 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)Winsock: Catalog9 15 %SystemRoot%\system32\WTFastDrv.dll [72296] (Initex)Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)Winsock: Catalog9-x64 03 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)Winsock: Catalog9-x64 04 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No FileCHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)CHR Extension: (Google Docs) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0CHR Extension: (Chrome In-App Payments service) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0CHR Extension: (Gmail) - C:\Users\GaryLina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR HKLM-x32\...\Chrome\Extension: [jekmiciaamoabjccmachncgdfpgfpbfg] - C:\ProgramData\SaveAs\jekmiciaamoabjccmachncgdfpgfpbfg.crxCHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\GaryLina\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crxCHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crxCHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315 ==================== Services (Whitelisted) ================= R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] ()R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.17\aaHMSvc.exe [947328 2011-12-09] (ASUSTeK Computer Inc.)R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)S3 WinRing0_1_2_0; C:\Users\GaryLina\Documents\RealTemp_370\WinRing0x64.sys [14544 2012-03-12] (OpenLibSys.org)S3 WinRing0_1_2_0; C:\Users\GaryLina\Documents\RealTemp_370\WinRing0x64.sys [14544 2012-03-12] (OpenLibSys.org)U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)S3 catchme; \??\C:\ComboFix\catchme.sys [x]S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\FRST2013-10-10 08:55 - 2013-10-10 08:55 - 01954124 _____ (Farbar) C:\Users\GaryLina\Downloads\FRST64.exe2013-10-10 08:40 - 2013-10-10 08:44 - 00000000 ____D C:\AdwCleaner2013-10-10 08:40 - 2013-10-10 08:40 - 01048960 _____ C:\Users\GaryLina\Downloads\AdwCleaner.exe2013-10-10 00:11 - 2013-10-10 00:11 - 00019773 _____ C:\Users\GaryLina\Desktop\ComboFix.txt2013-10-10 00:09 - 2013-10-10 00:09 - 00000546 _____ C:\Windows\PFRO.log2013-10-10 00:06 - 2013-10-10 00:11 - 00000000 ____D C:\Qoobox2013-10-10 00:06 - 2013-10-10 00:10 - 00000000 ____D C:\Windows\erdnt2013-10-10 00:06 - 2011-06-26 14:45 - 00256000 _____ C:\Windows\PEV.exe2013-10-10 00:06 - 2010-11-08 01:20 - 00208896 _____ C:\Windows\MBR.exe2013-10-10 00:06 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2013-10-10 00:06 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2013-10-10 00:06 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2013-10-10 00:06 - 2000-08-31 08:00 - 00098816 _____ C:\Windows\sed.exe2013-10-10 00:06 - 2000-08-31 08:00 - 00080412 _____ C:\Windows\grep.exe2013-10-10 00:06 - 2000-08-31 08:00 - 00068096 _____ C:\Windows\zip.exe2013-10-10 00:04 - 2013-10-10 00:05 - 05131844 ____R (Swearware) C:\Users\GaryLina\Downloads\ComboFix.exe2013-10-09 23:38 - 2013-10-09 23:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\GaryLina\Downloads\SpyHunter-Installer.exe2013-10-09 22:52 - 2013-10-09 22:53 - 12907592 _____ (Malwarebytes Corp.) C:\Users\GaryLina\Downloads\mbar-1.07.0.1005 (1).exe2013-10-09 20:51 - 2013-10-09 20:51 - 00001858 _____ C:\Users\GaryLina\Desktop\RKreport[0]_S_10092013_205121.txt2013-10-09 20:50 - 2013-10-09 20:56 - 00000000 ____D C:\Users\GaryLina\Desktop\RK_Quarantine2013-10-09 20:49 - 2013-10-09 20:49 - 03980800 _____ C:\Users\GaryLina\Downloads\RogueKillerX64.exe2013-10-09 20:20 - 2013-10-09 20:20 - 00688992 ____R (Swearware) C:\Users\GaryLina\Downloads\dds.scr2013-10-09 20:20 - 2013-10-09 20:20 - 00014109 _____ C:\Users\GaryLina\Desktop\dds.txt2013-10-09 20:20 - 2013-10-09 20:20 - 00003994 _____ C:\Users\GaryLina\Desktop\attach.txt2013-10-09 20:12 - 2013-10-09 23:27 - 00000000 ____D C:\Users\GaryLina\Desktop\mbar2013-10-09 20:12 - 2013-10-09 23:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-09 20:12 - 2013-10-09 20:12 - 12907592 _____ (Malwarebytes Corp.) C:\Users\GaryLina\Downloads\mbar-1.07.0.1005.exe2013-10-09 18:27 - 2013-10-10 08:45 - 00000280 _____ C:\Windows\setupact.log2013-10-09 18:27 - 2013-10-09 18:27 - 00000000 _____ C:\Windows\setuperr.log2013-10-09 18:06 - 2013-10-10 08:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-10-09 18:06 - 2013-10-10 00:02 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-10-09 18:06 - 2013-08-30 15:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2013-10-09 18:06 - 2013-08-30 15:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys2013-10-09 18:06 - 2013-08-30 15:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr2013-10-09 18:04 - 2013-10-09 18:05 - 00000000 ____D C:\ProgramData\AVAST Software2013-10-09 18:03 - 2013-10-09 18:04 - 131918888 _____ C:\Users\GaryLina\Downloads\avast_free_antivirus_setup.exe2013-10-09 17:43 - 2013-10-09 17:43 - 22205064 _____ (Microsoft Corporation) C:\Users\GaryLina\Downloads\Windows-KB890830-x64-V5.5.exe2013-10-09 17:23 - 2013-10-09 17:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\GaryLina\Downloads\mbam-setup-1.75.0.1300.exe2013-10-09 17:23 - 2013-10-09 17:23 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-10-09 17:23 - 2013-10-09 17:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-09 17:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-10-09 16:36 - 2013-10-09 16:36 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2013-10-09 16:36 - 2013-10-09 16:36 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-10-09 16:35 - 2013-10-09 16:35 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-10-09 16:35 - 2013-10-09 16:35 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-10-09 16:35 - 2013-10-09 16:35 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-10-09 16:35 - 2013-10-09 16:35 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-10-09 16:35 - 2013-10-09 16:35 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2013-10-09 16:35 - 2013-10-09 16:35 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys2013-10-09 16:35 - 2013-10-09 16:35 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-10-09 16:35 - 2013-10-09 16:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-10-09 16:35 - 2013-10-09 16:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-10-09 16:34 - 2013-10-09 16:34 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-10-09 16:34 - 2013-10-09 16:34 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-10-09 16:34 - 2013-10-09 16:34 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-10-09 16:34 - 2013-10-09 16:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys2013-10-09 16:34 - 2013-10-09 16:34 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2013-10-09 16:33 - 2013-10-09 16:33 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-10-09 16:33 - 2013-10-09 16:33 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-10-09 16:33 - 2013-10-09 16:33 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-10-09 16:33 - 2013-10-09 16:33 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-10-09 16:33 - 2013-10-09 16:33 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-10-09 16:33 - 2013-10-09 16:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-10-09 16:33 - 2013-10-09 16:33 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2013-10-09 16:32 - 2013-10-09 16:32 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-10-09 16:32 - 2013-10-09 16:32 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-10-09 16:32 - 2013-10-09 16:32 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-10-09 16:32 - 2013-10-09 16:32 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-10-08 17:07 - 2013-10-08 17:07 - 00001541 _____ C:\Users\GaryLina\Desktop\RelicCOH - Shortcut.lnk2013-10-04 15:16 - 2013-10-04 15:16 - 00000000 ____D C:\Users\GaryLina\AppData\Roaming\Oracle2013-10-03 22:48 - 2013-10-03 22:48 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}2013-10-03 21:21 - 2013-10-03 21:21 - 00000000 ____D C:\Program Files (x86)\THQ2013-10-03 10:17 - 2013-10-03 10:17 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-10-03 10:17 - 2013-10-03 10:17 - 00000000 ____D C:\ProgramData\Oracle2013-10-03 10:17 - 2013-10-03 10:17 - 00000000 ____D C:\Program Files (x86)\Java2013-09-27 16:28 - 2013-09-27 16:28 - 57606144 _____ C:\Windows\system32\config\software.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00102400 _____ C:\Windows\system32\config\default.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00061440 _____ C:\Windows\system32\config\sam.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00032768 _____ C:\Windows\system32\config\security.iobit2013-09-27 16:20 - 2013-09-12 16:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-09-27 16:20 - 2013-09-12 16:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-09-27 16:20 - 2013-09-12 16:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-09-27 16:20 - 2013-09-12 16:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-09-27 16:20 - 2013-09-12 16:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-09-27 16:20 - 2013-09-12 16:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-09-27 16:20 - 2013-09-12 16:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-09-27 16:20 - 2013-09-12 16:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-09-27 16:20 - 2013-09-12 16:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-09-27 16:20 - 2013-09-12 16:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-09-27 16:20 - 2013-09-12 16:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-09-27 16:20 - 2013-09-12 16:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-09-27 16:20 - 2013-09-12 16:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-09-27 16:20 - 2013-09-12 16:58 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-09-27 16:20 - 2013-09-12 16:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-09-27 16:20 - 2013-09-12 16:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-09-27 16:20 - 2013-09-12 16:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll2013-09-27 16:20 - 2013-09-12 16:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll2013-09-27 16:20 - 2013-09-12 16:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-09-27 16:20 - 2013-09-12 16:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-09-27 16:20 - 2013-06-16 20:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys2013-09-27 16:20 - 2013-06-16 20:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll2013-09-26 13:40 - 2013-09-26 13:40 - 00140429 _____ C:\Users\GaryLina\Documents\Gary Teo_Summary.pptx2013-09-13 19:42 - 2013-09-13 19:42 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-09-13 19:42 - 2013-09-13 19:42 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-09-13 19:42 - 2013-09-13 19:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-09-13 19:42 - 2013-09-13 19:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-09-13 19:42 - 2013-09-13 19:42 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-09-13 19:42 - 2013-09-13 19:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-09-13 19:42 - 2013-09-13 19:42 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-09-13 19:42 - 2013-09-13 19:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-09-13 19:42 - 2013-09-13 19:42 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-09-13 19:40 - 2013-08-05 10:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys2013-09-13 19:40 - 2013-08-02 10:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2013-09-13 19:40 - 2013-08-02 10:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2013-09-13 19:40 - 2013-08-02 10:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 10:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2013-09-13 19:40 - 2013-08-02 09:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 09:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2013-09-13 19:40 - 2013-08-02 08:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2013-09-13 19:40 - 2013-08-02 08:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 08:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 08:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2013-09-13 19:40 - 2013-08-02 08:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2013-09-13 19:40 - 2013-07-26 10:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2013-09-13 19:40 - 2013-07-26 10:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll2013-09-13 19:40 - 2013-07-26 09:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2013-09-13 19:40 - 2013-07-26 09:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll2013-09-11 19:15 - 2013-09-11 19:25 - 00000000 ____D C:\Users\GaryLina\Desktop\TES4Edit_3_0_30_EXPERIMENTAL-11536-3-0-30EXP2013-09-10 01:05 - 2013-09-10 01:05 - 00000000 ____D C:\BOSS ==================== One Month Modified Files and Folders ======= 2013-10-10 08:56 - 2013-10-10 08:56 - 00000000 ____D C:\FRST2013-10-10 08:55 - 2013-10-10 08:55 - 01954124 _____ (Farbar) C:\Users\GaryLina\Downloads\FRST64.exe2013-10-10 08:52 - 2009-07-14 12:45 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-10-10 08:52 - 2009-07-14 12:45 - 00014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-10-10 08:50 - 2009-07-14 13:13 - 00795858 _____ C:\Windows\system32\PerfStringBackup.INI2013-10-10 08:48 - 2013-07-28 22:48 - 01027770 _____ C:\Windows\WindowsUpdate.log2013-10-10 08:45 - 2013-10-09 18:27 - 00000280 _____ C:\Windows\setupact.log2013-10-10 08:45 - 2013-10-09 18:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-10-10 08:45 - 2013-06-22 18:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-10-10 08:45 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-10-10 08:44 - 2013-10-10 08:40 - 00000000 ____D C:\AdwCleaner2013-10-10 08:40 - 2013-10-10 08:40 - 01048960 _____ C:\Users\GaryLina\Downloads\AdwCleaner.exe2013-10-10 00:11 - 2013-10-10 00:11 - 00019773 _____ C:\Users\GaryLina\Desktop\ComboFix.txt2013-10-10 00:11 - 2013-10-10 00:06 - 00000000 ____D C:\Qoobox2013-10-10 00:11 - 2009-07-14 11:20 - 00000000 __RHD C:\Users\Default2013-10-10 00:10 - 2013-10-10 00:06 - 00000000 ____D C:\Windows\erdnt2013-10-10 00:10 - 2009-07-14 10:34 - 00000215 _____ C:\Windows\system.ini2013-10-10 00:09 - 2013-10-10 00:09 - 00000546 _____ C:\Windows\PFRO.log2013-10-10 00:05 - 2013-10-10 00:04 - 05131844 ____R (Swearware) C:\Users\GaryLina\Downloads\ComboFix.exe2013-10-10 00:02 - 2013-10-09 18:06 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-10-10 00:02 - 2012-06-02 16:41 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk2013-10-09 23:59 - 2013-06-22 18:48 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-10-09 23:45 - 2012-03-16 03:31 - 00000000 ____D C:\Program Files (x86)\Steam2013-10-09 23:38 - 2013-10-09 23:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\GaryLina\Downloads\SpyHunter-Installer.exe2013-10-09 23:27 - 2013-10-09 20:12 - 00000000 ____D C:\Users\GaryLina\Desktop\mbar2013-10-09 23:27 - 2013-10-09 20:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-09 22:53 - 2013-10-09 22:52 - 12907592 _____ (Malwarebytes Corp.) C:\Users\GaryLina\Downloads\mbar-1.07.0.1005 (1).exe2013-10-09 22:33 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache2013-10-09 20:56 - 2013-10-09 20:50 - 00000000 ____D C:\Users\GaryLina\Desktop\RK_Quarantine2013-10-09 20:51 - 2013-10-09 20:51 - 00001858 _____ C:\Users\GaryLina\Desktop\RKreport[0]_S_10092013_205121.txt2013-10-09 20:49 - 2013-10-09 20:49 - 03980800 _____ C:\Users\GaryLina\Downloads\RogueKillerX64.exe2013-10-09 20:20 - 2013-10-09 20:20 - 00688992 ____R (Swearware) C:\Users\GaryLina\Downloads\dds.scr2013-10-09 20:20 - 2013-10-09 20:20 - 00014109 _____ C:\Users\GaryLina\Desktop\dds.txt2013-10-09 20:20 - 2013-10-09 20:20 - 00003994 _____ C:\Users\GaryLina\Desktop\attach.txt2013-10-09 20:12 - 2013-10-09 20:12 - 12907592 _____ (Malwarebytes Corp.) C:\Users\GaryLina\Downloads\mbar-1.07.0.1005.exe2013-10-09 18:27 - 2013-10-09 18:27 - 00000000 _____ C:\Windows\setuperr.log2013-10-09 18:26 - 2012-03-11 19:34 - 00000000 ____D C:\Users\GaryLina2013-10-09 18:25 - 2012-03-12 11:17 - 00000000 ____D C:\Windows\Panther2013-10-09 18:06 - 2012-05-20 10:47 - 00000000 _____ C:\Windows\SysWOW64\config.nt2013-10-09 18:05 - 2013-10-09 18:04 - 00000000 ____D C:\ProgramData\AVAST Software2013-10-09 18:05 - 2012-05-20 10:47 - 00000000 ____D C:\Program Files\AVAST Software2013-10-09 18:04 - 2013-10-09 18:03 - 131918888 _____ C:\Users\GaryLina\Downloads\avast_free_antivirus_setup.exe2013-10-09 17:43 - 2013-10-09 17:43 - 22205064 _____ (Microsoft Corporation) C:\Users\GaryLina\Downloads\Windows-KB890830-x64-V5.5.exe2013-10-09 17:41 - 2009-07-14 12:45 - 00275712 _____ C:\Windows\system32\FNTCACHE.DAT2013-10-09 17:23 - 2013-10-09 17:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\GaryLina\Downloads\mbam-setup-1.75.0.1300.exe2013-10-09 17:23 - 2013-10-09 17:23 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-10-09 17:23 - 2013-10-09 17:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-09 17:01 - 2013-08-04 21:54 - 00002501 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-10-09 17:01 - 2012-03-11 19:35 - 00001743 _____ C:\Users\GaryLina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-10-09 16:36 - 2013-10-09 16:36 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2013-10-09 16:36 - 2013-10-09 16:36 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2013-10-09 16:36 - 2013-10-09 16:36 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-10-09 16:35 - 2013-10-09 16:35 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-10-09 16:35 - 2013-10-09 16:35 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-10-09 16:35 - 2013-10-09 16:35 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-10-09 16:35 - 2013-10-09 16:35 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-10-09 16:35 - 2013-10-09 16:35 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2013-10-09 16:35 - 2013-10-09 16:35 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys2013-10-09 16:35 - 2013-10-09 16:35 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-10-09 16:35 - 2013-10-09 16:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-10-09 16:35 - 2013-10-09 16:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-10-09 16:35 - 2013-10-09 16:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-10-09 16:34 - 2013-10-09 16:34 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-10-09 16:34 - 2013-10-09 16:34 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-10-09 16:34 - 2013-10-09 16:34 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-10-09 16:34 - 2013-10-09 16:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys2013-10-09 16:34 - 2013-10-09 16:34 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2013-10-09 16:33 - 2013-10-09 16:33 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-10-09 16:33 - 2013-10-09 16:33 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-10-09 16:33 - 2013-10-09 16:33 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-10-09 16:33 - 2013-10-09 16:33 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-10-09 16:33 - 2013-10-09 16:33 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-10-09 16:33 - 2013-10-09 16:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-10-09 16:33 - 2013-10-09 16:33 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-10-09 16:33 - 2013-10-09 16:33 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-10-09 16:33 - 2013-10-09 16:33 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-10-09 16:33 - 2013-10-09 16:33 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys2013-10-09 16:33 - 2013-10-09 16:33 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll2013-10-09 16:33 - 2013-10-09 16:33 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2013-10-09 16:32 - 2013-10-09 16:32 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-10-09 16:32 - 2013-10-09 16:32 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-10-09 16:32 - 2013-10-09 16:32 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-10-09 16:32 - 2013-10-09 16:32 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 16:32 - 2013-10-09 16:32 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-10-09 16:32 - 2012-03-14 00:58 - 00787980 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-10-08 22:01 - 2012-03-11 19:38 - 00000000 ____D C:\Users\GaryLina\Documents\My Games2013-10-08 17:07 - 2013-10-08 17:07 - 00001541 _____ C:\Users\GaryLina\Desktop\RelicCOH - Shortcut.lnk2013-10-06 17:07 - 2012-03-12 02:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird2013-10-06 03:20 - 2012-12-30 00:54 - 00000058 _____ C:\Users\GaryLina\Documents\aionmemo_bf56e92e.dat2013-10-05 13:59 - 2012-03-12 02:09 - 00000000 __SHD C:\Users\GaryLina\wc2013-10-04 15:16 - 2013-10-04 15:16 - 00000000 ____D C:\Users\GaryLina\AppData\Roaming\Oracle2013-10-04 11:10 - 2012-05-12 20:51 - 00000000 ____D C:\Program Files (x86)\Origin2013-10-04 09:51 - 2013-08-09 18:41 - 00000075 _____ C:\DiskDefrag.log2013-10-04 09:51 - 2013-06-08 10:34 - 00000000 ____D C:\ProgramData\GlarySoft2013-10-03 22:48 - 2013-10-03 22:48 - 00000000 ____D C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}2013-10-03 21:21 - 2013-10-03 21:21 - 00000000 ____D C:\Program Files (x86)\THQ2013-10-03 10:17 - 2013-10-03 10:17 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-10-03 10:17 - 2013-10-03 10:17 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-10-03 10:17 - 2013-10-03 10:17 - 00000000 ____D C:\ProgramData\Oracle2013-10-03 10:17 - 2013-10-03 10:17 - 00000000 ____D C:\Program Files (x86)\Java2013-10-03 10:17 - 2012-07-09 05:35 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll2013-10-03 10:17 - 2012-03-12 02:14 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll2013-09-28 00:37 - 2012-06-02 16:41 - 00000000 ____D C:\Program Files\CCleaner2013-09-27 16:28 - 2013-09-27 16:28 - 57606144 _____ C:\Windows\system32\config\software.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00102400 _____ C:\Windows\system32\config\default.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00061440 _____ C:\Windows\system32\config\sam.iobit2013-09-27 16:28 - 2013-09-27 16:28 - 00032768 _____ C:\Windows\system32\config\security.iobit2013-09-27 16:27 - 2012-03-12 02:05 - 00000000 ____D C:\Program Files (x86)\IObit2013-09-27 16:21 - 2012-03-11 20:01 - 00000000 ____D C:\ProgramData\NVIDIA2013-09-27 16:21 - 2012-03-11 20:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation2013-09-26 13:40 - 2013-09-26 13:40 - 00140429 _____ C:\Users\GaryLina\Documents\Gary Teo_Summary.pptx2013-09-26 01:46 - 2012-03-12 00:22 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-09-19 14:07 - 2013-01-03 22:22 - 00001331 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk2013-09-19 14:05 - 2013-05-16 20:31 - 00000000 ____D C:\Users\GaryLina\Documents\Razer2013-09-19 14:05 - 2013-01-03 22:23 - 00000000 ____D C:\Users\GaryLina\AppData\Local\Razer2013-09-18 23:08 - 2013-01-03 22:22 - 00000000 ____D C:\ProgramData\Razer2013-09-18 23:08 - 2012-04-29 20:16 - 00000000 ____D C:\Program Files (x86)\Razer2013-09-18 23:07 - 2013-06-21 15:28 - 00015753 _____ C:\autoupdate.log2013-09-13 19:46 - 2012-04-17 04:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-09-13 19:46 - 2012-04-17 04:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-09-13 19:46 - 2012-03-11 19:35 - 00000000 ___RD C:\Users\GaryLina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-09-13 19:46 - 2012-03-11 19:35 - 00000000 ___RD C:\Users\GaryLina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-09-13 19:45 - 2013-07-13 01:38 - 00000000 ____D C:\Windows\system32\MRT2013-09-13 19:45 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-09-13 19:42 - 2013-09-13 19:42 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-09-13 19:42 - 2013-09-13 19:42 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-09-13 19:42 - 2013-09-13 19:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-09-13 19:42 - 2013-09-13 19:42 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-09-13 19:42 - 2013-09-13 19:42 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-09-13 19:42 - 2013-09-13 19:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-09-13 19:42 - 2013-09-13 19:42 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-09-13 19:42 - 2013-09-13 19:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-09-13 19:42 - 2013-09-13 19:42 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-09-13 19:42 - 2013-09-13 19:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-09-13 19:42 - 2013-09-13 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-09-12 16:58 - 2013-09-27 16:20 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll2013-09-12 16:58 - 2013-09-27 16:20 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll2013-09-12 16:58 - 2013-09-27 16:20 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll2013-09-12 16:58 - 2013-09-27 16:20 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll2013-09-12 16:58 - 2013-09-27 16:20 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll2013-09-12 16:58 - 2013-09-27 16:20 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll2013-09-12 16:58 - 2013-09-27 16:20 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys2013-09-12 16:58 - 2013-09-27 16:20 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll2013-09-12 16:58 - 2013-09-27 16:20 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll2013-09-12 16:58 - 2013-09-27 16:20 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll2013-09-12 16:58 - 2013-09-27 16:20 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll2013-09-12 16:58 - 2013-09-27 16:20 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll2013-09-12 16:58 - 2013-09-27 16:20 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll2013-09-12 16:58 - 2013-09-27 16:20 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll2013-09-12 16:58 - 2013-09-27 16:20 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll2013-09-12 16:58 - 2013-09-27 16:20 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll2013-09-12 16:58 - 2013-09-27 16:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll2013-09-12 16:58 - 2013-09-27 16:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll2013-09-12 16:58 - 2013-09-27 16:20 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll2013-09-12 16:58 - 2013-09-27 16:20 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll2013-09-12 16:58 - 2013-08-14 17:19 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll2013-09-12 16:58 - 2012-03-11 23:51 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll2013-09-12 16:58 - 2012-03-11 23:51 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll2013-09-12 16:58 - 2011-05-21 06:01 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll2013-09-12 16:58 - 2011-05-21 06:01 - 00022814 _____ C:\Windows\system32\nvinfo.pb2013-09-12 15:25 - 2012-03-11 20:01 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll2013-09-12 15:25 - 2012-03-11 20:01 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll2013-09-12 15:25 - 2012-03-11 20:01 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe2013-09-12 15:25 - 2012-03-11 20:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll2013-09-12 15:25 - 2012-03-11 20:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll2013-09-12 06:06 - 2012-03-11 23:52 - 03361114 _____ C:\Windows\system32\nvcoproc.bin2013-09-11 19:25 - 2013-09-11 19:15 - 00000000 ____D C:\Users\GaryLina\Desktop\TES4Edit_3_0_30_EXPERIMENTAL-11536-3-0-30EXP2013-09-11 19:18 - 2013-06-18 18:37 - 00000000 ____D C:\Users\GaryLina\AppData\Local\Oblivion2013-09-10 01:05 - 2013-09-10 01:05 - 00000000 ____D C:\BOSS Some content of TEMP:====================C:\Users\GaryLina\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-01 22:49 ==================== End Of Log ============================ Browser Status: - The blasted "DoSearch.com" is still the default site whenever I launch a browser.- Noticed web pages are not loading as fast as before.PC Status: - Performance seems to be overall. mbam-log-2013-10-10 (08-50-57).txt Addition.txt
  11. garytkh
    Ok ComboFix report attached. ComboFix.txt
  12. garytkh
    Gotcha, will run ComboFix. In the meantime, just wanna share something I found by doing regedit (see attached screenshot). in the HKEY_LOCAL_MACHINE folder, there are two registry entries which seem to be the Dosearch trigger for Chrome and IE. Could these be the problem?
  13. garytkh
    Hi MrC, Did everything you said except for running "FixDamage". Mbar detected no problems -- attached the log files here for your reference. Gary mbar-log-2013-10-09 (22-53-49).txt system-log.txt
  14. garytkh
    Hi MrC, Thank you for the quick response! This is the RogueKiller report: RogueKiller V8.7.1 _x64_ [Oct 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : GaryLina [Admin rights]Mode : Scan -- Date : 10/09/2013 20:51:21| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Corsair Neutron GTX SSD ATA Device +++++--- User ---[MBR] d9134e6de96f47074334ac98b653ab80[bSP] 633b4ecd994eadb5c6f45bd8c0f4efc9 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16065 | Size: 101 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 224910 | Size: 228824 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_10092013_205121.txt >>
  15. garytkh
    Hi, I have a problem which I hope you can help here. 1. I stupidly downloaded a file which advertently contained " "Dosearches.com" malware. 2. Result: Everytime I open my browser window (Chrome or IE), it automatically goes to this URL: http://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=sc&from=smt&uid=CorsairXNeutronXGTXXSSD_13267904000097560098&ts=1381309315 3. I manually reset Chrome and IE to my default settings, removed the Dosearch extensions, removed the Dosearch search engine --> problem still persists. 4. Ran Malwarebytes Anti-Malware --> detected Dosearch and removed it --> problem still persists. 5. Ran Malwarebytes Anti-Rootkit --> no malware detected --> problem still persists. 6. Ran Avast Anti-Virus --> no virus detected --> problem still persists. I'm at my wits end now on how to resolve this so hope you can help. Here are the two reports to aid my case: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.40.2Run by GaryLina at 20:20:35 on 2013-10-09Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16349.14149 [GMT 8:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exeC:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exeC:\Program Files (x86)\ASUS\AAHM\1.00.17\aaHMSvc.exeC:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exeC:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exeC:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\Users\GaryLina\Documents\RealTemp_370\RealTemp.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Razer\Razer Game Booster\main.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\svchost.exe -k swprvC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreserveuProxyOverride = <local>mWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStartmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0LSP: %SystemRoot%\system32\WTFastDrv.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.1.254TCP: Interfaces\{79DD31F4-0A96-4D43-A3A2-EEC2B97FB91E} : DHCPNameServer = 192.168.1.254SSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-9 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-10-9 204880]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-9 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-10-9 378944]R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-24 574272]R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-12-13 918448]R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.17\aaHMSvc.exe [2012-12-13 947328]R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-12-13 586880]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-10-9 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-9 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-9 46808]R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-9-18 106472]R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]R3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2012-3-11 12032]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]R3 VKbms;Razer Gaming Device;C:\Windows\System32\drivers\VKbms.sys [2012-3-11 13312]R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\GaryLina\Documents\RealTemp_370\WinRing0x64.sys [2008-7-26 14544]S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-7-9 17480]S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-7-9 9800]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-12 1255736].=============== Created Last 30 ================.2013-10-09 12:12:57 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-09 10:30:12 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9FE4CCDE-6B49-4F65-A1DB-873FD9AA1D70}\offreg.dll2013-10-09 10:06:18 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys2013-10-09 10:06:18 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys2013-10-09 10:06:18 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys2013-10-09 10:06:18 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys2013-10-09 10:06:17 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys2013-10-09 10:06:05 41664 ----a-w- C:\Windows\avastSS.scr2013-10-09 10:04:23 -------- d-----w- C:\ProgramData\AVAST Software2013-10-09 09:59:14 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9FE4CCDE-6B49-4F65-A1DB-873FD9AA1D70}\mpengine.dll2013-10-09 09:23:29 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-09 09:23:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-09 09:02:16 -------- d-----w- C:\Users\GaryLina\AppData\Local\Bundled software uninstaller2013-10-09 09:01:57 -------- d-----w- C:\ProgramData\eSafe2013-10-09 08:36:18 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll2013-10-09 08:36:18 259584 ----a-w- C:\Windows\System32\WebClnt.dll2013-10-09 08:36:18 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll2013-10-09 08:36:18 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys2013-10-09 08:36:18 102400 ----a-w- C:\Windows\System32\davclnt.dll2013-10-09 08:34:49 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys2013-10-09 08:34:31 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-09 08:34:31 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll2013-10-09 08:34:14 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys2013-10-09 08:34:14 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys2013-10-09 08:32:20 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 08:32:20 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll2013-10-09 08:32:16 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-10-09 08:32:12 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-10-09 08:32:12 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-10-09 08:32:12 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-10-09 08:32:12 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-10-08 11:34:40 -------- d-----w- C:\ProgramData\Media Center Programs2013-10-03 14:48:08 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}2013-10-03 13:21:12 -------- d-----w- C:\Program Files (x86)\THQ2013-10-03 02:17:29 -------- d-----w- C:\ProgramData\Oracle2013-10-03 02:17:23 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-09-13 11:40:32 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-09-09 17:05:14 -------- d-----w- C:\BOSS.==================== Find3M ====================.2013-10-09 08:33:59 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-10-03 02:17:21 868264 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll2013-10-03 02:17:21 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-09-13 11:46:31 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-09-13 11:46:31 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-12 08:58:10 9281032 ----a-w- C:\Windows\System32\nvcuda.dll2013-09-12 07:25:43 6599968 ----a-w- C:\Windows\System32\nvcpl.dll2013-09-12 07:25:43 3452192 ----a-w- C:\Windows\System32\nvsvc64.dll2013-09-12 07:25:40 920864 ----a-w- C:\Windows\System32\nvvsvc.exe2013-09-12 07:25:40 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-09-12 07:25:40 219424 ----a-w- C:\Windows\System32\nvmctray.dll2013-09-11 22:06:31 3361114 ----a-w- C:\Windows\System32\nvcoproc.bin2013-08-18 08:23:40 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-18 08:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-18 08:22:55 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-08-18 08:22:55 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-08-18 08:22:47 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-08-18 08:22:40 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-18 08:22:40 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-18 08:22:40 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-18 08:22:40 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-18 08:22:40 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-18 08:22:40 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-18 08:22:40 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-18 08:22:40 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-09 06:25:05 386416 ----a-w- C:\Windows\SysWow64\networkdlllsp.dll2013-08-06 20:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL.============= FINISH: 20:20:44.45 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 3/11/2012 7:34:50 PMSystem Uptime: 10/9/2013 7:21:15 PM (1 hours ago).Motherboard: ASUSTeK Computer INC. | | P8Z68-V LEProcessor: Intel® Core i5-2400 CPU @ 3.10GHz | LGA1155 | 3101/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 223 GiB total, 80.648 GiB free.D: is CDROM (UDF).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP253: 10/9/2013 5:06:50 PM - PointRP254: 10/9/2013 5:59:10 PM - Windows UpdateRP255: 10/9/2013 6:05:49 PM - avast! Free Antivirus Setup.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)Advanced SystemCare 6AionAkamai NetSession InterfaceAsmedia ASM104x USB 3.0 Host Controller DriverASUS nVidia DriverAuslogics Disk Defragavast! Free AntivirusBattlePing 1.3.2.3BOSSCCleanerCommand & Conquer™ Red Alert™ 3Company of HeroesCompany of Heroes - FAKEMSIEaseUS Partition Master 9.2.2Google ChromeGoogle Update HelperJava 7 Update 40Java Auto UpdaterMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 1.1Microsoft .NET Framework 4.5Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WSE 3.0 RuntimeNCSOFT Game LauncherNVIDIA Control Panel 327.23NVIDIA Graphics Driver 327.23NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.13.0725Oblivion mod manager 1.1.12OriginRazer DeathAdder MouseRazer Game BoosterRealtek Ethernet Controller DriverSecurity Update for Microsoft .NET Framework 4.5 (KB2737083)Security Update for Microsoft .NET Framework 4.5 (KB2742613)Security Update for Microsoft .NET Framework 4.5 (KB2789648)Security Update for Microsoft .NET Framework 4.5 (KB2804582)Security Update for Microsoft .NET Framework 4.5 (KB2833957)Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)Security Update for Microsoft .NET Framework 4.5 (KB2861208)SteamThe Elder Scrolls IV: Oblivion The Lord of the Rings Online™: Siege of Mirkwood™ v03.01.00.802Unofficial Oblivion Patch v3.4.3Unofficial Official Mods Patch v18Unofficial Shivering Isles Patch v1.5.2Update for Microsoft .NET Framework 4.5 (KB2750147)Update for Microsoft .NET Framework 4.5 (KB2805221)Update for Microsoft .NET Framework 4.5 (KB2805226)Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesWindows Media Player Firefox PluginWTFast 2.13.==== Event Viewer Messages From Past Week ========.10/9/2013 8:12:39 PM, Error: mbamchameleon [61440] - 10/9/2013 8:11:33 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.10/9/2013 8:11:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.10/9/2013 4:38:21 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit..==== End Of File =========================== Please help, thank you.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.