Jump to content

NSCodeRed

Members
  • Posts

    42
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Unfortunately it didn't seem to help my problem but here is the link... http://paste.ubuntu.com/6587439
  2. Ok so my computer is up and running now, well mostly. It seems the only problem I currently have is booting windows. It will say the Boot Manager is missing, so I let it restart, press Esc till a boot menu appears, I'll change the BIOS to let the drive with windows installed boot first, save anx exit, and everything will see great until I go to turn my laptop on the next time and I'll have to repeat everything again. Any ideas!?
  3. Yes! I had an issue with windows having no drivers for anything until I found my Asus/Windows discs. Haven't been able to use them yet because work took me out of state for a bit but Im back and will have an update in 24 hours!
  4. Ok so what I did was take out my other 750gb drive and delete all the partitions on the remaining drive and started from there. Windows seems to be loading fine, I'll let you know when I have my os/laptop working and functional.
  5. I couldn't locate my discs or get any, so I downloaded the .iso file from windows and have been trying to load windows again (I have everything backed up on an external hdd) since it appears like my whole C:Drive was wiped but it is somehow failing to create a new system partition and I don't know how to view the setup logs for my information as to why...
  6. I've been looking and can't find it lol. I'll report back when I do...
  7. It wont even load into the advanced options menu at startup. All I can do is enter the Setup Utility...
  8. Ran it, Windows startup repair popped up and now windows won't boot from my C drive. Says select bootable drive/media...
  9. Here is the log... mbar-log-2013-11-24 (21-50-34).txt
  10. I got an error message from Microsoft when it tried to install an update (Error 8004FF86) Security Essentials still says I have a virus, and for some reason sometimes I can't gain internet access through my router even though I can on other devices. I haven't had any more BSOD or blue screens but Windows has shut down twice unexpectedly.
  11. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by Nick (administrator) on NICK-PC on 21-11-2013 22:30:25 Running from C:\Users\Nick\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\ExpressGateUtil\VAWinService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\syswow64\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Sentelic Corporation) C:\Program Files\FSP\FspUip.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (ASUS) C:\Windows\AsScrPro.exe () C:\ExpressGateUtil\VAWinAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [4285952 2011-06-19] (Sentelic Corporation) HKLM\...\Run: [intelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [setwallpaper] - c:\programdata\SetWallpaper.cmd HKLM\...\Run: [MSC] - "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered) HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [371 2013-11-21] () HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme) HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2011-08-23] (ASUS) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909312 2011-03-16] (Creative Technology Ltd) HKLM-x32\...\Run: [updReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-04-07] () HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS) HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [FLxHCIm64] - C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [48128 2012-07-19] (Windows ® Win 7 DDK provider) HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/?rlz=1W4CHBA_enUS551 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {7E560C20-D716-46B4-91AF-BF3C53806D98} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms} BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.1_0 CHR Extension: (Google Wallet) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2010-07-27] () R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation) S3 HawkesUpdater; C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe [8192 2003-04-18] () R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-25] () ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.) R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS) R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic) R3 fspad_win764; C:\Windows\System32\DRIVERS\fspad_win764.sys [53760 2011-06-19] (Windows ® Win 7 DDK provider) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-21 22:30 - 2013-11-21 22:30 - 00013071 _____ C:\Users\Nick\Desktop\FRST.txt 2013-11-20 19:15 - 2013-11-21 22:28 - 00000000 ____D C:\FRST 2013-11-20 19:13 - 2013-11-20 19:14 - 01957964 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe 2013-11-20 07:31 - 2013-11-20 07:31 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-11-20 07:28 - 2013-11-20 07:28 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller (1).zip 2013-11-19 12:01 - 2013-11-19 12:01 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller.zip 2013-11-19 12:00 - 2013-11-19 12:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Nick\Desktop\tdsskiller.exe 2013-11-18 23:45 - 2013-11-18 23:45 - 00292936 _____ C:\Windows\Minidump\111813-20342-01.dmp 2013-11-18 20:01 - 2013-11-18 20:02 - 00292888 _____ C:\Windows\Minidump\111813-20638-01.dmp 2013-11-18 18:28 - 2013-11-18 18:29 - 00001274 _____ C:\DelFix.txt 2013-11-18 18:28 - 2013-11-18 18:28 - 00000000 ____D C:\Windows\ERUNT 2013-11-18 18:21 - 2013-11-18 18:21 - 00292904 _____ C:\Windows\Minidump\111813-17534-01.dmp 2013-11-18 18:18 - 2013-11-18 18:18 - 00292848 _____ C:\Windows\Minidump\111813-25318-01.dmp 2013-11-18 14:38 - 2013-11-18 14:49 - 00000000 ____D C:\uninstall.exe 2013-11-18 14:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-18 14:06 - 2013-11-18 14:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-18 14:05 - 2013-11-18 14:07 - 00007808 _____ C:\Windows\IE11_main.log 2013-11-18 13:56 - 2013-11-18 13:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall (1).exe 2013-11-18 13:53 - 2013-11-18 13:54 - 44335120 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\IE10-Windows6.1-x64-en-us.exe 2013-11-17 02:22 - 2013-11-17 03:08 - 00017006 _____ C:\Users\Nick\Documents\Rap.odt 2013-11-17 00:28 - 2013-11-17 00:29 - 00292872 _____ C:\Windows\Minidump\111713-16161-01.dmp 2013-11-15 18:49 - 2013-11-15 18:49 - 00048651 _____ C:\Users\Nick\Downloads\[kickass.to]the.purge.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:18 - 2013-11-15 16:18 - 00066883 _____ C:\Users\Nick\Downloads\[kickass.to]white.house.down.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051170 _____ C:\Users\Nick\Downloads\[kickass.to]man.of.steel.2013.1080p.bluray.x264.sector7.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051089 _____ C:\Users\Nick\Downloads\[kickass.to]the.internship.2013.unrated.1080p.bluray.dts.x264.publichd.torrent 2013-11-14 10:51 - 2013-11-14 10:51 - 00292792 _____ C:\Windows\Minidump\111413-22323-01.dmp 2013-11-14 07:27 - 2013-11-14 07:27 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\ASUS WebStorage 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ASUS WebStorage 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Malwarebytes 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Malwarebytes 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default User\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-11-13 20:51 - 2013-11-13 20:51 - 00292848 _____ C:\Windows\Minidump\111313-34788-01.dmp 2013-11-13 20:11 - 2013-11-14 07:22 - 00000000 ____D C:\Windows\system32\MpEngineStore 2013-11-13 15:01 - 2013-11-13 15:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-13 15:00 - 2013-11-13 15:00 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-13 15:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-11-13 06:59 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 06:59 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 06:59 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 06:59 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 06:59 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 06:59 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 06:59 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 06:59 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 06:59 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 06:59 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 06:59 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 06:59 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 06:59 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 06:59 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 06:59 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 06:59 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 06:59 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 06:59 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 06:59 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 06:59 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 06:59 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 06:59 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 06:59 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 06:59 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 06:59 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 06:59 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 06:59 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 06:59 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 06:59 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 06:59 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-11 18:12 - 2013-11-11 18:12 - 00292880 _____ C:\Windows\Minidump\111113-30638-01.dmp 2013-11-11 10:31 - 2013-11-12 10:19 - 00000000 ____D C:\Windows\erdnt 2013-11-11 09:56 - 2013-11-11 10:06 - 00004299 _____ C:\Users\Nick\Documents\ark.txt 2013-11-11 09:40 - 2013-11-11 09:40 - 00377856 _____ C:\Users\Nick\Downloads\s73rw66m.exe 2013-11-10 00:25 - 2013-11-10 00:25 - 00292848 _____ C:\Windows\Minidump\111013-33150-01.dmp 2013-11-09 02:12 - 2013-11-20 19:10 - 591356076 _____ C:\Windows\MEMORY.DMP 2013-11-09 02:12 - 2013-11-20 19:10 - 00000000 ____D C:\Windows\Minidump 2013-11-09 02:12 - 2013-11-09 02:13 - 00292896 _____ C:\Windows\Minidump\110913-46316-01.dmp 2013-11-08 11:53 - 2013-11-13 16:15 - 00000000 ____D C:\Users\Nick\AppData\Local\Bgtion 2013-10-31 06:05 - 2013-10-31 06:05 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Guild Wars 2 ==================== One Month Modified Files and Folders ======= 2013-11-21 22:30 - 2013-11-21 22:30 - 00013071 _____ C:\Users\Nick\Desktop\FRST.txt 2013-11-21 22:28 - 2013-11-20 19:15 - 00000000 ____D C:\FRST 2013-11-21 22:22 - 2011-08-23 22:37 - 01252653 _____ C:\Windows\WindowsUpdate.log 2013-11-21 22:18 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-21 22:18 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-21 22:16 - 2009-07-14 00:13 - 00742524 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-21 22:13 - 2012-02-14 05:15 - 00000000 ____D C:\Users\Nick\Documents\Bluetooth Folder 2013-11-21 22:12 - 2013-09-15 16:54 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-21 22:12 - 2012-03-29 01:45 - 00000376 _____ C:\Users\Nick\AppData\Roaming\sp_data.sys 2013-11-21 22:10 - 2013-09-04 20:13 - 00013691 _____ C:\Windows\setupact.log 2013-11-21 22:10 - 2012-05-16 21:18 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-21 22:10 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-20 19:21 - 2012-02-18 01:48 - 00002113 _____ C:\Windows\epplauncher.mif 2013-11-20 19:14 - 2013-11-20 19:13 - 01957964 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe 2013-11-20 19:10 - 2013-11-09 02:12 - 591356076 _____ C:\Windows\MEMORY.DMP 2013-11-20 19:10 - 2013-11-09 02:12 - 00000000 ____D C:\Windows\Minidump 2013-11-20 12:05 - 2013-09-15 16:54 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-20 12:03 - 2013-10-04 01:03 - 00000911 _____ C:\Windows\Tasks\EPSON XP-310 Series Update {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job 2013-11-20 12:03 - 2013-10-04 01:03 - 00000725 _____ C:\Windows\Tasks\EPSON XP-310 Series Invitation {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job 2013-11-20 09:15 - 2009-07-14 00:08 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-20 08:40 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache 2013-11-20 07:31 - 2013-11-20 07:31 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-11-20 07:28 - 2013-11-20 07:28 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller (1).zip 2013-11-19 12:01 - 2013-11-19 12:01 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller.zip 2013-11-19 12:00 - 2013-11-19 12:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Nick\Desktop\tdsskiller.exe 2013-11-19 11:54 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-19 05:21 - 2012-02-18 01:51 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-18 23:45 - 2013-11-18 23:45 - 00292936 _____ C:\Windows\Minidump\111813-20342-01.dmp 2013-11-18 20:02 - 2013-11-18 20:01 - 00292888 _____ C:\Windows\Minidump\111813-20638-01.dmp 2013-11-18 18:29 - 2013-11-18 18:28 - 00001274 _____ C:\DelFix.txt 2013-11-18 18:28 - 2013-11-18 18:28 - 00000000 ____D C:\Windows\ERUNT 2013-11-18 18:21 - 2013-11-18 18:21 - 00292904 _____ C:\Windows\Minidump\111813-17534-01.dmp 2013-11-18 18:18 - 2013-11-18 18:18 - 00292848 _____ C:\Windows\Minidump\111813-25318-01.dmp 2013-11-18 14:49 - 2013-11-18 14:38 - 00000000 ____D C:\uninstall.exe 2013-11-18 14:45 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini 2013-11-18 14:43 - 2011-04-01 23:17 - 00477680 _____ C:\Windows\PFRO.log 2013-11-18 14:10 - 2012-02-14 05:14 - 00001415 _____ C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-18 14:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-18 14:07 - 2013-11-18 14:05 - 00007808 _____ C:\Windows\IE11_main.log 2013-11-18 14:06 - 2013-11-18 14:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-18 14:04 - 2011-08-23 22:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-11-18 14:03 - 2011-08-23 22:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-11-18 14:00 - 2012-03-04 20:12 - 00000000 ____D C:\Users\Nick\AppData\Local\Adobe 2013-11-18 13:59 - 2012-03-04 20:12 - 00000000 ____D C:\ProgramData\Adobe 2013-11-18 13:59 - 2012-03-04 20:12 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 13:56 - 2013-11-18 13:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-18 13:56 - 2012-02-17 04:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall (1).exe 2013-11-18 13:54 - 2013-11-18 13:53 - 44335120 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\IE10-Windows6.1-x64-en-us.exe 2013-11-18 13:54 - 2013-05-24 17:58 - 00008515 _____ C:\Windows\IE10_main.log 2013-11-17 20:17 - 2011-08-23 22:54 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe 2013-11-17 03:08 - 2013-11-17 02:22 - 00017006 _____ C:\Users\Nick\Documents\Rap.odt 2013-11-17 01:34 - 2012-02-16 21:29 - 00000000 ____D C:\Users\Nick\AppData\Roaming\SoftGrid Client 2013-11-17 01:13 - 2013-08-28 13:03 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc 2013-11-17 00:29 - 2013-11-17 00:28 - 00292872 _____ C:\Windows\Minidump\111713-16161-01.dmp 2013-11-17 00:26 - 2012-04-27 20:35 - 00000000 ____D C:\Users\Nick\AppData\Roaming\uTorrent 2013-11-15 18:49 - 2013-11-15 18:49 - 00048651 _____ C:\Users\Nick\Downloads\[kickass.to]the.purge.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:33 - 2012-10-22 17:00 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2 2013-11-15 16:18 - 2013-11-15 16:18 - 00066883 _____ C:\Users\Nick\Downloads\[kickass.to]white.house.down.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051170 _____ C:\Users\Nick\Downloads\[kickass.to]man.of.steel.2013.1080p.bluray.x264.sector7.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051089 _____ C:\Users\Nick\Downloads\[kickass.to]the.internship.2013.unrated.1080p.bluray.dts.x264.publichd.torrent 2013-11-14 10:51 - 2013-11-14 10:51 - 00292792 _____ C:\Windows\Minidump\111413-22323-01.dmp 2013-11-14 07:27 - 2013-11-14 07:27 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-14 07:23 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-11-14 07:22 - 2013-11-13 20:11 - 00000000 ____D C:\Windows\system32\MpEngineStore 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\ASUS WebStorage 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ASUS WebStorage 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Malwarebytes 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Malwarebytes 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default User\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-11-13 20:51 - 2013-11-13 20:51 - 00292848 _____ C:\Windows\Minidump\111313-34788-01.dmp 2013-11-13 20:00 - 2013-08-12 21:32 - 00000000 ____D C:\Windows\system32\MRT 2013-11-13 20:00 - 2012-02-18 01:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-13 16:15 - 2013-11-08 11:53 - 00000000 ____D C:\Users\Nick\AppData\Local\Bgtion 2013-11-13 15:01 - 2013-11-13 15:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes 2013-11-13 15:01 - 2012-03-14 13:48 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps 2013-11-13 15:00 - 2013-11-13 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-13 15:00 - 2013-11-13 15:00 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-12 10:20 - 2009-07-13 21:34 - 67895296 _____ C:\Windows\system32\config\software.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 24117248 _____ C:\Windows\system32\config\system.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 01572864 _____ C:\Windows\system32\config\default.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\security.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\sam.bak 2013-11-12 10:19 - 2013-11-11 10:31 - 00000000 ____D C:\Windows\erdnt 2013-11-11 18:32 - 2012-02-14 05:16 - 00000000 ____D C:\Users\Nick\AppData\Local\Google 2013-11-11 18:32 - 2011-04-01 23:36 - 00000000 ____D C:\Program Files (x86)\Google 2013-11-11 18:12 - 2013-11-11 18:12 - 00292880 _____ C:\Windows\Minidump\111113-30638-01.dmp 2013-11-11 10:51 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default 2013-11-11 10:06 - 2013-11-11 09:56 - 00004299 _____ C:\Users\Nick\Documents\ark.txt 2013-11-11 09:40 - 2013-11-11 09:40 - 00377856 _____ C:\Users\Nick\Downloads\s73rw66m.exe 2013-11-11 02:51 - 2011-08-23 22:57 - 00000000 ____D C:\ExpressGateUtil 2013-11-11 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security 2013-11-11 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help 2013-11-11 02:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration 2013-11-10 23:53 - 2012-02-14 05:13 - 00000000 ____D C:\Users\Nick 2013-11-10 00:25 - 2013-11-10 00:25 - 00292848 _____ C:\Windows\Minidump\111013-33150-01.dmp 2013-11-09 02:13 - 2013-11-09 02:12 - 00292896 _____ C:\Windows\Minidump\110913-46316-01.dmp 2013-11-08 22:43 - 2009-07-14 02:44 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-11-08 11:53 - 2012-02-14 05:13 - 00000000 ____D C:\Users\Nick\AppData\Local\VirtualStore 2013-11-04 15:45 - 2013-08-28 10:47 - 00000794 _____ C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2013-10-31 06:05 - 2013-10-31 06:05 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Guild Wars 2 2013-10-31 06:05 - 2012-10-22 16:58 - 00000000 ____D C:\Users\Nick\Documents\Guild Wars 2 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 08:32 ==================== End Of Log ============================
  12. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2013 Ran by Nick at 2013-11-21 22:29:40 Run:1 Running from C:\Users\Nick\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Nick\AppData\Local\Google\Desktop\Install C:\Program Files (x86)\Google\Desktop\Install TDL4: custom:26000022 <===== ATTENTION! CMD: bootrec /fixmbr CMD: bootrec /fixboot ***************** C:\Users\Nick\AppData\Local\Google\Desktop\Install => Moved successfully. C:\Program Files (x86)\Google\Desktop\Install => Moved successfully. The operation completed successfully. The operation completed successfully. ========= bootrec /fixmbr ========= 'bootrec' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ========= bootrec /fixboot ========= 'bootrec' is not recognized as an internal or external command, operable program or batch file. ========= End of CMD: ========= ==== End of Fixlog ====
  13. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013 Ran by Nick at 2013-11-20 19:16:30 Running from C:\Users\Nick\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== µTorrent (HKCU Version: 3.3.2.30180) Adobe AIR (x32 Version: 2.7.0.19480) Adobe Download Assistant (x32 Version: 1.2.3) Adobe Flash Player 10 Plugin (x32 Version: 10.0.32.18) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Reader XI (11.0.04) (x32 Version: 11.0.04) Amazon Cloud Drive (x32 Version: 0.3.28.0) Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17) ASUS AI Recovery (x32 Version: 1.0.23) ASUS Live Update (x32 Version: 3.1.2) ASUS Power4Gear Hybrid (Version: 1.2.0) ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0040) ASUS USB Charger Plus (x32 Version: 2.0.8) ASUS Virtual Camera (x32 Version: 1.0.25) ASUS WebStorage (x32 Version: 3.0.84.161) AsusScr_G74 Series_ENG (x32 Version: 1.0.0001) AsusVibe2.0 (x32 Version: 2.0.4.617) Atheros Client Installation Program (x32 Version: 7.0) ATK Package (x32 Version: 1.0.0015) Batman: Arkham Asylum Game of the Year Edition (x32 Version: 1.0.0.0) Bluetooth Win7 Suite (64) (Version: 7.2.0.65) Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2) Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2) Crysis 2 (x32 Version: 1.0.0.0) D3DX10 (x32 Version: 15.4.2368.0902) DirectX 9 Runtime (x32 Version: 1.00.0000) EA Installer (x32 Version: 2.2.0.62) EA Shared Game Component: Activation (x32 Version: 2.2.0) EA Shared Game Component: Activation (x32 Version: 2.2.0.62) EPSON Connect version 1.0 (x32 Version: 1.0) Epson Customer Participation (Version: 1.6.3.0) Epson Event Manager (x32 Version: 3.10.0017) Epson E-Web Print (x32 Version: 1.17.0000) EPSON Scan (x32) EPSON XP-310 Series Printer Uninstall EpsonNet Print (x32 Version: 2.6.0) ESET Online Scanner v3 (x32) ExpressGateCloud (x32 Version: 2.6.27.160) Finger Sensing Pad Driver (Version: 9.1.3.5) Fresco Logic USB3.0 Host Controller (Version: 3.5.73.0) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) GameFast.exe (Version: 1.0.0.1) Google Chrome (x32 Version: 31.0.1650.57) Google Update Helper (x32 Version: 1.3.21.165) Guild Wars 2 (x32) Hawkes Update Service Manager (x32 Version: 1.0.7) Impulse® (x32 Version: 3.30) Intel® Control Center (x32 Version: 1.2.1.1007) Intel® Management Engine Components (x32 Version: 7.0.0.1118) Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0) Java 7 Update 17 (64-bit) (Version: 7.0.170) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Java 6 Update 31 (x32 Version: 6.0.310) Junk Mail filter update (x32 Version: 15.4.3502.0922) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mass Effect (x32 Version: 1.00) Mass Effect (x32) Mass Effect 2 (x32 Version: 1.02) Mass Effect 2 (x32) Mass Effect 3 - N7 Bonus Items (x32) Mass Effect™ 3 (x32 Version: 1.0.0.0) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) Microsoft Security Client (Version: 4.3.0219.0) Microsoft Security Essentials (Version: 4.3.219.0) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) Nexon Game Manager (x32) Nuance PDF Reader (x32 Version: 6.00.0041) NVIDIA 3D Vision Driver 311.44 (Version: 311.44) NVIDIA Control Panel 311.44 (Version: 311.44) NVIDIA Graphics Driver 311.44 (Version: 311.44) NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA PhysX (x32 Version: 9.12.1031) NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1144) NVIDIA Update 1.11.3 (Version: 1.11.3) NVIDIA Update Components (Version: 1.11.3) OpenOffice 4.0.1 (x32 Version: 4.01.9714) Origin (x32 Version: 8.5.0.4554) Pando Media Booster (x32 Version: 2.6.0.7) Picasa 3 (x32 Version: 3.9) Prealgebra (Fall 2012 Student) (x32 Version: 4.5.4) Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6564) Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10001) Rotation Desktop for G Series.exe (Version: 1.0.0.9) SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Skype™ 6.6 (x32 Version: 6.6.106) Software Updater (x32 Version: 4.1.5) syncables desktop SE (x32 Version: 5.5.746.11492) System Requirements Lab CYRI (x32 Version: 4.5.1.0) TeamSpeak 3 Client (x32 Version: 3.0.9.2) THX TruStudio (x32 Version: 1.03.01) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) VLC media player 2.0.8 (x32 Version: 2.0.8) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Family Safety (Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Live 影像中心 (x32 Version: 15.4.3502.0922) Windows Live 照片库 (x32 Version: 15.4.3502.0922) Windows Live 程式集 (x32 Version: 15.4.3502.0922) Windows Live 软件包 (x32 Version: 15.4.3502.0922) WinFlash (x32 Version: 2.32.0) WinX HD Video Converter Deluxe 3.12.2 (x32) Wireless Console 3 (x32 Version: 3.0.27) 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (x32 Version: 15.4.5722.2) 適用遠端連線的 Windows Live Mesh ActiveX 控制項 (x32 Version: 15.4.5722.2) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-13 21:34 - 2013-11-18 14:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {140D1DF4-5576-44D7-AC21-0CABF86ADFA8} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation) Task: {1585FC1A-BD64-4BEC-9E7C-C5CA83B828ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.) Task: {2772FDA6-0C09-4795-A44A-A7DC904078DC} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.) Task: {48DB270B-3652-44FA-981B-751E63D42587} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {4FAB41C2-964A-4CF4-8238-E828B69DE8A7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-01-30] (ASUSTek Computer Inc.) Task: {B6155FEB-D3EB-43AC-B55F-7E1356E49566} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.) Task: {C836E5E7-67CA-414B-A0C0-A0AB1BFCBE7C} - System32\Tasks\ASUS Patch 10430001 => C:\Windows\AsPatch10430001.exe Task: {CB837323-A777-4AEC-864C-F900F8817D04} - System32\Tasks\EPSON XP-310 Series Invitation {000F3676-290B-4C0B-BEB2-A06E917FD94D} => C:\Windows\System32\spool\drivers\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {D805026E-7374-41B3-8662-C6AE90FC5647} - System32\Tasks\EPSON XP-310 Series Update {000F3676-290B-4C0B-BEB2-A06E917FD94D} => C:\Windows\System32\spool\drivers\x64\3\E_ITSLBE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {F42A633A-1CE7-44EB-B3BA-D3BB3EAC4AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.) Task: {F552F1E4-EC4B-4468-BB35-54B8D763171B} - System32\Tasks\ASUS P4G => C:\Program Files\Asus\P4G\BatteryLife.exe [2012-01-04] (ASUS) Task: C:\Windows\Tasks\EPSON XP-310 Series Invitation {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE Task: C:\Windows\Tasks\EPSON XP-310 Series Update {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-07-14 15:11 - 2010-07-14 15:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2011-07-19 21:13 - 2011-06-19 01:03 - 00044032 _____ () C:\Program Files\FSP\KbdHook.dll 2011-07-19 21:13 - 2011-06-19 01:03 - 00072704 _____ () C:\Program Files\FSP\FspLib.dll 2011-08-23 22:55 - 2010-06-08 15:23 - 00236544 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2011-03-25 19:55 - 2011-03-25 19:55 - 00157000 _____ () C:\ExpressGateUtil\libexpat.dll 2011-03-25 19:55 - 2011-03-25 19:55 - 00061768 _____ () C:\ExpressGateUtil\netProfileDatabase.DLL 2012-02-06 18:32 - 2012-02-06 18:32 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2012-01-31 08:25 - 2012-01-31 08:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll 2013-11-15 15:24 - 2013-11-14 06:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll 2013-11-15 15:24 - 2013-11-14 06:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll 2013-11-15 15:24 - 2013-11-14 06:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll 2013-11-15 15:24 - 2013-11-14 06:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll 2013-11-15 15:24 - 2013-11-14 06:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/20/2013 10:45:00 AM) (Source: Microsoft Security Client Setup) (User: NT AUTHORITY) Description: HRESULT:0x8004FF86 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF86. Error: (11/20/2013 10:44:58 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft Security Client -- A reboot is needed to clean an active threat. Setup cannot continue until the threat has been cleaned. Error: (11/20/2013 08:58:43 AM) (Source: Microsoft Security Client Setup) (User: NT AUTHORITY) Description: HRESULT:0x8004FF86 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF86. Error: (11/20/2013 08:58:43 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: Product: Microsoft Security Client -- A reboot is needed to clean an active threat. Setup cannot continue until the threat has been cleaned. Error: (11/20/2013 08:33:34 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (11/20/2013 08:33:16 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (11/18/2013 06:29:20 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Volume/disk not connected or not found. Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy17 - 00000000000000E8,0x00560038,00000000005ACFE0,0,00000000005ABFD0,4096,[0]). Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider Error: (11/18/2013 03:58:54 PM) (Source: Application Hang) (User: ) Description: The program mbam.exe version 1.75.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a44 Start Time: 01cee49b3b0c8c88 Termination Time: 2 Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Report Id: 37b63439-5094-11e3-bb76-742f68846d15 Error: (11/18/2013 02:36:58 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Volume/disk not connected or not found. Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy19 - 000000000000015C,0x00560038,000000000041CFE0,0,000000000041BFD0,4096,[0]). Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider Error: (11/18/2013 02:32:04 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Volume/disk not connected or not found. Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy18 - 00000000000001BC,0x00560038,000000000041CFE0,0,000000000041BFD0,4096,[0]). Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider System errors: ============= Error: (11/20/2013 07:12:36 PM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (11/20/2013 07:12:36 PM) (Source: Service Control Manager) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (11/20/2013 07:10:19 PM) (Source: BugCheck) (User: ) Description: 0x0000001e (0xffffffffc0000005, 0xfffff800034bd666, 0x0000000000000000, 0xffffffffffffffff)C:\Windows\MEMORY.DMP Error: (11/20/2013 07:10:19 PM) (Source: BugCheck) (User: ) Description: Error: (11/20/2013 07:10:13 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 12:14:47 PM on ‎11/‎20/‎2013 was unexpected. Error: (11/20/2013 11:41:22 AM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (11/20/2013 11:41:22 AM) (Source: Service Control Manager) (User: ) Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (11/20/2013 10:45:47 AM) (Source: volsnap) (User: ) Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error: (11/20/2013 10:45:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.4.304.0 (KB2902885). Error: (11/20/2013 09:42:49 AM) (Source: Service Control Manager) (User: ) Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Microsoft Office Sessions: ========================= Error: (11/20/2013 10:45:00 AM) (Source: Microsoft Security Client Setup)(User: NT AUTHORITY) Description: HRESULT:0x8004FF86 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF86. Error: (11/20/2013 10:44:58 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: Microsoft Security Client -- A reboot is needed to clean an active threat. Setup cannot continue until the threat has been cleaned.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (11/20/2013 08:58:43 AM) (Source: Microsoft Security Client Setup)(User: NT AUTHORITY) Description: HRESULT:0x8004FF86 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF86. Error: (11/20/2013 08:58:43 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: Product: Microsoft Security Client -- A reboot is needed to clean an active threat. Setup cannot continue until the threat has been cleaned.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (11/20/2013 08:33:34 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (11/20/2013 08:33:16 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE Error: (11/18/2013 06:29:20 PM) (Source: VSS)(User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy17 - 00000000000000E8,0x00560038,00000000005ACFE0,0,00000000005ABFD0,4096,[0]) Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider Error: (11/18/2013 03:58:54 PM) (Source: Application Hang)(User: ) Description: mbam.exe1.75.0.11a4401cee49b3b0c8c882C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe37b63439-5094-11e3-bb76-742f68846d15 Error: (11/18/2013 02:36:58 PM) (Source: VSS)(User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy19 - 000000000000015C,0x00560038,000000000041CFE0,0,000000000041BFD0,4096,[0]) Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider Error: (11/18/2013 02:32:04 PM) (Source: VSS)(User: ) Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy18 - 00000000000001BC,0x00560038,000000000041CFE0,0,000000000041BFD0,4096,[0]) Operation: Processing PostFinalCommitSnapshots Context: Execution Context: System Provider CodeIntegrity Errors: =================================== Date: 2013-11-13 07:10:34.692 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-13 07:10:34.646 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-13 07:10:34.599 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-13 07:10:34.552 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-12 10:18:35.939 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-12 10:18:35.892 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-12 10:18:35.830 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-12 10:18:35.783 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-11 10:41:48.742 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-11-11 10:41:48.682 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 12265.16 MB Available physical RAM: 9068.29 MB Total Pagefile: 24528.5 MB Available Pagefile: 20962.62 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:100.35 GB) NTFS ==>[system with boot components (obtained from reading drive)] ATTENTION: Malware custom entry on BCD on drive c: detected. Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:63.51 GB) NTFS Drive e: (SDATA1) (Fixed) (Total:349.3 GB) (Free:349.21 GB) NTFS Drive f: (SDATA2) (Fixed) (Total:349.33 GB) (Free:44.14 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: AA9693FE) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=279 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=394 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 699 GB) (Disk ID: BBC58B91) Partition 1: (Not Active) - (Size=349 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=349 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  14. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013 Ran by Nick (administrator) on NICK-PC on 20-11-2013 19:15:29 Running from C:\Users\Nick\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe () C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\ExpressGateUtil\VAWinService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\syswow64\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Sentelic Corporation) C:\Program Files\FSP\FspUip.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (ASUS) C:\Windows\AsScrPro.exe () C:\ExpressGateUtil\VAWinAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Windows ® Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations) HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [4285952 2011-06-19] (Sentelic Corporation) HKLM\...\Run: [intelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] () HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [setwallpaper] - c:\programdata\SetWallpaper.cmd HKLM\...\Run: [MSC] - "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered) HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini [371 2013-11-20] () HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme) HKLM-x32\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2011-08-23] (ASUS) HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909312 2011-03-16] (Creative Technology Ltd) HKLM-x32\...\Run: [updReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-04-07] () HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS) HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [FLxHCIm64] - C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [48128 2012-07-19] (Windows ® Win 7 DDK provider) HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/?rlz=1W4CHBA_enUS551 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {7E560C20-D716-46B4-91AF-BF3C53806D98} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms} BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Chrome: ======= CHR DefaultSearchURL: (Yahoo!) - http://search.yahoo.com/search?ei=utf-8&fr=chr-greentree_gc&type=714647&ilc=12&p={searchTerms} CHR DefaultSuggestURL: (Yahoo!) - http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll (Amazon.com, Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Extension: (Google Docs) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Reddit Enhancement Suite) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.1_0 CHR Extension: (Google Wallet) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 AsusUacSvc; C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [113840 2010-07-27] () R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation) S3 HawkesUpdater; C:\Program Files (x86)\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe [8192 2003-04-18] () R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-25] () ==================== Drivers (Whitelisted) ==================== R3 AiCharger; C:\Windows\SysWow64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTek Computer Inc.) R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS) R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic) R3 fspad_win764; C:\Windows\System32\DRIVERS\fspad_win764.sys [53760 2011-06-19] (Windows ® Win 7 DDK provider) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) R1 MpKsl7c95ebaf; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40340AB0-88E9-46E0-A1AE-D831F36FE462}\MpKsl7c95ebaf.sys [46768 2013-11-20] (Microsoft Corporation) R1 MpKsl868a7c09; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40340AB0-88E9-46E0-A1AE-D831F36FE462}\MpKsl868a7c09.sys [46768 2013-11-20] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-20 19:15 - 2013-11-20 19:16 - 00016197 _____ C:\Users\Nick\Desktop\FRST.txt 2013-11-20 19:15 - 2013-11-20 19:15 - 00000000 ____D C:\FRST 2013-11-20 19:13 - 2013-11-20 19:14 - 01957964 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe 2013-11-20 19:11 - 2013-11-20 19:11 - 00000000 ___RD C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-11-20 07:31 - 2013-11-20 07:31 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-11-20 07:28 - 2013-11-20 07:28 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller (1).zip 2013-11-19 12:01 - 2013-11-19 12:01 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller.zip 2013-11-19 12:00 - 2013-11-19 12:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Nick\Desktop\tdsskiller.exe 2013-11-18 23:45 - 2013-11-18 23:45 - 00292936 _____ C:\Windows\Minidump\111813-20342-01.dmp 2013-11-18 20:01 - 2013-11-18 20:02 - 00292888 _____ C:\Windows\Minidump\111813-20638-01.dmp 2013-11-18 18:28 - 2013-11-18 18:29 - 00001274 _____ C:\DelFix.txt 2013-11-18 18:28 - 2013-11-18 18:28 - 00000000 ____D C:\Windows\ERUNT 2013-11-18 18:21 - 2013-11-18 18:21 - 00292904 _____ C:\Windows\Minidump\111813-17534-01.dmp 2013-11-18 18:18 - 2013-11-18 18:18 - 00292848 _____ C:\Windows\Minidump\111813-25318-01.dmp 2013-11-18 14:38 - 2013-11-18 14:49 - 00000000 ____D C:\uninstall.exe 2013-11-18 14:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-18 14:06 - 2013-11-18 14:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-18 14:05 - 2013-11-18 14:07 - 00007808 _____ C:\Windows\IE11_main.log 2013-11-18 13:56 - 2013-11-18 13:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall (1).exe 2013-11-18 13:53 - 2013-11-18 13:54 - 44335120 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\IE10-Windows6.1-x64-en-us.exe 2013-11-17 02:22 - 2013-11-17 03:08 - 00017006 _____ C:\Users\Nick\Documents\Rap.odt 2013-11-17 00:28 - 2013-11-17 00:29 - 00292872 _____ C:\Windows\Minidump\111713-16161-01.dmp 2013-11-15 18:49 - 2013-11-15 18:49 - 00048651 _____ C:\Users\Nick\Downloads\[kickass.to]the.purge.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:18 - 2013-11-15 16:18 - 00066883 _____ C:\Users\Nick\Downloads\[kickass.to]white.house.down.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051170 _____ C:\Users\Nick\Downloads\[kickass.to]man.of.steel.2013.1080p.bluray.x264.sector7.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051089 _____ C:\Users\Nick\Downloads\[kickass.to]the.internship.2013.unrated.1080p.bluray.dts.x264.publichd.torrent 2013-11-14 10:51 - 2013-11-14 10:51 - 00292792 _____ C:\Windows\Minidump\111413-22323-01.dmp 2013-11-14 07:27 - 2013-11-14 07:27 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\ASUS WebStorage 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ASUS WebStorage 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Malwarebytes 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Malwarebytes 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default User\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-11-13 20:51 - 2013-11-13 20:51 - 00292848 _____ C:\Windows\Minidump\111313-34788-01.dmp 2013-11-13 20:11 - 2013-11-14 07:22 - 00000000 ____D C:\Windows\system32\MpEngineStore 2013-11-13 15:01 - 2013-11-13 15:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-13 15:00 - 2013-11-13 15:00 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-13 15:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-11-13 06:59 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 06:59 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 06:59 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 06:59 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 06:59 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 06:59 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 06:59 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 06:59 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 06:59 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 06:59 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 06:59 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 06:59 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 06:59 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 06:59 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 06:59 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 06:59 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 06:59 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 06:59 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 06:59 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 06:59 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 06:59 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 06:59 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 06:59 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 06:59 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 06:59 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 06:59 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 06:59 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 06:59 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 06:59 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 06:59 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-11 18:12 - 2013-11-11 18:12 - 00292880 _____ C:\Windows\Minidump\111113-30638-01.dmp 2013-11-11 10:31 - 2013-11-12 10:19 - 00000000 ____D C:\Windows\erdnt 2013-11-11 09:56 - 2013-11-11 10:06 - 00004299 _____ C:\Users\Nick\Documents\ark.txt 2013-11-11 09:40 - 2013-11-11 09:40 - 00377856 _____ C:\Users\Nick\Downloads\s73rw66m.exe 2013-11-10 00:25 - 2013-11-10 00:25 - 00292848 _____ C:\Windows\Minidump\111013-33150-01.dmp 2013-11-09 02:12 - 2013-11-20 19:10 - 591356076 _____ C:\Windows\MEMORY.DMP 2013-11-09 02:12 - 2013-11-20 19:10 - 00000000 ____D C:\Windows\Minidump 2013-11-09 02:12 - 2013-11-09 02:13 - 00292896 _____ C:\Windows\Minidump\110913-46316-01.dmp 2013-11-08 11:53 - 2013-11-13 16:15 - 00000000 ____D C:\Users\Nick\AppData\Local\Bgtion 2013-10-31 06:05 - 2013-10-31 06:05 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Guild Wars 2 ==================== One Month Modified Files and Folders ======= 2013-11-20 19:16 - 2013-11-20 19:15 - 00016197 _____ C:\Users\Nick\Desktop\FRST.txt 2013-11-20 19:16 - 2009-07-14 00:13 - 00742524 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-20 19:15 - 2013-11-20 19:15 - 00000000 ____D C:\FRST 2013-11-20 19:14 - 2013-11-20 19:13 - 01957964 _____ (Farbar) C:\Users\Nick\Desktop\FRST64.exe 2013-11-20 19:13 - 2011-08-23 22:37 - 01205257 _____ C:\Windows\WindowsUpdate.log 2013-11-20 19:11 - 2013-11-20 19:11 - 00000000 ___RD C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-11-20 19:11 - 2013-09-15 16:54 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-20 19:11 - 2012-03-29 01:45 - 00000376 _____ C:\Users\Nick\AppData\Roaming\sp_data.sys 2013-11-20 19:10 - 2013-11-09 02:12 - 591356076 _____ C:\Windows\MEMORY.DMP 2013-11-20 19:10 - 2013-11-09 02:12 - 00000000 ____D C:\Windows\Minidump 2013-11-20 19:10 - 2013-09-04 20:13 - 00013635 _____ C:\Windows\setupact.log 2013-11-20 19:10 - 2012-05-16 21:18 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-20 19:10 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-20 12:05 - 2013-09-15 16:54 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-20 12:03 - 2013-10-04 01:03 - 00000911 _____ C:\Windows\Tasks\EPSON XP-310 Series Update {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job 2013-11-20 12:03 - 2013-10-04 01:03 - 00000725 _____ C:\Windows\Tasks\EPSON XP-310 Series Invitation {000F3676-290B-4C0B-BEB2-A06E917FD94D}.job 2013-11-20 11:46 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-20 11:46 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-20 10:44 - 2012-02-18 01:48 - 00002113 _____ C:\Windows\epplauncher.mif 2013-11-20 09:16 - 2012-02-14 05:15 - 00000000 ____D C:\Users\Nick\Documents\Bluetooth Folder 2013-11-20 09:15 - 2009-07-14 00:08 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-11-20 08:40 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache 2013-11-20 07:31 - 2013-11-20 07:31 - 00000000 ____D C:\TDSSKiller_Quarantine 2013-11-20 07:28 - 2013-11-20 07:28 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller (1).zip 2013-11-19 12:01 - 2013-11-19 12:01 - 04101441 _____ C:\Users\Nick\Downloads\tdsskiller.zip 2013-11-19 12:00 - 2013-11-19 12:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Nick\Desktop\tdsskiller.exe 2013-11-19 11:54 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-19 05:21 - 2012-02-18 01:51 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-18 23:45 - 2013-11-18 23:45 - 00292936 _____ C:\Windows\Minidump\111813-20342-01.dmp 2013-11-18 20:02 - 2013-11-18 20:01 - 00292888 _____ C:\Windows\Minidump\111813-20638-01.dmp 2013-11-18 18:29 - 2013-11-18 18:28 - 00001274 _____ C:\DelFix.txt 2013-11-18 18:28 - 2013-11-18 18:28 - 00000000 ____D C:\Windows\ERUNT 2013-11-18 18:21 - 2013-11-18 18:21 - 00292904 _____ C:\Windows\Minidump\111813-17534-01.dmp 2013-11-18 18:18 - 2013-11-18 18:18 - 00292848 _____ C:\Windows\Minidump\111813-25318-01.dmp 2013-11-18 14:49 - 2013-11-18 14:38 - 00000000 ____D C:\uninstall.exe 2013-11-18 14:45 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini 2013-11-18 14:43 - 2011-04-01 23:17 - 00477680 _____ C:\Windows\PFRO.log 2013-11-18 14:10 - 2012-02-14 05:14 - 00001415 _____ C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-18 14:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-18 14:07 - 2013-11-18 14:05 - 00007808 _____ C:\Windows\IE11_main.log 2013-11-18 14:06 - 2013-11-18 14:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-18 14:06 - 2013-11-18 14:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-18 14:06 - 2013-11-18 14:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-18 14:06 - 2013-11-18 14:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-18 14:06 - 2013-11-18 14:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-18 14:06 - 2013-11-18 14:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-18 14:06 - 2013-11-18 14:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-18 14:06 - 2013-11-18 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-18 14:04 - 2011-08-23 22:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-11-18 14:03 - 2011-08-23 22:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-11-18 14:00 - 2012-03-04 20:12 - 00000000 ____D C:\Users\Nick\AppData\Local\Adobe 2013-11-18 13:59 - 2012-03-04 20:12 - 00000000 ____D C:\ProgramData\Adobe 2013-11-18 13:59 - 2012-03-04 20:12 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 13:56 - 2013-11-18 13:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-18 13:56 - 2012-02-17 04:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-18 13:56 - 2012-02-17 04:54 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2013-11-18 13:54 - 2013-11-18 13:54 - 00915368 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall (1).exe 2013-11-18 13:54 - 2013-11-18 13:53 - 44335120 _____ (Microsoft Corporation) C:\Users\Nick\Downloads\IE10-Windows6.1-x64-en-us.exe 2013-11-18 13:54 - 2013-05-24 17:58 - 00008515 _____ C:\Windows\IE10_main.log 2013-11-17 20:17 - 2011-08-23 22:54 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe 2013-11-17 03:08 - 2013-11-17 02:22 - 00017006 _____ C:\Users\Nick\Documents\Rap.odt 2013-11-17 01:34 - 2012-02-16 21:29 - 00000000 ____D C:\Users\Nick\AppData\Roaming\SoftGrid Client 2013-11-17 01:13 - 2013-08-28 13:03 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc 2013-11-17 00:29 - 2013-11-17 00:28 - 00292872 _____ C:\Windows\Minidump\111713-16161-01.dmp 2013-11-17 00:26 - 2012-04-27 20:35 - 00000000 ____D C:\Users\Nick\AppData\Roaming\uTorrent 2013-11-15 18:49 - 2013-11-15 18:49 - 00048651 _____ C:\Users\Nick\Downloads\[kickass.to]the.purge.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:33 - 2012-10-22 17:00 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2 2013-11-15 16:18 - 2013-11-15 16:18 - 00066883 _____ C:\Users\Nick\Downloads\[kickass.to]white.house.down.2013.1080p.bluray.dts.hd.ma.5.1.x264.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051170 _____ C:\Users\Nick\Downloads\[kickass.to]man.of.steel.2013.1080p.bluray.x264.sector7.publichd.torrent 2013-11-15 16:17 - 2013-11-15 16:17 - 00051089 _____ C:\Users\Nick\Downloads\[kickass.to]the.internship.2013.unrated.1080p.bluray.dts.x264.publichd.torrent 2013-11-14 10:51 - 2013-11-14 10:51 - 00292792 _____ C:\Windows\Minidump\111413-22323-01.dmp 2013-11-14 07:27 - 2013-11-14 07:27 - 00000000 ____D C:\Program Files (x86)\ESET 2013-11-14 07:23 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-11-14 07:22 - 2013-11-13 20:11 - 00000000 ____D C:\Windows\system32\MpEngineStore 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe 2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\ASUS WebStorage 2013-11-14 07:20 - 2013-11-14 07:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ASUS WebStorage 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Malwarebytes 2013-11-14 07:15 - 2013-11-14 07:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Malwarebytes 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00002257 _____ C:\Users\Default User\Desktop\Google Chrome.lnk 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-11-14 07:11 - 2013-11-14 07:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-11-13 20:51 - 2013-11-13 20:51 - 00292848 _____ C:\Windows\Minidump\111313-34788-01.dmp 2013-11-13 20:00 - 2013-08-12 21:32 - 00000000 ____D C:\Windows\system32\MRT 2013-11-13 20:00 - 2012-02-18 01:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-13 16:15 - 2013-11-08 11:53 - 00000000 ____D C:\Users\Nick\AppData\Local\Bgtion 2013-11-13 15:01 - 2013-11-13 15:01 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes 2013-11-13 15:01 - 2012-03-14 13:48 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps 2013-11-13 15:00 - 2013-11-13 15:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-13 15:00 - 2013-11-13 15:00 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-13 15:00 - 2013-11-13 15:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-12 10:20 - 2009-07-13 21:34 - 67895296 _____ C:\Windows\system32\config\software.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 24117248 _____ C:\Windows\system32\config\system.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 01572864 _____ C:\Windows\system32\config\default.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\security.bak 2013-11-12 10:20 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\sam.bak 2013-11-12 10:19 - 2013-11-11 10:31 - 00000000 ____D C:\Windows\erdnt 2013-11-11 18:32 - 2012-02-14 05:16 - 00000000 ____D C:\Users\Nick\AppData\Local\Google 2013-11-11 18:32 - 2011-04-01 23:36 - 00000000 ____D C:\Program Files (x86)\Google 2013-11-11 18:12 - 2013-11-11 18:12 - 00292880 _____ C:\Windows\Minidump\111113-30638-01.dmp 2013-11-11 10:51 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default 2013-11-11 10:06 - 2013-11-11 09:56 - 00004299 _____ C:\Users\Nick\Documents\ark.txt 2013-11-11 09:40 - 2013-11-11 09:40 - 00377856 _____ C:\Users\Nick\Downloads\s73rw66m.exe 2013-11-11 02:51 - 2011-08-23 22:57 - 00000000 ____D C:\ExpressGateUtil 2013-11-11 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security 2013-11-11 02:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help 2013-11-11 02:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration 2013-11-10 23:53 - 2012-02-14 05:13 - 00000000 ____D C:\Users\Nick 2013-11-10 00:25 - 2013-11-10 00:25 - 00292848 _____ C:\Windows\Minidump\111013-33150-01.dmp 2013-11-09 02:13 - 2013-11-09 02:12 - 00292896 _____ C:\Windows\Minidump\110913-46316-01.dmp 2013-11-08 22:43 - 2009-07-14 02:44 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-11-08 11:53 - 2012-02-14 05:13 - 00000000 ____D C:\Users\Nick\AppData\Local\VirtualStore 2013-11-04 15:45 - 2013-08-28 10:47 - 00000794 _____ C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2013-10-31 06:05 - 2013-10-31 06:05 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Guild Wars 2 2013-10-31 06:05 - 2012-10-22 16:58 - 00000000 ____D C:\Users\Nick\Documents\Guild Wars 2 ZeroAccess: C:\Users\Nick\AppData\Local\Google\Desktop\Install ZeroAccess: C:\Program Files (x86)\Google\Desktop\Install ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit TDL4: custom:26000022 <===== ATTENTION! LastRegBack: 2013-11-20 08:32 ==================== End Of Log ============================
  15. 07:29:56.0882 0x0398 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 07:29:56.0892 0x0398 rdbss - ok 07:29:56.0904 0x0398 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 07:29:56.0904 0x0398 rdpbus - ok 07:29:56.0917 0x0398 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 07:29:56.0919 0x0398 RDPCDD - ok 07:29:56.0929 0x0398 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 07:29:56.0929 0x0398 RDPENCDD - ok 07:29:56.0939 0x0398 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 07:29:56.0939 0x0398 RDPREFMP - ok 07:29:56.0972 0x0398 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 07:29:56.0974 0x0398 RdpVideoMiniport - ok 07:29:56.0997 0x0398 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 07:29:57.0002 0x0398 RDPWD - ok 07:29:57.0017 0x0398 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 07:29:57.0022 0x0398 rdyboost - ok 07:29:57.0047 0x0398 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 07:29:57.0052 0x0398 RemoteRegistry - ok 07:29:57.0059 0x0398 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 07:29:57.0064 0x0398 RFCOMM - ok 07:29:57.0077 0x0398 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 07:29:57.0079 0x0398 RpcEptMapper - ok 07:29:57.0112 0x0398 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 07:29:57.0114 0x0398 RpcLocator - ok 07:29:57.0139 0x0398 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 07:29:57.0149 0x0398 RpcSs - ok 07:29:57.0172 0x0398 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 07:29:57.0174 0x0398 rspndr - ok 07:29:57.0212 0x0398 [ E57FAC2CDB73F06586ED2ED310B80932, 9BFC866E8AF555810127D1B95D1950BAC645C2553A46620417F6BA19FF5706B7 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys 07:29:57.0217 0x0398 RSUSBVSTOR - ok 07:29:57.0254 0x0398 [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 07:29:57.0262 0x0398 RTL8167 - ok 07:29:57.0279 0x0398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 07:29:57.0279 0x0398 SamSs - ok 07:29:57.0292 0x0398 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 07:29:57.0294 0x0398 sbp2port - ok 07:29:57.0324 0x0398 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 07:29:57.0332 0x0398 SCardSvr - ok 07:29:57.0339 0x0398 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 07:29:57.0342 0x0398 scfilter - ok 07:29:57.0374 0x0398 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 07:29:57.0417 0x0398 Schedule - ok 07:29:57.0464 0x0398 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 07:29:57.0467 0x0398 SCPolicySvc - ok 07:29:57.0479 0x0398 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 07:29:57.0484 0x0398 SDRSVC - ok 07:29:57.0494 0x0398 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 07:29:57.0494 0x0398 secdrv - ok 07:29:57.0509 0x0398 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 07:29:57.0509 0x0398 seclogon - ok 07:29:57.0524 0x0398 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll 07:29:57.0527 0x0398 SENS - ok 07:29:57.0529 0x0398 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 07:29:57.0532 0x0398 SensrSvc - ok 07:29:57.0547 0x0398 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 07:29:57.0547 0x0398 Serenum - ok 07:29:57.0559 0x0398 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 07:29:57.0564 0x0398 Serial - ok 07:29:57.0572 0x0398 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 07:29:57.0574 0x0398 sermouse - ok 07:29:57.0587 0x0398 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 07:29:57.0592 0x0398 SessionEnv - ok 07:29:57.0602 0x0398 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 07:29:57.0602 0x0398 sffdisk - ok 07:29:57.0614 0x0398 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 07:29:57.0614 0x0398 sffp_mmc - ok 07:29:57.0629 0x0398 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 07:29:57.0629 0x0398 sffp_sd - ok 07:29:57.0642 0x0398 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 07:29:57.0644 0x0398 sfloppy - ok 07:29:57.0694 0x0398 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 07:29:57.0714 0x0398 Sftfs - ok 07:29:57.0764 0x0398 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 07:29:57.0774 0x0398 sftlist - ok 07:29:57.0807 0x0398 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 07:29:57.0812 0x0398 Sftplay - ok 07:29:57.0822 0x0398 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 07:29:57.0824 0x0398 Sftredir - ok 07:29:57.0832 0x0398 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 07:29:57.0834 0x0398 Sftvol - ok 07:29:57.0849 0x0398 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 07:29:57.0854 0x0398 sftvsa - ok 07:29:57.0894 0x0398 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 07:29:57.0902 0x0398 SharedAccess - ok 07:29:57.0957 0x0398 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 07:29:57.0967 0x0398 ShellHWDetection - ok 07:29:57.0999 0x0398 [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys 07:29:58.0002 0x0398 SiSGbeLH - ok 07:29:58.0012 0x0398 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 07:29:58.0014 0x0398 SiSRaid2 - ok 07:29:58.0029 0x0398 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 07:29:58.0032 0x0398 SiSRaid4 - ok 07:29:58.0069 0x0398 [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 07:29:58.0074 0x0398 SkypeUpdate - ok 07:29:58.0092 0x0398 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 07:29:58.0094 0x0398 Smb - ok 07:29:58.0107 0x0398 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 07:29:58.0109 0x0398 SNMPTRAP - ok 07:29:58.0124 0x0398 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 07:29:58.0124 0x0398 spldr - ok 07:29:58.0149 0x0398 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 07:29:58.0174 0x0398 Spooler - ok 07:29:58.0294 0x0398 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 07:29:58.0394 0x0398 sppsvc - ok 07:29:58.0404 0x0398 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 07:29:58.0407 0x0398 sppuinotify - ok 07:29:58.0447 0x0398 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 07:29:58.0457 0x0398 srv - ok 07:29:58.0472 0x0398 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 07:29:58.0482 0x0398 srv2 - ok 07:29:58.0499 0x0398 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 07:29:58.0502 0x0398 srvnet - ok 07:29:58.0532 0x0398 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 07:29:58.0537 0x0398 ssadbus - ok 07:29:58.0552 0x0398 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 07:29:58.0552 0x0398 ssadmdfl - ok 07:29:58.0569 0x0398 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 07:29:58.0574 0x0398 ssadmdm - ok 07:29:58.0602 0x0398 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 07:29:58.0607 0x0398 SSDPSRV - ok 07:29:58.0622 0x0398 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 07:29:58.0624 0x0398 SstpSvc - ok 07:29:58.0654 0x0398 [ C692C94FE55CAD0633440236022C27B3, 9A21E9B2EB96DC8C58DE060EEAFC2FD71AB9C539039DAAD5F7380556E2D1D69B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 07:29:58.0659 0x0398 ssudmdm - ok 07:29:58.0724 0x0398 [ C321084609422404F8DD1513C988DBEA, 97FCF4D5AD018B50B149E0DDDEC7581E382AB5A15018373B0754ABFC7A2077A1 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 07:29:58.0732 0x0398 Stereo Service - ok 07:29:58.0754 0x0398 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 07:29:58.0754 0x0398 stexstor - ok 07:29:58.0794 0x0398 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 07:29:58.0819 0x0398 stisvc - ok 07:29:58.0829 0x0398 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 07:29:58.0829 0x0398 swenum - ok 07:29:58.0854 0x0398 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 07:29:58.0872 0x0398 swprv - ok 07:29:58.0934 0x0398 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 07:29:58.0984 0x0398 SysMain - ok 07:29:58.0997 0x0398 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 07:29:58.0999 0x0398 TabletInputService - ok 07:29:59.0014 0x0398 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 07:29:59.0022 0x0398 TapiSrv - ok 07:29:59.0037 0x0398 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 07:29:59.0039 0x0398 TBS - ok 07:29:59.0122 0x0398 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys 07:29:59.0182 0x0398 Tcpip - ok 07:29:59.0244 0x0398 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 07:29:59.0277 0x0398 TCPIP6 - ok 07:29:59.0329 0x0398 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 07:29:59.0332 0x0398 tcpipreg - ok 07:29:59.0354 0x0398 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 07:29:59.0357 0x0398 TDPIPE - ok 07:29:59.0382 0x0398 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 07:29:59.0384 0x0398 TDTCP - ok 07:29:59.0399 0x0398 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 07:29:59.0404 0x0398 tdx - ok 07:29:59.0417 0x0398 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 07:29:59.0417 0x0398 TermDD - ok 07:29:59.0457 0x0398 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 07:29:59.0484 0x0398 TermService - ok 07:29:59.0512 0x0398 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 07:29:59.0514 0x0398 Themes - ok 07:29:59.0529 0x0398 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 07:29:59.0532 0x0398 THREADORDER - ok 07:29:59.0544 0x0398 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 07:29:59.0547 0x0398 TrkWks - ok 07:29:59.0602 0x0398 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 07:29:59.0607 0x0398 TrustedInstaller - ok 07:29:59.0639 0x0398 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 07:29:59.0639 0x0398 tssecsrv - ok 07:29:59.0669 0x0398 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 07:29:59.0672 0x0398 TsUsbFlt - ok 07:29:59.0692 0x0398 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 07:29:59.0694 0x0398 TsUsbGD - ok 07:29:59.0719 0x0398 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 07:29:59.0722 0x0398 tunnel - ok 07:29:59.0749 0x0398 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 07:29:59.0749 0x0398 TurboB - ok 07:29:59.0789 0x0398 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 07:29:59.0794 0x0398 TurboBoost - ok 07:29:59.0802 0x0398 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 07:29:59.0804 0x0398 uagp35 - ok 07:29:59.0829 0x0398 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 07:29:59.0837 0x0398 udfs - ok 07:29:59.0872 0x0398 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 07:29:59.0874 0x0398 UI0Detect - ok 07:29:59.0889 0x0398 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 07:29:59.0889 0x0398 uliagpkx - ok 07:29:59.0904 0x0398 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 07:29:59.0907 0x0398 umbus - ok 07:29:59.0919 0x0398 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 07:29:59.0922 0x0398 UmPass - ok 07:30:00.0027 0x0398 [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 07:30:00.0107 0x0398 UNS - ok 07:30:00.0139 0x0398 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 07:30:00.0149 0x0398 upnphost - ok 07:30:00.0174 0x0398 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 07:30:00.0179 0x0398 usbaudio - ok 07:30:00.0212 0x0398 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 07:30:00.0214 0x0398 usbccgp - ok 07:30:00.0229 0x0398 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 07:30:00.0234 0x0398 usbcir - ok 07:30:00.0262 0x0398 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys 07:30:00.0264 0x0398 usbehci - ok 07:30:00.0322 0x0398 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 07:30:00.0329 0x0398 usbhub - ok 07:30:00.0362 0x0398 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys 07:30:00.0364 0x0398 usbohci - ok 07:30:00.0389 0x0398 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 07:30:00.0392 0x0398 usbprint - ok 07:30:00.0424 0x0398 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 07:30:00.0427 0x0398 USBSTOR - ok 07:30:00.0449 0x0398 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 07:30:00.0452 0x0398 usbuhci - ok 07:30:00.0467 0x0398 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 07:30:00.0472 0x0398 usbvideo - ok 07:30:00.0479 0x0398 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 07:30:00.0482 0x0398 UxSms - ok 07:30:00.0494 0x0398 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 07:30:00.0497 0x0398 VaultSvc - ok 07:30:00.0504 0x0398 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 07:30:00.0507 0x0398 vdrvroot - ok 07:30:00.0527 0x0398 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 07:30:00.0542 0x0398 vds - ok 07:30:00.0554 0x0398 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 07:30:00.0557 0x0398 vga - ok 07:30:00.0572 0x0398 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 07:30:00.0574 0x0398 VgaSave - ok 07:30:00.0592 0x0398 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 07:30:00.0597 0x0398 vhdmp - ok 07:30:00.0627 0x0398 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 07:30:00.0629 0x0398 viaide - ok 07:30:00.0662 0x0398 [ C37CE43FB54066FFB540729C6E6E194E, EF96BFF5696C1BE3078B748CD08352773430C7042BE89E439EE67046E46D293B ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe 07:30:00.0664 0x0398 VideAceWindowsService - ok 07:30:00.0677 0x0398 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 07:30:00.0679 0x0398 volmgr - ok 07:30:00.0694 0x0398 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 07:30:00.0704 0x0398 volmgrx - ok 07:30:00.0749 0x0398 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 07:30:00.0757 0x0398 volsnap - ok 07:30:00.0772 0x0398 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 07:30:00.0777 0x0398 vsmraid - ok 07:30:00.0827 0x0398 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 07:30:00.0877 0x0398 VSS - ok 07:30:00.0907 0x0398 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 07:30:00.0907 0x0398 vwifibus - ok 07:30:00.0917 0x0398 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 07:30:00.0919 0x0398 vwififlt - ok 07:30:00.0942 0x0398 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 07:30:00.0949 0x0398 W32Time - ok 07:30:01.0027 0x0398 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 07:30:01.0027 0x0398 WacomPen - ok 07:30:01.0037 0x0398 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 07:30:01.0039 0x0398 WANARP - ok 07:30:01.0044 0x0398 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 07:30:01.0047 0x0398 Wanarpv6 - ok 07:30:01.0117 0x0398 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 07:30:01.0167 0x0398 WatAdminSvc - ok 07:30:01.0237 0x0398 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 07:30:01.0297 0x0398 wbengine - ok 07:30:01.0337 0x0398 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 07:30:01.0344 0x0398 WbioSrvc - ok 07:30:01.0359 0x0398 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 07:30:01.0369 0x0398 wcncsvc - ok 07:30:01.0392 0x0398 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 07:30:01.0394 0x0398 WcsPlugInService - ok 07:30:01.0402 0x0398 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 07:30:01.0402 0x0398 Wd - ok 07:30:01.0444 0x0398 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 07:30:01.0469 0x0398 Wdf01000 - ok 07:30:01.0487 0x0398 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 07:30:01.0489 0x0398 WdiServiceHost - ok 07:30:01.0494 0x0398 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 07:30:01.0497 0x0398 WdiSystemHost - ok 07:30:01.0527 0x0398 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 07:30:01.0534 0x0398 WebClient - ok 07:30:01.0554 0x0398 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 07:30:01.0559 0x0398 Wecsvc - ok 07:30:01.0572 0x0398 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 07:30:01.0577 0x0398 wercplsupport - ok 07:30:01.0584 0x0398 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 07:30:01.0587 0x0398 WerSvc - ok 07:30:01.0592 0x0398 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 07:30:01.0592 0x0398 WfpLwf - ok 07:30:01.0619 0x0398 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 07:30:01.0624 0x0398 WimFltr - ok 07:30:01.0637 0x0398 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 07:30:01.0639 0x0398 WIMMount - ok 07:30:01.0664 0x0398 WinDefend - ok 07:30:01.0667 0x0398 WinHttpAutoProxySvc - ok 07:30:01.0739 0x0398 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 07:30:01.0744 0x0398 Winmgmt - ok 07:30:01.0822 0x0398 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 07:30:01.0899 0x0398 WinRM - ok 07:30:01.0959 0x0398 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 07:30:01.0959 0x0398 WinUsb - ok 07:30:02.0022 0x0398 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 07:30:02.0047 0x0398 Wlansvc - ok 07:30:02.0112 0x0398 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 07:30:02.0114 0x0398 wlcrasvc - ok 07:30:02.0234 0x0398 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 07:30:02.0342 0x0398 wlidsvc - ok 07:30:02.0372 0x0398 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 07:30:02.0372 0x0398 WmiAcpi - ok 07:30:02.0404 0x0398 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 07:30:02.0409 0x0398 wmiApSrv - ok 07:30:02.0432 0x0398 WMPNetworkSvc - ok 07:30:02.0439 0x0398 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 07:30:02.0442 0x0398 WPCSvc - ok 07:30:02.0452 0x0398 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 07:30:02.0457 0x0398 WPDBusEnum - ok 07:30:02.0484 0x0398 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 07:30:02.0487 0x0398 ws2ifsl - ok 07:30:02.0519 0x0398 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll 07:30:02.0524 0x0398 wscsvc - ok 07:30:02.0524 0x0398 WSearch - ok 07:30:02.0624 0x0398 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 07:30:02.0710 0x0398 wuauserv - ok 07:30:02.0742 0x0398 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 07:30:02.0747 0x0398 WudfPf - ok 07:30:02.0762 0x0398 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 07:30:02.0767 0x0398 WUDFRd - ok 07:30:02.0792 0x0398 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 07:30:02.0797 0x0398 wudfsvc - ok 07:30:02.0827 0x0398 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll 07:30:02.0835 0x0398 WwanSvc - ok 07:30:02.0837 0x0398 ================ Scan global =============================== 07:30:02.0890 0x0398 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 07:30:02.0920 0x0398 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 07:30:02.0937 0x0398 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 07:30:02.0972 0x0398 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 07:30:03.0012 0x0398 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 07:30:03.0020 0x0398 [ Global ] - ok 07:30:03.0020 0x0398 ================ Scan MBR ================================== 07:30:03.0052 0x0398 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 07:30:03.0052 0x0398 Suspicious mbr (Forged): \Device\Harddisk0\DR0 07:30:03.0107 0x0398 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c ( 0 ) 07:30:03.0107 0x0398 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected 07:30:06.0222 0x0398 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1 07:30:06.0227 0x0398 \Device\Harddisk1\DR1 - ok 07:30:06.0227 0x0398 ================ Scan VBR ================================== 07:30:06.0325 0x0398 [ 134AF79D956C7368B5C0828774A56B1C ] \Device\Harddisk0\DR0\Partition1 07:30:06.0325 0x0398 \Device\Harddisk0\DR0\Partition1 - ok 07:30:06.0347 0x0398 [ 87E889C9619303616BBA2F8E2C776068 ] \Device\Harddisk0\DR0\Partition2 07:30:06.0347 0x0398 \Device\Harddisk0\DR0\Partition2 - ok 07:30:06.0350 0x0398 [ 0F575F966C9C24D4F8A7013CBA2172BD ] \Device\Harddisk1\DR1\Partition1 07:30:06.0352 0x0398 \Device\Harddisk1\DR1\Partition1 - ok 07:30:06.0355 0x0398 [ 1C05BDFB0CE1CA53B0A82A8A70ED29F0 ] \Device\Harddisk1\DR1\Partition2 07:30:06.0355 0x0398 \Device\Harddisk1\DR1\Partition2 - ok 07:30:06.0355 0x0398 Waiting for KSN requests completion. In queue: 55 07:30:07.0355 0x0398 Waiting for KSN requests completion. In queue: 55 07:30:08.0355 0x0398 Waiting for KSN requests completion. In queue: 55 07:30:09.0365 0x0398 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.219.0 ), 0x60000 ( disabled : updated ) 07:30:09.0407 0x0398 Win FW state via NFP2: enabled 07:30:12.0177 0x0398 ============================================================ 07:30:12.0177 0x0398 Scan finished 07:30:12.0177 0x0398 ============================================================ 07:30:12.0185 0x12ec Detected object count: 1 07:30:12.0185 0x12ec Actual detected object count: 1 07:31:25.0345 0x12ec \Device\Harddisk0\DR0\# - copied to quarantine 07:31:25.0347 0x12ec \Device\Harddisk0\DR0 - copied to quarantine 07:31:25.0376 0x12ec \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine 07:31:25.0379 0x12ec \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 07:31:25.0389 0x12ec \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine 07:31:25.0397 0x12ec \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine 07:31:25.0398 0x12ec \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine 07:31:25.0399 0x12ec \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 07:31:25.0401 0x12ec \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 07:31:25.0403 0x12ec \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 07:31:25.0404 0x12ec \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine 07:31:25.0405 0x12ec \Device\Harddisk0\DR0\TDLFS\ns - copied to quarantine 07:31:25.0406 0x12ec \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine 07:31:25.0419 0x12ec \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 07:31:25.0420 0x12ec \Device\Harddisk0\DR0\TDLFS\x - copied to quarantine 07:31:25.0421 0x12ec \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine 07:31:25.0421 0x12ec \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Quarantine 07:32:04.0856 0x0e08 Deinitialize success
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.