Jump to content

Recommended Posts

In a fit of idiocy, I clicked on something that I should know better than to click on.  I ran a scan with malwarebytes and it came up with the "wchelper.dll trojan," located in user/appdata/roaming.  

 

I've attempted to remove/clean it multiple times but it keeps coming back.  I can't run DDS b/c I'm using windows 8.1 and I get a message saying DDS won't run in compatibility mode.  I'm not sure what else to try at this point.

 

Any help would be appreciated!

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Thank you!  Here's the FRST log, and the addition is attached.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-12-2013 02
Ran by Greg (administrator) on GRAEGNAROK on 12-12-2013 14:24:27
Running from C:\Users\Greg\Downloads
Windows 8.1 Pro Preview (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.3.9431.0_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9431.0_none_05465cd38f471a04\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Greg\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [Lync] - C:\Program Files\Microsoft Office\Office15\lync.exe [22332064 2013-11-15] (Microsoft Corporation)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [btTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nvidia Expirience.url ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1017A587C4F2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 134.53.13.1 10.2.3.245
 
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\ukyks43i.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (HP Product Detection Plugin) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0
CHR Extension: (Google Docs) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-18] (Advanced Micro Devices, Inc.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [345336 2013-06-15] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-06-15] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [788240 2013-06-15] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [225792 2013-06-15] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [650736 2013-06-05] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [37640 2013-06-15] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81672 2013-06-15] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-06-15] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [88064 2013-06-15] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [934152 2013-06-15] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [692832 2012-10-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [138752 2013-06-15] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56584 2013-06-15] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [27912 2013-06-15] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [126216 2013-06-15] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-12 14:24 - 2013-12-12 14:25 - 00013686 _____ C:\Users\Greg\Downloads\FRST.txt
2013-12-12 14:24 - 2013-12-12 14:24 - 00000000 ____D C:\FRST
2013-12-12 14:22 - 2013-12-12 14:23 - 01927290 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2013-12-11 18:12 - 2013-12-11 18:13 - 00602112 _____ (OldTimer Tools) C:\Users\Greg\Downloads\OTL.exe
2013-12-11 12:08 - 2013-10-28 18:25 - 16979968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 12:08 - 2013-10-28 18:24 - 22566400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:08 - 2013-10-28 17:23 - 05636608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 12:08 - 2013-10-28 17:19 - 04247040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 12:08 - 2013-10-28 17:00 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:08 - 2013-10-28 16:50 - 11087360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 12:08 - 2013-10-28 16:32 - 02207232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:08 - 2013-10-28 16:24 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:08 - 2013-10-28 16:16 - 01788928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 12:08 - 2013-10-28 16:16 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 12:08 - 2013-10-19 04:30 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:08 - 2013-10-19 01:18 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:08 - 2013-10-12 03:24 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:08 - 2013-10-12 02:53 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 12:51 - 2013-12-11 18:23 - 00000000 ____D C:\AdwCleaner
2013-12-10 12:43 - 2013-12-10 12:43 - 01110034 _____ C:\Users\Greg\Downloads\adwcleaner.exe
2013-12-10 12:26 - 2013-12-10 12:26 - 00001438 _____ C:\Users\Greg\Desktop\RKreport[0]_S_12102013_122636.txt
2013-12-10 12:22 - 2013-12-10 12:22 - 04166144 _____ C:\Users\Greg\Downloads\RogueKillerX64.exe
2013-12-10 12:21 - 2013-12-10 12:26 - 00000000 ____D C:\Users\Greg\Desktop\RK_Quarantine
2013-12-10 12:20 - 2013-12-10 12:21 - 00915968 _____ C:\Users\Greg\Downloads\RogueKiller.exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-09 15:59 - 2013-12-09 15:59 - 00154283 ____H C:\Users\Greg\AppData\Roaming\Greg-wchelper.dll
2013-12-09 15:44 - 2013-12-09 15:44 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds (1).com
2013-12-09 15:39 - 2013-12-09 15:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-09 15:38 - 2013-12-09 15:56 - 00000000 ____D C:\Users\Greg\Desktop\mbar
2013-12-09 15:38 - 2013-12-09 15:38 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 15:37 - 2013-12-09 15:37 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.com
2013-12-09 13:47 - 2013-12-09 13:48 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.scr
2013-12-09 10:53 - 2013-12-09 10:53 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Greg\Downloads\mbar-1.07.0.1008.exe
2013-12-09 10:24 - 2013-12-09 10:24 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-09 10:23 - 2013-12-09 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-09 10:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-09 10:22 - 2013-12-09 10:22 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-09 10:21 - 2013-12-09 10:21 - 00000824 _____ C:\Users\Public\Desktop\PowerISO.lnk
2013-12-09 10:21 - 2013-12-09 10:21 - 00000000 ____D C:\Program Files\PowerISO
2013-12-09 10:21 - 2013-10-23 09:11 - 00129944 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2013-12-09 10:16 - 2013-12-09 10:16 - 00000000 ____D C:\Users\Greg\AppData\Roaming\FlashPlayer
2013-12-09 10:14 - 2013-12-09 10:14 - 00000000 ____D C:\Program Files (x86)\DeLano Scientific
2013-12-09 10:14 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2013-12-08 00:36 - 2013-12-08 00:36 - 14197656 _____ C:\Users\Greg\Downloads\pymol-1_1eval-bin-win32.zip
2013-12-06 23:59 - 2013-12-06 23:59 - 00000228 _____ C:\Users\Greg\Downloads\NZBIndex-download.nzb
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\CDisplay
2013-12-06 23:15 - 2013-12-06 23:15 - 00000000 ____D C:\Users\Greg\Documents\Bluetooth
2013-12-06 23:04 - 2012-07-31 01:04 - 00690832 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt630x64.sys
2013-12-06 23:04 - 2012-07-31 01:04 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-12-06 17:46 - 2013-12-06 17:46 - 00000000 ____D C:\Program Files (x86)\Seterra
2013-12-05 14:42 - 2013-12-05 14:42 - 00280744 _____ C:\Windows\Minidump\120513-17656-01.dmp
2013-12-05 14:34 - 2013-12-05 14:42 - 399720417 _____ C:\Windows\MEMORY.DMP
2013-12-05 14:34 - 2013-12-05 14:34 - 00280688 _____ C:\Windows\Minidump\120513-20031-01.dmp
2013-12-02 01:56 - 2013-12-06 22:04 - 00000000 ____D C:\Users\Greg\Books
2013-12-02 01:43 - 2013-12-09 10:06 - 00000000 ____D C:\Users\Greg\Desktop\Katie
2013-12-02 01:34 - 2013-12-11 20:08 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GRAEGNAROK-Greg Graegnarok
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-02 00:53 - 2013-12-02 00:54 - 00000000 ____D C:\Users\Greg\Desktop\Office
2013-12-02 00:35 - 2013-12-02 00:36 - 00000000 ____D C:\Users\Greg\Desktop\Games
2013-12-02 00:11 - 2013-12-11 18:54 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-12-02 00:11 - 2013-12-02 00:25 - 00000000 ____D C:\Windows\AutoKMS
2013-12-02 00:06 - 2013-12-02 00:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-02 00:06 - 2013-12-02 00:06 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-12-02 00:05 - 2013-12-02 00:05 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-02 00:05 - 2013-12-02 00:05 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 __RHD C:\MSOCache
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Program Files\WinRAR
2013-12-01 20:46 - 2013-12-01 20:48 - 00000004 _____ C:\ScrubRetValFile.txt
2013-11-27 21:10 - 2013-08-22 07:40 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2013-11-27 21:00 - 2013-11-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-27 20:44 - 2013-12-11 12:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-27 20:44 - 2013-12-02 00:05 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-27 20:44 - 2013-11-27 20:44 - 00000000 ____D C:\Users\Greg\AppData\Local\Microsoft Help
2013-11-27 20:39 - 2013-11-27 20:39 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-23 19:14 - 2013-11-23 19:14 - 00000000 ____D C:\Users\Greg\AppData\Roaming\openvr
2013-11-23 17:15 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-11-23 17:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-23 17:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-11-23 17:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-23 17:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-23 17:14 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-23 17:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-23 17:14 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-23 17:14 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-11-23 17:14 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-11-23 17:14 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-11-23 17:14 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-11-23 17:14 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-11-23 17:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-11-23 17:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-11-23 17:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-11-23 17:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-11-23 17:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-11-23 17:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-11-23 17:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-11-23 17:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-11-23 17:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-11-23 17:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-11-23 17:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-11-23 17:14 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-11-23 17:14 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-11-23 17:14 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-11-23 17:14 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-11-23 17:14 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-11-23 17:14 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-11-23 17:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-11-23 17:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-11-23 17:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-11-23 17:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-11-23 17:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-11-23 17:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-11-23 17:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-11-23 17:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-11-23 17:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-11-23 17:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-11-19 13:39 - 2013-11-19 13:39 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 13:37 - 2013-11-19 13:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-19 13:36 - 2013-11-19 13:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\ProgramData\McAfee
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-19 01:50 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-11-19 01:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-11-19 01:50 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-11-19 01:50 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-11-19 01:50 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-11-19 01:50 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-11-19 01:50 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-11-19 01:50 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-11-19 01:50 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-11-19 01:50 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-11-19 01:50 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-11-19 01:50 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-11-19 01:50 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-11-19 01:50 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-11-19 01:50 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-11-19 01:50 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-11-19 01:50 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-11-19 01:50 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-11-19 01:50 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-11-19 01:50 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-11-19 01:50 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-11-19 01:50 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-11-19 01:50 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-11-19 01:50 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-11-19 01:50 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-11-19 01:50 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-11-18 20:28 - 2013-11-18 20:28 - 00002392 _____ C:\Users\Greg\Desktop\infinity checklist.txt
2013-11-13 22:59 - 2013-10-05 03:57 - 01337704 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 22:59 - 2013-10-04 21:41 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
 
==================== One Month Modified Files and Folders =======
 
2013-12-12 14:25 - 2013-12-12 14:24 - 00013686 _____ C:\Users\Greg\Downloads\FRST.txt
2013-12-12 14:24 - 2013-12-12 14:24 - 00000000 ____D C:\FRST
2013-12-12 14:23 - 2013-12-12 14:22 - 01927290 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2013-12-12 14:23 - 2013-08-24 16:10 - 01420414 _____ C:\Windows\WindowsUpdate.log
2013-12-12 14:20 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\system32\sru
2013-12-12 00:52 - 2013-08-24 16:35 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 00:34 - 2013-09-01 16:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-11 21:03 - 2013-08-26 17:30 - 00000000 ____D C:\Users\Greg\AppData\Roaming\vlc
2013-12-11 20:08 - 2013-12-02 01:34 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GRAEGNAROK-Greg Graegnarok
2013-12-11 19:26 - 2013-08-24 16:20 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2910947848-1925478853-1915483549-1001
2013-12-11 18:54 - 2013-12-02 00:11 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-12-11 18:54 - 2013-08-24 20:00 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2013-12-11 18:53 - 2013-08-24 16:35 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 18:53 - 2013-08-24 16:16 - 00000000 __RDO C:\Users\Greg\SkyDrive
2013-12-11 18:53 - 2013-08-24 16:14 - 00000000 ____D C:\Users\Greg\AppData\Local\VirtualStore
2013-12-11 18:30 - 2013-08-24 16:19 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 18:29 - 2012-09-26 08:53 - 00000950 _____ C:\Windows\SysWOW64\bscs.ini
2013-12-11 18:26 - 2013-08-24 20:00 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2013-12-11 18:26 - 2013-06-15 23:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 18:25 - 2013-06-15 22:17 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-11 18:23 - 2013-12-10 12:51 - 00000000 ____D C:\AdwCleaner
2013-12-11 18:15 - 2013-08-24 16:18 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3805B731-98DB-43D6-9E8B-9CADDA9BB6D5}
2013-12-11 18:13 - 2013-12-11 18:12 - 00602112 _____ (OldTimer Tools) C:\Users\Greg\Downloads\OTL.exe
2013-12-11 12:35 - 2013-11-27 20:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 12:15 - 2013-08-25 15:54 - 00000000 ____D C:\Users\Greg\Downloads\Usenet
2013-12-11 12:10 - 2013-06-15 23:42 - 00035349 _____ C:\Windows\setupact.log
2013-12-10 13:41 - 2013-08-24 18:23 - 00003158 _____ C:\Windows\System32\Tasks\HPCeeScheduleForGreg
2013-12-10 13:41 - 2013-08-24 18:23 - 00000350 _____ C:\Windows\Tasks\HPCeeScheduleForGreg.job
2013-12-10 13:34 - 2013-09-01 16:38 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 12:43 - 2013-12-10 12:43 - 01110034 _____ C:\Users\Greg\Downloads\adwcleaner.exe
2013-12-10 12:26 - 2013-12-10 12:26 - 00001438 _____ C:\Users\Greg\Desktop\RKreport[0]_S_12102013_122636.txt
2013-12-10 12:26 - 2013-12-10 12:21 - 00000000 ____D C:\Users\Greg\Desktop\RK_Quarantine
2013-12-10 12:22 - 2013-12-10 12:22 - 04166144 _____ C:\Users\Greg\Downloads\RogueKillerX64.exe
2013-12-10 12:21 - 2013-12-10 12:20 - 00915968 _____ C:\Users\Greg\Downloads\RogueKiller.exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-09 15:59 - 2013-12-09 15:59 - 00154283 ____H C:\Users\Greg\AppData\Roaming\Greg-wchelper.dll
2013-12-09 15:57 - 2013-08-24 18:39 - 00012788 _____ C:\Windows\PFRO.log
2013-12-09 15:56 - 2013-12-09 15:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-09 15:56 - 2013-12-09 15:38 - 00000000 ____D C:\Users\Greg\Desktop\mbar
2013-12-09 15:44 - 2013-12-09 15:44 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds (1).com
2013-12-09 15:38 - 2013-12-09 15:38 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 15:37 - 2013-12-09 15:37 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.com
2013-12-09 13:52 - 2013-08-24 16:14 - 00000000 ____D C:\Users\Greg\AppData\Local\Packages
2013-12-09 13:48 - 2013-12-09 13:47 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.scr
2013-12-09 12:41 - 2013-10-28 14:04 - 00000000 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2013-12-09 10:53 - 2013-12-09 10:53 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Greg\Downloads\mbar-1.07.0.1008.exe
2013-12-09 10:46 - 2013-08-24 16:12 - 00000000 ____D C:\Users\Greg
2013-12-09 10:24 - 2013-12-09 10:24 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-09 10:22 - 2013-12-09 10:22 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-09 10:21 - 2013-12-09 10:21 - 00000824 _____ C:\Users\Public\Desktop\PowerISO.lnk
2013-12-09 10:21 - 2013-12-09 10:21 - 00000000 ____D C:\Program Files\PowerISO
2013-12-09 10:16 - 2013-12-09 10:16 - 00000000 ____D C:\Users\Greg\AppData\Roaming\FlashPlayer
2013-12-09 10:16 - 2013-08-24 16:14 - 00000000 ___RD C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-09 10:14 - 2013-12-09 10:14 - 00000000 ____D C:\Program Files (x86)\DeLano Scientific
2013-12-09 10:06 - 2013-12-02 01:43 - 00000000 ____D C:\Users\Greg\Desktop\Katie
2013-12-09 10:06 - 2013-09-07 20:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-08 00:36 - 2013-12-08 00:36 - 14197656 _____ C:\Users\Greg\Downloads\pymol-1_1eval-bin-win32.zip
2013-12-06 23:59 - 2013-12-06 23:59 - 00000228 _____ C:\Users\Greg\Downloads\NZBIndex-download.nzb
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\CDisplay
2013-12-06 23:25 - 2013-10-28 14:05 - 00000000 _____ C:\Windows\SysWOW64\SHORTCUT.INI
2013-12-06 23:18 - 2013-08-24 16:57 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-06 23:15 - 2013-12-06 23:15 - 00000000 ____D C:\Users\Greg\Documents\Bluetooth
2013-12-06 23:04 - 2013-08-26 13:40 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-06 23:04 - 2013-08-24 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-06 23:04 - 2013-08-24 16:51 - 00000000 ____D C:\swsetup
2013-12-06 22:04 - 2013-12-02 01:56 - 00000000 ____D C:\Users\Greg\Books
2013-12-06 21:31 - 2013-10-29 19:40 - 00000000 ____D C:\Users\Greg\My Games
2013-12-06 21:29 - 2013-09-13 11:01 - 00000000 ____D C:\Users\Greg\Cider
2013-12-06 17:46 - 2013-12-06 17:46 - 00000000 ____D C:\Program Files (x86)\Seterra
2013-12-05 14:42 - 2013-12-05 14:42 - 00280744 _____ C:\Windows\Minidump\120513-17656-01.dmp
2013-12-05 14:42 - 2013-12-05 14:34 - 399720417 _____ C:\Windows\MEMORY.DMP
2013-12-05 14:42 - 2013-08-24 17:07 - 00000000 ____D C:\Windows\Minidump
2013-12-05 14:34 - 2013-12-05 14:34 - 00280688 _____ C:\Windows\Minidump\120513-20031-01.dmp
2013-12-05 09:02 - 2013-10-12 08:18 - 00463608 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 09:01 - 2013-09-22 08:15 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-04 12:46 - 2013-08-24 16:35 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 12:46 - 2013-08-24 16:35 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 11:53 - 2013-11-04 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 13:43 - 2013-08-24 16:57 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-12-02 01:34 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\Registration
2013-12-02 01:24 - 2013-06-15 22:17 - 00000167 _____ C:\Windows\win.ini
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-02 00:54 - 2013-12-02 00:53 - 00000000 ____D C:\Users\Greg\Desktop\Office
2013-12-02 00:36 - 2013-12-02 00:35 - 00000000 ____D C:\Users\Greg\Desktop\Games
2013-12-02 00:35 - 2013-09-22 09:11 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Nitro PDF
2013-12-02 00:25 - 2013-12-02 00:11 - 00000000 ____D C:\Windows\AutoKMS
2013-12-02 00:06 - 2013-12-02 00:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-02 00:06 - 2013-12-02 00:06 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-12-02 00:06 - 2013-06-16 00:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-02 00:05 - 2013-12-02 00:05 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-02 00:05 - 2013-12-02 00:05 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-12-02 00:05 - 2013-11-27 20:44 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-02 00:03 - 2013-06-16 00:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 __RHD C:\MSOCache
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-02 00:02 - 2013-12-02 00:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-02 00:02 - 2013-06-16 03:32 - 00000000 ____D C:\Windows\ShellNew
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Program Files\WinRAR
2013-12-01 23:31 - 2013-08-25 21:52 - 00000000 ____D C:\Users\Greg\AppData\Roaming\WinRAR
2013-12-01 20:48 - 2013-12-01 20:46 - 00000004 _____ C:\ScrubRetValFile.txt
2013-11-27 21:00 - 2013-11-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-27 20:44 - 2013-11-27 20:44 - 00000000 ____D C:\Users\Greg\AppData\Local\Microsoft Help
2013-11-27 20:39 - 2013-11-27 20:39 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-23 19:14 - 2013-11-23 19:14 - 00000000 ____D C:\Users\Greg\AppData\Roaming\openvr
2013-11-23 17:14 - 2013-09-24 19:51 - 00342759 _____ C:\Windows\DirectX.log
2013-11-19 13:39 - 2013-11-19 13:39 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 13:37 - 2013-11-19 13:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-19 13:36 - 2013-11-19 13:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\ProgramData\McAfee
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-19 05:30 - 2013-08-24 16:38 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 20:28 - 2013-11-18 20:28 - 00002392 _____ C:\Users\Greg\Desktop\infinity checklist.txt
2013-11-14 20:20 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\system32\NDF
 
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Greg\AppData\Local\Temp\nsyB8DC.tmp.exe
C:\Users\Greg\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Greg\AppData\Local\Temp\ose00000.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\Resource.exe
C:\Users\Greg\AppData\Local\Temp\safeguard.exe
C:\Users\Greg\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Greg\AppData\Local\Temp\vlc-2.1.1-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2013-06-15 17:48] - [2013-06-15 17:48] - 0558080 ____A (Microsoft Corporation) DEB887EA2EBEDF01644A200B4BDB181B
 
C:\Windows\System32\wininit.exe
[2013-06-15 17:52] - [2013-06-15 17:52] - 0145408 ____A (Microsoft Corporation) CACA6578AF9C48C29D7BF6AEFAF00599
 
C:\Windows\explorer.exe
[2013-06-15 17:01] - [2013-06-15 21:25] - 2254384 ____A (Microsoft Corporation) 2CF1204E913AEA5A492D89C153F3345E
 
C:\Windows\SysWOW64\explorer.exe
[2013-06-15 16:33] - [2013-06-15 20:33] - 2009104 ____A (Microsoft Corporation) 253252BBC9E61728986CB54261F8AECD
 
C:\Windows\System32\svchost.exe
[2013-06-15 17:48] - [2013-06-15 21:30] - 0037768 ____A (Microsoft Corporation) F7191317F1CD10F35DC74E24C1B71E06
 
C:\Windows\SysWOW64\svchost.exe
[2013-06-15 17:07] - [2013-06-15 20:38] - 0031552 ____A (Microsoft Corporation) D9F8FA4911FBF85919BA17FFE5B34430
 
C:\Windows\System32\services.exe
[2013-06-15 22:17] - [2013-06-15 22:17] - 0403408 ____A (Microsoft Corporation) 258527780FC8FFCF0A29F7455073C529
 
C:\Windows\System32\User32.dll
[2013-06-15 17:50] - [2013-06-15 21:25] - 1513264 ____A (Microsoft Corporation) 42F67E93E2C853A915E73F3A4645E3C9
 
C:\Windows\SysWOW64\User32.dll
[2013-06-15 17:10] - [2013-06-15 17:10] - 1359360 ____A (Microsoft Corporation) FCDCDEFD5A8BA26FDCD950607162339C
 
C:\Windows\System32\userinit.exe
[2013-06-15 17:56] - [2013-06-15 17:56] - 0025088 ____A (Microsoft Corporation) 166CB1E28BED6196B5030E91AD932998
 
C:\Windows\SysWOW64\userinit.exe
[2013-06-15 17:13] - [2013-06-15 17:13] - 0021504 ____A (Microsoft Corporation) 7AFC7764F71DBB1BC5A60EE67FE94C70
 
C:\Windows\System32\Drivers\volsnap.sys
[2013-06-15 19:36] - [2013-06-15 21:26] - 0312072 ___AC (Microsoft Corporation) 9365B092503F8B0B6C724D1A8E4433D4
 
 
 
LastRegBack: 2013-12-04 02:29
 
==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

OK, we have a problem:

You appear to have illegal software on the system, MS Office

This is used to by-pass activation (AKA Piracy):

 

C:\Windows\AutoKMS\AutoKMS.exe

Task: {004A8862-6AF6-428A-BF25-E3208C1C3F32} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-12-02] ()

I usually warn people up front, in your case I didn't:

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

Since I didn't give the warning and I don't know if you saw it in this post:

https://forums.malwarebytes.org/index.php?showtopic=9573

I give you the opportunity to remove the crack and software, if not the post will be closed.

MrC

Link to post
Share on other sites

Thank you again.  I'm sure you hear this a lot, but I honestly didn't know I had pirated software on my laptop.

 

I uninstalled office and removed the file that you listed.  New scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-12-2013 03
Ran by Greg (administrator) on GRAEGNAROK on 12-12-2013 16:41:58
Running from C:\Users\Greg\Downloads
Windows 8.1 Pro Preview (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.3.9431.0_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Greg\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [Lync] - "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [btTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nvidia Expirience.url ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1017A587C4F2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 134.53.13.1 10.2.3.245
 
FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\ukyks43i.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Extension: (HP Product Detection Plugin) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0
CHR Extension: (Google Docs) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-18] (Advanced Micro Devices, Inc.)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [345336 2013-06-15] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-06-15] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [788240 2013-06-15] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [225792 2013-06-15] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [650736 2013-06-05] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [37640 2013-06-15] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81672 2013-06-15] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-06-15] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [88064 2013-06-15] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [934152 2013-06-15] (Microsoft Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [692832 2012-10-02] (Ralink Technology, Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [138752 2013-06-15] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56584 2013-06-15] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [27912 2013-06-15] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [126216 2013-06-15] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-12 16:40 - 2013-12-12 16:40 - 00000000 ____D C:\Users\Greg\Downloads\FRST-OlderVersion
2013-12-12 14:25 - 2013-12-12 14:26 - 00038376 _____ C:\Users\Greg\Downloads\Addition.txt
2013-12-12 14:24 - 2013-12-12 16:41 - 00012188 _____ C:\Users\Greg\Downloads\FRST.txt
2013-12-12 14:24 - 2013-12-12 16:40 - 00000000 ____D C:\FRST
2013-12-12 14:22 - 2013-12-12 16:40 - 01927274 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2013-12-11 18:12 - 2013-12-11 18:13 - 00602112 _____ (OldTimer Tools) C:\Users\Greg\Downloads\OTL.exe
2013-12-11 12:08 - 2013-10-28 18:25 - 16979968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 12:08 - 2013-10-28 18:24 - 22566400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:08 - 2013-10-28 17:23 - 05636608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 12:08 - 2013-10-28 17:19 - 04247040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 12:08 - 2013-10-28 17:00 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:08 - 2013-10-28 16:50 - 11087360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 12:08 - 2013-10-28 16:32 - 02207232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:08 - 2013-10-28 16:24 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:08 - 2013-10-28 16:16 - 01788928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 12:08 - 2013-10-28 16:16 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 12:08 - 2013-10-19 04:30 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 12:08 - 2013-10-19 01:18 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 12:08 - 2013-10-12 03:24 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 12:08 - 2013-10-12 02:53 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 12:51 - 2013-12-11 18:23 - 00000000 ____D C:\AdwCleaner
2013-12-10 12:43 - 2013-12-10 12:43 - 01110034 _____ C:\Users\Greg\Downloads\adwcleaner.exe
2013-12-10 12:26 - 2013-12-10 12:26 - 00001438 _____ C:\Users\Greg\Desktop\RKreport[0]_S_12102013_122636.txt
2013-12-10 12:22 - 2013-12-10 12:22 - 04166144 _____ C:\Users\Greg\Downloads\RogueKillerX64.exe
2013-12-10 12:21 - 2013-12-10 12:26 - 00000000 ____D C:\Users\Greg\Desktop\RK_Quarantine
2013-12-10 12:20 - 2013-12-10 12:21 - 00915968 _____ C:\Users\Greg\Downloads\RogueKiller.exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-09 15:59 - 2013-12-09 15:59 - 00154283 ____H C:\Users\Greg\AppData\Roaming\Greg-wchelper.dll
2013-12-09 15:44 - 2013-12-09 15:44 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds (1).com
2013-12-09 15:39 - 2013-12-09 15:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-09 15:38 - 2013-12-09 15:56 - 00000000 ____D C:\Users\Greg\Desktop\mbar
2013-12-09 15:38 - 2013-12-09 15:38 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 15:37 - 2013-12-09 15:37 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.com
2013-12-09 13:47 - 2013-12-09 13:48 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.scr
2013-12-09 10:53 - 2013-12-09 10:53 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Greg\Downloads\mbar-1.07.0.1008.exe
2013-12-09 10:24 - 2013-12-09 10:24 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-09 10:23 - 2013-12-09 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-09 10:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-09 10:22 - 2013-12-09 10:22 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-09 10:21 - 2013-12-09 10:21 - 00000824 _____ C:\Users\Public\Desktop\PowerISO.lnk
2013-12-09 10:21 - 2013-12-09 10:21 - 00000000 ____D C:\Program Files\PowerISO
2013-12-09 10:21 - 2013-10-23 09:11 - 00129944 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2013-12-09 10:16 - 2013-12-09 10:16 - 00000000 ____D C:\Users\Greg\AppData\Roaming\FlashPlayer
2013-12-09 10:14 - 2013-12-09 10:14 - 00000000 ____D C:\Program Files (x86)\DeLano Scientific
2013-12-09 10:14 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2013-12-08 00:36 - 2013-12-08 00:36 - 14197656 _____ C:\Users\Greg\Downloads\pymol-1_1eval-bin-win32.zip
2013-12-06 23:59 - 2013-12-06 23:59 - 00000228 _____ C:\Users\Greg\Downloads\NZBIndex-download.nzb
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\CDisplay
2013-12-06 23:15 - 2013-12-06 23:15 - 00000000 ____D C:\Users\Greg\Documents\Bluetooth
2013-12-06 23:04 - 2012-07-31 01:04 - 00690832 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt630x64.sys
2013-12-06 23:04 - 2012-07-31 01:04 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-12-06 17:46 - 2013-12-06 17:46 - 00000000 ____D C:\Program Files (x86)\Seterra
2013-12-05 14:42 - 2013-12-05 14:42 - 00280744 _____ C:\Windows\Minidump\120513-17656-01.dmp
2013-12-05 14:34 - 2013-12-05 14:42 - 399720417 _____ C:\Windows\MEMORY.DMP
2013-12-05 14:34 - 2013-12-05 14:34 - 00280688 _____ C:\Windows\Minidump\120513-20031-01.dmp
2013-12-02 01:56 - 2013-12-06 22:04 - 00000000 ____D C:\Users\Greg\Books
2013-12-02 01:43 - 2013-12-09 10:06 - 00000000 ____D C:\Users\Greg\Desktop\Katie
2013-12-02 01:34 - 2013-12-11 20:08 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GRAEGNAROK-Greg Graegnarok
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-02 00:53 - 2013-12-02 00:54 - 00000000 ____D C:\Users\Greg\Desktop\Office
2013-12-02 00:35 - 2013-12-02 00:36 - 00000000 ____D C:\Users\Greg\Desktop\Games
2013-12-02 00:11 - 2013-12-11 18:54 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Program Files\WinRAR
2013-12-01 20:46 - 2013-12-01 20:48 - 00000004 _____ C:\ScrubRetValFile.txt
2013-11-27 21:10 - 2013-08-22 07:40 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2013-11-27 21:00 - 2013-11-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-27 20:44 - 2013-12-12 16:27 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-27 20:44 - 2013-12-12 16:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-27 20:44 - 2013-11-27 20:44 - 00000000 ____D C:\Users\Greg\AppData\Local\Microsoft Help
2013-11-27 20:39 - 2013-11-27 20:39 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-23 19:14 - 2013-11-23 19:14 - 00000000 ____D C:\Users\Greg\AppData\Roaming\openvr
2013-11-23 17:15 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-11-23 17:15 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-11-23 17:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-11-23 17:15 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-11-23 17:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-11-23 17:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-11-23 17:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-11-23 17:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-11-23 17:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-11-23 17:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-11-23 17:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-11-23 17:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-11-23 17:14 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-23 17:14 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-11-23 17:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-11-23 17:14 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-11-23 17:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-11-23 17:14 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-11-23 17:14 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-11-23 17:14 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-11-23 17:14 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-11-23 17:14 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-11-23 17:14 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-11-23 17:14 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-11-23 17:14 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-11-23 17:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-11-23 17:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-11-23 17:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-11-23 17:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-11-23 17:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-11-23 17:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-11-23 17:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-11-23 17:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-11-23 17:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-11-23 17:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-11-23 17:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-11-23 17:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-11-23 17:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-11-23 17:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-11-23 17:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-11-23 17:14 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-11-23 17:14 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-11-23 17:14 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-11-23 17:14 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-11-23 17:14 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-11-23 17:14 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-11-23 17:14 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-11-23 17:14 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-11-23 17:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-11-23 17:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-11-23 17:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-11-23 17:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-11-23 17:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-11-23 17:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-11-23 17:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-11-23 17:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-11-23 17:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-11-23 17:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-11-23 17:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-11-23 17:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-11-19 13:39 - 2013-11-19 13:39 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 13:37 - 2013-11-19 13:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-19 13:36 - 2013-11-19 13:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\ProgramData\McAfee
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-19 01:50 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-11-19 01:50 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-11-19 01:50 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-11-19 01:50 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-11-19 01:50 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-11-19 01:50 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-11-19 01:50 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-11-19 01:50 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-11-19 01:50 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-11-19 01:50 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-11-19 01:50 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-11-19 01:50 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-11-19 01:50 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-11-19 01:50 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-11-19 01:50 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-11-19 01:50 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-11-19 01:50 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-11-19 01:50 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-11-19 01:50 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-11-19 01:50 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-11-19 01:50 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-11-19 01:50 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-11-19 01:50 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-11-19 01:50 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-11-19 01:50 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-11-19 01:50 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-11-19 01:50 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-11-19 01:50 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-11-18 20:28 - 2013-11-18 20:28 - 00002392 _____ C:\Users\Greg\Desktop\infinity checklist.txt
2013-11-13 22:59 - 2013-10-05 03:57 - 01337704 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 22:59 - 2013-10-04 21:41 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
 
==================== One Month Modified Files and Folders =======
 
2013-12-12 16:42 - 2013-12-12 14:24 - 00012188 _____ C:\Users\Greg\Downloads\FRST.txt
2013-12-12 16:40 - 2013-12-12 16:40 - 00000000 ____D C:\Users\Greg\Downloads\FRST-OlderVersion
2013-12-12 16:40 - 2013-12-12 14:24 - 00000000 ____D C:\FRST
2013-12-12 16:40 - 2013-12-12 14:22 - 01927274 _____ (Farbar) C:\Users\Greg\Downloads\FRST64.exe
2013-12-12 16:38 - 2013-08-24 16:10 - 01663441 _____ C:\Windows\WindowsUpdate.log
2013-12-12 16:34 - 2013-09-01 16:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 16:30 - 2013-08-24 16:20 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2910947848-1925478853-1915483549-1001
2013-12-12 16:28 - 2013-11-27 20:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 16:27 - 2013-11-27 20:44 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-12 16:27 - 2013-06-16 00:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-12 16:26 - 2013-11-04 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 16:26 - 2013-06-16 03:32 - 00000000 ____D C:\Windows\ShellNew
2013-12-12 16:23 - 2013-06-16 00:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-12 16:23 - 2013-06-15 22:17 - 00000076 _____ C:\Windows\win.ini
2013-12-12 16:20 - 2013-08-24 16:19 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-12 16:19 - 2013-09-13 11:01 - 00000000 ____D C:\Users\Greg\Cider
2013-12-12 16:17 - 2013-08-26 17:30 - 00000000 ____D C:\Users\Greg\AppData\Roaming\vlc
2013-12-12 16:17 - 2013-06-15 23:42 - 00036143 _____ C:\Windows\setupact.log
2013-12-12 16:02 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\system32\sru
2013-12-12 15:51 - 2013-08-24 16:35 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 14:27 - 2005-04-07 21:16 - 00000000 ___HD C:\Users\Greg\AppData\Roaming\AAD83746
2013-12-12 14:26 - 2013-12-12 14:25 - 00038376 _____ C:\Users\Greg\Downloads\Addition.txt
2013-12-11 20:08 - 2013-12-02 01:34 - 00004962 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GRAEGNAROK-Greg Graegnarok
2013-12-11 18:54 - 2013-12-02 00:11 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2013-12-11 18:54 - 2013-08-24 20:00 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2013-12-11 18:53 - 2013-08-24 16:35 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 18:53 - 2013-08-24 16:16 - 00000000 __RDO C:\Users\Greg\SkyDrive
2013-12-11 18:53 - 2013-08-24 16:14 - 00000000 ____D C:\Users\Greg\AppData\Local\VirtualStore
2013-12-11 18:29 - 2012-09-26 08:53 - 00000950 _____ C:\Windows\SysWOW64\bscs.ini
2013-12-11 18:26 - 2013-08-24 20:00 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2013-12-11 18:26 - 2013-06-15 23:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 18:25 - 2013-06-15 22:17 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-11 18:23 - 2013-12-10 12:51 - 00000000 ____D C:\AdwCleaner
2013-12-11 18:15 - 2013-08-24 16:18 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3805B731-98DB-43D6-9E8B-9CADDA9BB6D5}
2013-12-11 18:13 - 2013-12-11 18:12 - 00602112 _____ (OldTimer Tools) C:\Users\Greg\Downloads\OTL.exe
2013-12-11 12:15 - 2013-08-25 15:54 - 00000000 ____D C:\Users\Greg\Downloads\Usenet
2013-12-10 13:41 - 2013-08-24 18:23 - 00003158 _____ C:\Windows\System32\Tasks\HPCeeScheduleForGreg
2013-12-10 13:41 - 2013-08-24 18:23 - 00000350 _____ C:\Windows\Tasks\HPCeeScheduleForGreg.job
2013-12-10 13:34 - 2013-09-01 16:38 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 12:43 - 2013-12-10 12:43 - 01110034 _____ C:\Users\Greg\Downloads\adwcleaner.exe
2013-12-10 12:26 - 2013-12-10 12:26 - 00001438 _____ C:\Users\Greg\Desktop\RKreport[0]_S_12102013_122636.txt
2013-12-10 12:26 - 2013-12-10 12:21 - 00000000 ____D C:\Users\Greg\Desktop\RK_Quarantine
2013-12-10 12:22 - 2013-12-10 12:22 - 04166144 _____ C:\Users\Greg\Downloads\RogueKillerX64.exe
2013-12-10 12:21 - 2013-12-10 12:20 - 00915968 _____ C:\Users\Greg\Downloads\RogueKiller.exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-12-09 19:02 - 2013-12-09 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-12-09 15:59 - 2013-12-09 15:59 - 00154283 ____H C:\Users\Greg\AppData\Roaming\Greg-wchelper.dll
2013-12-09 15:57 - 2013-08-24 18:39 - 00012788 _____ C:\Windows\PFRO.log
2013-12-09 15:56 - 2013-12-09 15:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-09 15:56 - 2013-12-09 15:38 - 00000000 ____D C:\Users\Greg\Desktop\mbar
2013-12-09 15:44 - 2013-12-09 15:44 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds (1).com
2013-12-09 15:38 - 2013-12-09 15:38 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-09 15:37 - 2013-12-09 15:37 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.com
2013-12-09 13:52 - 2013-08-24 16:14 - 00000000 ____D C:\Users\Greg\AppData\Local\Packages
2013-12-09 13:48 - 2013-12-09 13:47 - 00688992 _____ (Swearware) C:\Users\Greg\Downloads\dds.scr
2013-12-09 12:41 - 2013-10-28 14:04 - 00000000 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2013-12-09 10:53 - 2013-12-09 10:53 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Greg\Downloads\mbar-1.07.0.1008.exe
2013-12-09 10:46 - 2013-08-24 16:12 - 00000000 ____D C:\Users\Greg
2013-12-09 10:24 - 2013-12-09 10:24 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-09 10:24 - 2013-12-09 10:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-09 10:22 - 2013-12-09 10:22 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-09 10:21 - 2013-12-09 10:21 - 00000824 _____ C:\Users\Public\Desktop\PowerISO.lnk
2013-12-09 10:21 - 2013-12-09 10:21 - 00000000 ____D C:\Program Files\PowerISO
2013-12-09 10:16 - 2013-12-09 10:16 - 00000000 ____D C:\Users\Greg\AppData\Roaming\FlashPlayer
2013-12-09 10:16 - 2013-08-24 16:14 - 00000000 ___RD C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-09 10:14 - 2013-12-09 10:14 - 00000000 ____D C:\Program Files (x86)\DeLano Scientific
2013-12-09 10:06 - 2013-12-02 01:43 - 00000000 ____D C:\Users\Greg\Desktop\Katie
2013-12-09 10:06 - 2013-09-07 20:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-08 00:36 - 2013-12-08 00:36 - 14197656 _____ C:\Users\Greg\Downloads\pymol-1_1eval-bin-win32.zip
2013-12-06 23:59 - 2013-12-06 23:59 - 00000228 _____ C:\Users\Greg\Downloads\NZBIndex-download.nzb
2013-12-06 23:40 - 2013-12-06 23:40 - 00000000 ____D C:\Program Files (x86)\CDisplay
2013-12-06 23:25 - 2013-10-28 14:05 - 00000000 _____ C:\Windows\SysWOW64\SHORTCUT.INI
2013-12-06 23:18 - 2013-08-24 16:57 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-06 23:15 - 2013-12-06 23:15 - 00000000 ____D C:\Users\Greg\Documents\Bluetooth
2013-12-06 23:04 - 2013-08-26 13:40 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-06 23:04 - 2013-08-24 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-06 23:04 - 2013-08-24 16:51 - 00000000 ____D C:\swsetup
2013-12-06 22:04 - 2013-12-02 01:56 - 00000000 ____D C:\Users\Greg\Books
2013-12-06 21:31 - 2013-10-29 19:40 - 00000000 ____D C:\Users\Greg\My Games
2013-12-06 17:46 - 2013-12-06 17:46 - 00000000 ____D C:\Program Files (x86)\Seterra
2013-12-05 14:42 - 2013-12-05 14:42 - 00280744 _____ C:\Windows\Minidump\120513-17656-01.dmp
2013-12-05 14:42 - 2013-12-05 14:34 - 399720417 _____ C:\Windows\MEMORY.DMP
2013-12-05 14:42 - 2013-08-24 17:07 - 00000000 ____D C:\Windows\Minidump
2013-12-05 14:34 - 2013-12-05 14:34 - 00280688 _____ C:\Windows\Minidump\120513-20031-01.dmp
2013-12-05 09:02 - 2013-10-12 08:18 - 00463608 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 09:01 - 2013-09-22 08:15 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-04 12:46 - 2013-08-24 16:35 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 12:46 - 2013-08-24 16:35 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 13:43 - 2013-08-24 16:57 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-12-02 01:34 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\Registration
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 01:15 - 2013-12-02 01:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-02 01:11 - 2013-12-02 01:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-02 00:54 - 2013-12-02 00:53 - 00000000 ____D C:\Users\Greg\Desktop\Office
2013-12-02 00:36 - 2013-12-02 00:35 - 00000000 ____D C:\Users\Greg\Desktop\Games
2013-12-02 00:35 - 2013-09-22 09:11 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Nitro PDF
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-01 23:31 - 2013-12-01 23:31 - 00000000 ____D C:\Program Files\WinRAR
2013-12-01 23:31 - 2013-08-25 21:52 - 00000000 ____D C:\Users\Greg\AppData\Roaming\WinRAR
2013-12-01 20:48 - 2013-12-01 20:46 - 00000004 _____ C:\ScrubRetValFile.txt
2013-11-27 21:00 - 2013-11-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-27 20:44 - 2013-11-27 20:44 - 00000000 ____D C:\Users\Greg\AppData\Local\Microsoft Help
2013-11-27 20:39 - 2013-11-27 20:39 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-23 19:14 - 2013-11-23 19:14 - 00000000 ____D C:\Users\Greg\AppData\Roaming\openvr
2013-11-23 17:14 - 2013-09-24 19:51 - 00342759 _____ C:\Windows\DirectX.log
2013-11-19 13:39 - 2013-11-19 13:39 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 13:37 - 2013-11-19 13:37 - 00000000 ____D C:\ProgramData\Sun
2013-11-19 13:36 - 2013-11-19 13:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-19 13:36 - 2013-11-19 13:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\ProgramData\McAfee
2013-11-19 13:36 - 2013-11-19 13:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-19 05:30 - 2013-08-24 16:38 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 20:28 - 2013-11-18 20:28 - 00002392 _____ C:\Users\Greg\Desktop\infinity checklist.txt
2013-11-14 20:20 - 2013-06-16 00:37 - 00000000 ____D C:\Windows\system32\NDF
 
Some content of TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Greg\AppData\Local\Temp\nsyB8DC.tmp.exe
C:\Users\Greg\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Greg\AppData\Local\Temp\ose00000.exe
C:\Users\Greg\AppData\Local\Temp\ose00001.exe
C:\Users\Greg\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg\AppData\Local\Temp\Resource.exe
C:\Users\Greg\AppData\Local\Temp\safeguard.exe
C:\Users\Greg\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Greg\AppData\Local\Temp\vlc-2.1.1-win32.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2013-06-15 17:48] - [2013-06-15 17:48] - 0558080 ____A (Microsoft Corporation) DEB887EA2EBEDF01644A200B4BDB181B
 
C:\Windows\System32\wininit.exe
[2013-06-15 17:52] - [2013-06-15 17:52] - 0145408 ____A (Microsoft Corporation) CACA6578AF9C48C29D7BF6AEFAF00599
 
C:\Windows\explorer.exe
[2013-06-15 17:01] - [2013-06-15 21:25] - 2254384 ____A (Microsoft Corporation) 2CF1204E913AEA5A492D89C153F3345E
 
C:\Windows\SysWOW64\explorer.exe
[2013-06-15 16:33] - [2013-06-15 20:33] - 2009104 ____A (Microsoft Corporation) 253252BBC9E61728986CB54261F8AECD
 
C:\Windows\System32\svchost.exe
[2013-06-15 17:48] - [2013-06-15 21:30] - 0037768 ____A (Microsoft Corporation) F7191317F1CD10F35DC74E24C1B71E06
 
C:\Windows\SysWOW64\svchost.exe
[2013-06-15 17:07] - [2013-06-15 20:38] - 0031552 ____A (Microsoft Corporation) D9F8FA4911FBF85919BA17FFE5B34430
 
C:\Windows\System32\services.exe
[2013-06-15 22:17] - [2013-06-15 22:17] - 0403408 ____A (Microsoft Corporation) 258527780FC8FFCF0A29F7455073C529
 
C:\Windows\System32\User32.dll
[2013-06-15 17:50] - [2013-06-15 21:25] - 1513264 ____A (Microsoft Corporation) 42F67E93E2C853A915E73F3A4645E3C9
 
C:\Windows\SysWOW64\User32.dll
[2013-06-15 17:10] - [2013-06-15 17:10] - 1359360 ____A (Microsoft Corporation) FCDCDEFD5A8BA26FDCD950607162339C
 
C:\Windows\System32\userinit.exe
[2013-06-15 17:56] - [2013-06-15 17:56] - 0025088 ____A (Microsoft Corporation) 166CB1E28BED6196B5030E91AD932998
 
C:\Windows\SysWOW64\userinit.exe
[2013-06-15 17:13] - [2013-06-15 17:13] - 0021504 ____A (Microsoft Corporation) 7AFC7764F71DBB1BC5A60EE67FE94C70
 
C:\Windows\System32\Drivers\volsnap.sys
[2013-06-15 19:36] - [2013-06-15 21:26] - 0312072 ___AC (Microsoft Corporation) 9365B092503F8B0B6C724D1A8E4433D4
 
 
 
LastRegBack: 2013-12-12 14:37
 
==================== End Of Log ============================
Link to post
Share on other sites

2013-12-02 00:11 - 2013-12-11 18:54 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS

2013-11-27 21:00 - 2013-11-27 21:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit

 

You still have the Toolkit and AutoKMS showing.

Get all the cracks and illegal programs off the computer, come back and then maybe we can help you.

This topic will be closed.

MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.