Jump to content

Malwarebytes: Anti-Malware 2.0 BSoD


Recommended Posts

Hello.

 

I'm facing Blue Screen due errors with file mwac.sys (Malwarebytes Web Access Controll). Is that file safe - verified and it that official MBAM file located in Windows32/Drivers/mwac.sys

 

It's causing me BSoD everytime I do something in Fruity Loops Studio - like having more effect layers etc with ASIO4ALL sound samper.

I posted my minidumps to one other forum, so a tehnical moderator pinpointed me this file.

 

Any explainations?

 

Thank you :)

Link to post
Share on other sites

Hello and welcome back....

 

Not sure about your location, perhaps its a typo on your part..., but on my system here: C:\Windows\System32\drivers\mwac.sys the file does exist.

 

That being said, please provide the logs below so the staff can review them and see what may be going on...

STEP 1

NOTE: If you have Win8/8.1 Skip Step 1 and go to Step 2 as DDS does not work on Win8/8.1

Please run the DDS scanner and send back both logs as attachments to your next reply.

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include both of the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
STEP 2

Please run mbam-check and send back the log as an attachment to your next reply.

  • Download mbam-check.exe from HERE and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post; instead please attach to your next reply the CheckResults.txt log file which should now be located on your desktop.
STEP 3

Please run the FRST tool and send back both logs as attachments to your next reply.

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system - that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your next reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your next reply.
Link to post
Share on other sites

Okay.

Before you read the logs, I need to mention that I already deleted that file manually.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Amaranthus (administrator) on AMARANTHUS-PC on 31-03-2014 18:48:55
Running from C:\Users\Amaranthus\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1486848 2009-08-28] (VIA)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [switchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2310306160-211047230-718293146-1000\...\Run: [AdobeBridge] - [X]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp&fwLinkID=69157
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB3E56C4D4018CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bs-ba
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 ikariam.ba
Tcpip\..\Interfaces\{BB43C62F-6738-4B9E-B38E-F7F26E4FDC38}: [NameServer]217.75.192.10 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Amaranthus\AppData\Roaming\Mozilla\Firefox\Profiles\rneuwbow.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-23]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-23]
CHR Extension: (Google Drive) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-23]
CHR Extension: (YouTube) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-23]
CHR Extension: (Google Search) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-23]
CHR Extension: (avast! Online Security) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-23]
CHR Extension: (Gmail) - C:\Users\Amaranthus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [67264 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-29] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-03-31] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL32.sys [23456 2013-10-21] (Resplendence Software Projects Sp.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1077760 2009-08-17] (VIA Technologies, Inc.)
R3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 18:48 - 2014-03-31 18:49 - 00008979 _____ () C:\Users\Amaranthus\Desktop\FRST.txt
2014-03-31 18:48 - 2014-03-31 18:48 - 00000000 ____D () C:\FRST
2014-03-31 18:47 - 2014-03-31 18:47 - 00039219 _____ () C:\Users\Amaranthus\Desktop\CheckResults.txt
2014-03-31 18:46 - 2014-03-31 18:47 - 01145856 _____ (Farbar) C:\Users\Amaranthus\Desktop\FRST.exe
2014-03-31 18:46 - 2014-03-31 18:46 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Amaranthus\Desktop\mbam-check-2.1.0.0002.exe
2014-03-31 14:39 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-31 14:39 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-31 14:39 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-31 14:39 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-31 14:39 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-31 14:39 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-31 14:39 - 2012-11-23 04:48 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-31 14:38 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-31 14:38 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-31 14:38 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-31 14:38 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-31 14:20 - 2014-03-31 14:20 - 00151560 _____ () C:\Windows\Minidump\033114-22869-01.dmp
2014-03-30 22:35 - 2014-03-30 22:36 - 19821580 _____ () C:\Users\Amaranthus\Desktop\TRUE ELS ENB v1.1.rar
2014-03-30 00:52 - 2014-03-30 00:52 - 00024479 _____ () C:\Users\Amaranthus\Desktop\136984-Harry.Potter.And.The.Deathly.Hallows.Part.2.PAL.DVDRiGNiTiONSerbian.zip
2014-03-30 00:52 - 2014-03-30 00:52 - 00022000 _____ () C:\Users\Amaranthus\Desktop\137098-HarryPotterATDHPart2PROPER720pBRRipAC3x264MacGuffin(1).zip
2014-03-30 00:51 - 2014-03-30 00:51 - 00025841 _____ () C:\Users\Amaranthus\Desktop\143264-Harry.Potter.And.The.Deathly.Hallows.Part.2.PROPER.720p.BluRay.X264BLOW.zip
2014-03-30 00:49 - 2014-03-30 00:49 - 00040064 _____ () C:\Users\Amaranthus\Desktop\167436-hp.2011.and.the.deathly.hallows.part.2.zip
2014-03-29 22:58 - 2014-03-29 22:58 - 00022000 _____ () C:\Users\Amaranthus\Desktop\137098-HarryPotterATDHPart2PROPER720pBRRipAC3x264MacGuffin.zip
2014-03-29 22:58 - 2013-02-02 12:06 - 00062670 _____ () C:\Users\Amaranthus\Desktop\Harry Potter and the Deathly Hallows Part 2 (2011) DVDRip XviD-MAXSPEED www.torentz.3xforum.ro.srt
2014-03-29 22:41 - 2014-03-29 22:41 - 00155472 _____ () C:\Windows\Minidump\032914-25318-01.dmp
2014-03-29 22:03 - 2014-03-29 22:03 - 00153792 _____ () C:\Windows\Minidump\032914-26332-01.dmp
2014-03-29 19:33 - 2014-03-29 19:33 - 00152112 _____ () C:\Windows\Minidump\032914-23602-01.dmp
2014-03-29 15:59 - 2014-03-29 16:00 - 00000000 ____D () C:\Users\Amaranthus\Desktop\RK_Quarantine
2014-03-29 13:56 - 2014-03-29 13:56 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-03-29 13:55 - 2014-03-29 13:56 - 00000000 ____D () C:\Program Files\RivaTuner Statistics Server
2014-03-29 13:54 - 2014-03-29 13:54 - 00001044 _____ () C:\Users\Amaranthus\Desktop\MSI Afterburner.lnk
2014-03-29 13:54 - 2014-03-29 13:54 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-29 13:53 - 2014-03-30 21:04 - 00000000 ____D () C:\Program Files\MSI Afterburner
2014-03-29 13:53 - 2014-03-27 08:23 - 32637896 _____ () C:\Users\Amaranthus\Desktop\MSIAfterburnerSetup300Beta19.exe
2014-03-29 13:52 - 2014-03-29 13:52 - 32429990 _____ () C:\Users\Amaranthus\Desktop\MSIAfterburnerSetup300Beta19.zip
2014-03-29 13:37 - 2014-03-31 18:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 13:36 - 2014-03-29 13:36 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-29 13:36 - 2014-03-29 13:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-03-29 13:36 - 2014-03-05 10:26 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-29 13:36 - 2014-03-05 10:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 02:54 - 2014-03-29 02:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 02:47 - 2014-03-29 02:47 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Amaranthus\Desktop\mbam-setup-2.0.0.1000.exe
2014-03-29 02:33 - 2014-03-29 02:34 - 01950720 _____ () C:\Users\Amaranthus\Desktop\adwcleaner.exe
2014-03-29 02:32 - 2014-03-29 02:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 02:24 - 2013-11-16 12:36 - 00516276 _____ () C:\Users\Amaranthus\Desktop\noisecrux-sylenth1-A.fxb
2014-03-28 02:15 - 2006-09-14 02:21 - 00002240 _____ () C:\Windows\LENDIG.sys
2014-03-26 13:44 - 2014-03-17 23:03 - 00017959 _____ () C:\Users\Amaranthus\Desktop\visualSettings.dat
2014-03-26 02:57 - 2014-03-26 02:58 - 00001349 _____ () C:\Users\Amaranthus\Desktop\Contig - Shortcut.lnk
2014-03-24 17:35 - 2014-03-24 17:36 - 00000000 ____D () C:\Users\Amaranthus\Desktop\BACKUP
2014-03-24 13:44 - 2014-03-29 02:49 - 10283230 _____ () C:\Users\Amaranthus\Desktop\1391895914_2010.Volkswagen.Transportercorleone.zip
2014-03-23 20:31 - 2014-03-23 20:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-03-23 20:14 - 2014-03-23 20:14 - 00001013 _____ () C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2014-03-23 13:59 - 2014-03-23 13:59 - 05073240 _____ (Microsoft Corporation) C:\Users\Amaranthus\Desktop\vcredist_x86(1).exe
2014-03-22 23:16 - 2014-03-22 23:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-22 22:17 - 2014-03-22 22:59 - 00000000 ____D () C:\Users\Amaranthus\Desktop\GTA
2014-03-22 22:06 - 2014-03-22 22:06 - 00000000 ____D () C:\Users\Amaranthus\Documents\Rockstar Games
2014-03-22 22:04 - 2014-03-22 22:04 - 00000000 ____D () C:\Users\Amaranthus\AppData\Local\Rockstar Games
2014-03-22 22:02 - 2014-03-22 22:02 - 00000000 __RHD () C:\Users\Amaranthus\AppData\Roaming\SecuROM
2014-03-22 22:01 - 2014-03-22 22:01 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-03-22 22:00 - 2014-03-23 20:15 - 00000877 _____ () C:\Windows\Wudf01000Inst.log
2014-03-22 22:00 - 2014-03-23 20:15 - 00000875 _____ () C:\Windows\KB926239.log
2014-03-22 22:00 - 2014-03-23 20:15 - 00000873 _____ () C:\Windows\WMFDist11.log
2014-03-22 22:00 - 2014-03-22 22:00 - 00044921 _____ () C:\Windows\DirectX.log
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Windows\system32\xlive
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-03-20 15:27 - 2014-03-20 17:12 - 00000000 ____D () C:\xampp
2014-03-19 19:06 - 2014-03-19 19:06 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\com.valve.FTP
2014-03-19 02:38 - 2007-12-17 18:14 - 00012400 _____ () C:\Windows\system32\Drivers\AsIO.sys
2014-03-19 02:38 - 2006-01-10 17:50 - 00024576 _____ () C:\Windows\system32\AsIO.dll
2014-03-19 02:38 - 2004-02-27 01:00 - 00962612 _____ (Microsoft Corporation) C:\Windows\system32\mfc42d.dll
2014-03-19 02:38 - 2004-02-17 01:00 - 00434252 _____ (Microsoft Corporation) C:\Windows\system32\MSVCRTD.DLL
2014-03-19 02:37 - 2014-03-29 13:30 - 00000000 ____D () C:\Program Files\ASUS
2014-03-17 21:26 - 2014-03-29 13:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-17 21:26 - 2014-03-17 21:26 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-15 23:50 - 2014-03-28 17:55 - 00000000 ___RD () C:\Users\Amaranthus\Dropbox
2014-03-15 02:15 - 2014-03-15 02:15 - 00000000 ____D () C:\Users\Amaranthus\Desktop\font
2014-03-13 22:43 - 2014-03-15 23:50 - 00000000 ____D () C:\Users\Amaranthus\Desktop\Ikariam
2014-03-13 15:32 - 2014-03-31 18:50 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 14:05 - 2014-03-13 14:05 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-13 13:54 - 2014-03-13 13:54 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-12 01:14 - 2014-03-15 23:51 - 00000132 _____ () C:\Users\Amaranthus\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-03-12 00:58 - 2014-03-12 01:03 - 00000000 ____D () C:\Users\Amaranthus\Desktop\images
2014-03-12 00:48 - 2014-03-12 01:03 - 00001456 _____ () C:\Users\Amaranthus\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-03-07 22:03 - 2014-03-07 22:17 - 06180165 _____ () C:\Users\Amaranthus\Desktop\GlossyButtons.psd
2014-03-07 21:55 - 2014-03-07 21:55 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\NVIDIA
2014-03-02 21:58 - 2014-03-02 21:58 - 00000000 ____D () C:\Program Files\LatencyMon
2014-03-02 21:58 - 2013-10-21 13:26 - 00023456 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL32.sys
2014-03-02 14:07 - 2009-08-17 18:59 - 00500224 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-03-02 14:07 - 2009-08-17 15:17 - 00868352 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-03-02 14:03 - 2010-02-26 00:29 - 01048576 _____ () C:\Users\Amaranthus\Desktop\P5KPL-AM-IN-0507.ROM
2014-03-01 21:03 - 2014-03-15 19:42 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Awesomium
2014-03-01 20:27 - 2014-03-14 23:24 - 00000000 ____D () C:\Users\Amaranthus\Documents\Elder Scrolls Online
2014-03-01 20:27 - 2014-03-14 23:24 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-01 16:32 - 2014-03-01 16:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-01 16:32 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-01 16:32 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-01 16:30 - 2014-03-01 16:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-01 16:30 - 2012-02-29 22:56 - 03881792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-01 16:30 - 2012-02-29 22:53 - 00645440 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-01 16:30 - 2012-02-29 22:53 - 00108352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-01 16:29 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-01 16:29 - 2012-03-01 01:59 - 19444544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 17543488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 15009600 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 10819392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-01 16:29 - 2012-03-01 01:59 - 07713088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 05892928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 02517312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 02437440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 02301248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 01000256 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 00881984 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco32.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 00061248 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-01 16:29 - 2012-03-01 01:59 - 00008772 _____ () C:\Windows\system32\nvinfo.pb
2014-03-01 16:29 - 2012-01-17 14:46 - 00027968 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2014-03-01 16:29 - 2012-01-17 14:45 - 00876864 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2014-03-01 16:29 - 2012-01-17 14:45 - 00148800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2014-03-01 16:28 - 2014-03-01 16:30 - 00000000 ____D () C:\NVIDIA
2014-03-01 13:27 - 2014-03-01 13:30 - 123137160 _____ (NVIDIA Corporation) C:\Users\Amaranthus\Desktop\296.10-desktop-win7-winvista-32bit-english-whql.exe

==================== One Month Modified Files and Folders =======

2014-03-31 18:50 - 2014-03-13 15:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 18:49 - 2014-03-31 18:48 - 00008979 _____ () C:\Users\Amaranthus\Desktop\FRST.txt
2014-03-31 18:48 - 2014-03-31 18:48 - 00000000 ____D () C:\FRST
2014-03-31 18:48 - 2009-07-14 06:39 - 07541191 _____ () C:\Windows\setupact.log
2014-03-31 18:47 - 2014-03-31 18:47 - 00039219 _____ () C:\Users\Amaranthus\Desktop\CheckResults.txt
2014-03-31 18:47 - 2014-03-31 18:46 - 01145856 _____ (Farbar) C:\Users\Amaranthus\Desktop\FRST.exe
2014-03-31 18:46 - 2014-03-31 18:46 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Amaranthus\Desktop\mbam-check-2.1.0.0002.exe
2014-03-31 18:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-03-31 18:18 - 2014-03-29 13:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 18:11 - 2014-01-23 15:48 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 18:11 - 2014-01-23 15:48 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 18:09 - 2010-11-20 23:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 18:06 - 2014-01-24 00:00 - 01317416 _____ () C:\Windows\WindowsUpdate.log
2014-03-31 18:05 - 2009-07-14 06:34 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 18:05 - 2009-07-14 06:34 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 18:02 - 2014-01-23 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 18:02 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 18:02 - 2009-07-14 06:33 - 03673272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-31 14:42 - 2014-02-14 15:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-31 14:40 - 2014-01-23 16:46 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-31 14:20 - 2014-03-31 14:20 - 00151560 _____ () C:\Windows\Minidump\033114-22869-01.dmp
2014-03-31 14:20 - 2014-02-05 22:10 - 211824184 _____ () C:\Windows\MEMORY.DMP
2014-03-31 14:20 - 2014-02-05 22:10 - 00000000 ____D () C:\Windows\Minidump
2014-03-31 01:14 - 2014-02-18 15:19 - 00000000 ____D () C:\Users\Amaranthus\AppData\Local\CrashDumps
2014-03-30 23:21 - 2014-01-28 14:53 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\uTorrent
2014-03-30 22:36 - 2014-03-30 22:35 - 19821580 _____ () C:\Users\Amaranthus\Desktop\TRUE ELS ENB v1.1.rar
2014-03-30 21:04 - 2014-03-29 13:53 - 00000000 ____D () C:\Program Files\MSI Afterburner
2014-03-30 00:52 - 2014-03-30 00:52 - 00024479 _____ () C:\Users\Amaranthus\Desktop\136984-Harry.Potter.And.The.Deathly.Hallows.Part.2.PAL.DVDRiGNiTiONSerbian.zip
2014-03-30 00:52 - 2014-03-30 00:52 - 00022000 _____ () C:\Users\Amaranthus\Desktop\137098-HarryPotterATDHPart2PROPER720pBRRipAC3x264MacGuffin(1).zip
2014-03-30 00:51 - 2014-03-30 00:51 - 00025841 _____ () C:\Users\Amaranthus\Desktop\143264-Harry.Potter.And.The.Deathly.Hallows.Part.2.PROPER.720p.BluRay.X264BLOW.zip
2014-03-30 00:49 - 2014-03-30 00:49 - 00040064 _____ () C:\Users\Amaranthus\Desktop\167436-hp.2011.and.the.deathly.hallows.part.2.zip
2014-03-29 22:58 - 2014-03-29 22:58 - 00022000 _____ () C:\Users\Amaranthus\Desktop\137098-HarryPotterATDHPart2PROPER720pBRRipAC3x264MacGuffin.zip
2014-03-29 22:41 - 2014-03-29 22:41 - 00155472 _____ () C:\Windows\Minidump\032914-25318-01.dmp
2014-03-29 22:03 - 2014-03-29 22:03 - 00153792 _____ () C:\Windows\Minidump\032914-26332-01.dmp
2014-03-29 21:19 - 2014-02-01 23:22 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Skype
2014-03-29 19:33 - 2014-03-29 19:33 - 00152112 _____ () C:\Windows\Minidump\032914-23602-01.dmp
2014-03-29 18:35 - 2010-11-20 23:48 - 00021874 _____ () C:\Windows\PFRO.log
2014-03-29 16:03 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Registration
2014-03-29 16:01 - 2014-02-13 21:09 - 00000000 ____D () C:\AdwCleaner
2014-03-29 16:00 - 2014-03-29 15:59 - 00000000 ____D () C:\Users\Amaranthus\Desktop\RK_Quarantine
2014-03-29 13:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Globalization
2014-03-29 13:57 - 2014-01-23 16:37 - 00000000 ____D () C:\Windows\system32\directx
2014-03-29 13:56 - 2014-03-29 13:56 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-03-29 13:56 - 2014-03-29 13:55 - 00000000 ____D () C:\Program Files\RivaTuner Statistics Server
2014-03-29 13:54 - 2014-03-29 13:54 - 00001044 _____ () C:\Users\Amaranthus\Desktop\MSI Afterburner.lnk
2014-03-29 13:54 - 2014-03-29 13:54 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-03-29 13:52 - 2014-03-29 13:52 - 32429990 _____ () C:\Users\Amaranthus\Desktop\MSIAfterburnerSetup300Beta19.zip
2014-03-29 13:36 - 2014-03-29 13:36 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-29 13:36 - 2014-03-29 13:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-03-29 13:36 - 2014-01-23 15:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 13:31 - 2014-01-23 15:17 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-29 13:31 - 2014-01-23 15:16 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-03-29 13:30 - 2014-03-19 02:37 - 00000000 ____D () C:\Program Files\ASUS
2014-03-29 13:27 - 2014-03-17 21:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 13:25 - 2011-04-12 04:24 - 00000000 ____D () C:\Windows\RemotePackages
2014-03-29 02:54 - 2014-03-29 02:54 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 02:54 - 2014-01-23 15:49 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-29 02:54 - 2014-01-23 15:47 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 02:54 - 2014-01-23 15:47 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00067264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-29 02:54 - 2014-01-23 15:47 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 02:49 - 2014-03-24 13:44 - 10283230 _____ () C:\Users\Amaranthus\Desktop\1391895914_2010.Volkswagen.Transportercorleone.zip
2014-03-29 02:47 - 2014-03-29 02:47 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Amaranthus\Desktop\mbam-setup-2.0.0.1000.exe
2014-03-29 02:34 - 2014-03-29 02:33 - 01950720 _____ () C:\Users\Amaranthus\Desktop\adwcleaner.exe
2014-03-29 02:33 - 2014-03-29 02:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 17:55 - 2014-03-15 23:50 - 00000000 ___RD () C:\Users\Amaranthus\Dropbox
2014-03-27 08:23 - 2014-03-29 13:53 - 32637896 _____ () C:\Users\Amaranthus\Desktop\MSIAfterburnerSetup300Beta19.exe
2014-03-26 02:58 - 2014-03-26 02:57 - 00001349 _____ () C:\Users\Amaranthus\Desktop\Contig - Shortcut.lnk
2014-03-24 17:36 - 2014-03-24 17:35 - 00000000 ____D () C:\Users\Amaranthus\Desktop\BACKUP
2014-03-23 20:31 - 2014-03-23 20:31 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-03-23 20:15 - 2014-03-22 22:00 - 00000877 _____ () C:\Windows\Wudf01000Inst.log
2014-03-23 20:15 - 2014-03-22 22:00 - 00000875 _____ () C:\Windows\KB926239.log
2014-03-23 20:15 - 2014-03-22 22:00 - 00000873 _____ () C:\Windows\WMFDist11.log
2014-03-23 20:14 - 2014-03-23 20:14 - 00001013 _____ () C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2014-03-23 13:59 - 2014-03-23 13:59 - 05073240 _____ (Microsoft Corporation) C:\Users\Amaranthus\Desktop\vcredist_x86(1).exe
2014-03-22 23:16 - 2014-03-22 23:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-22 23:12 - 2011-06-11 02:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-22 22:59 - 2014-03-22 22:17 - 00000000 ____D () C:\Users\Amaranthus\Desktop\GTA
2014-03-22 22:06 - 2014-03-22 22:06 - 00000000 ____D () C:\Users\Amaranthus\Documents\Rockstar Games
2014-03-22 22:04 - 2014-03-22 22:04 - 00000000 ____D () C:\Users\Amaranthus\AppData\Local\Rockstar Games
2014-03-22 22:02 - 2014-03-22 22:02 - 00000000 __RHD () C:\Users\Amaranthus\AppData\Roaming\SecuROM
2014-03-22 22:01 - 2014-03-22 22:01 - 00107888 _____ (Sony DADC Austria AG.) C:\Windows\system32\CmdLineExt.dll
2014-03-22 22:00 - 2014-03-22 22:00 - 00044921 _____ () C:\Windows\DirectX.log
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Windows\system32\xlive
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-03-20 17:12 - 2014-03-20 15:27 - 00000000 ____D () C:\xampp
2014-03-19 19:06 - 2014-03-19 19:06 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\com.valve.FTP
2014-03-17 23:03 - 2014-03-26 13:44 - 00017959 _____ () C:\Users\Amaranthus\Desktop\visualSettings.dat
2014-03-17 21:27 - 2014-01-23 15:39 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Mozilla
2014-03-17 21:26 - 2014-03-17 21:26 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-16 19:00 - 2014-01-27 20:07 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-15 23:51 - 2014-03-12 01:14 - 00000132 _____ () C:\Users\Amaranthus\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-03-15 23:51 - 2014-01-23 16:36 - 00000000 ____D () C:\Users\Amaranthus\AppData\Local\Adobe
2014-03-15 23:51 - 2014-01-23 15:19 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Adobe
2014-03-15 23:50 - 2014-03-13 22:43 - 00000000 ____D () C:\Users\Amaranthus\Desktop\Ikariam
2014-03-15 23:50 - 2014-01-23 15:12 - 00000000 ____D () C:\Users\Amaranthus
2014-03-15 19:42 - 2014-03-01 21:03 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Awesomium
2014-03-15 19:28 - 2014-01-23 15:49 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 02:17 - 2014-01-23 15:36 - 00060816 _____ () C:\Users\Amaranthus\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-15 02:15 - 2014-03-15 02:15 - 00000000 ____D () C:\Users\Amaranthus\Desktop\font
2014-03-14 23:24 - 2014-03-01 20:27 - 00000000 ____D () C:\Users\Amaranthus\Documents\Elder Scrolls Online
2014-03-14 23:24 - 2014-03-01 20:27 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-13 15:32 - 2014-01-23 16:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-13 15:32 - 2014-01-23 16:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-13 14:05 - 2014-03-13 14:05 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-13 14:05 - 2014-01-23 15:13 - 00000000 ____D () C:\Users\Amaranthus\AppData\Local\VirtualStore
2014-03-13 13:54 - 2014-03-13 13:54 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-13 13:53 - 2014-01-27 20:16 - 00000000 ____D () C:\Program Files\Adobe
2014-03-13 13:53 - 2014-01-27 20:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-12 01:03 - 2014-03-12 00:58 - 00000000 ____D () C:\Users\Amaranthus\Desktop\images
2014-03-12 01:03 - 2014-03-12 00:48 - 00001456 _____ () C:\Users\Amaranthus\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-03-07 22:17 - 2014-03-07 22:03 - 06180165 _____ () C:\Users\Amaranthus\Desktop\GlossyButtons.psd
2014-03-07 21:55 - 2014-03-07 21:55 - 00000000 ____D () C:\Users\Amaranthus\AppData\Roaming\NVIDIA
2014-03-05 23:27 - 2009-07-14 06:53 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-05 10:26 - 2014-03-29 13:36 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-29 13:36 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-02 21:58 - 2014-03-02 21:58 - 00000000 ____D () C:\Program Files\LatencyMon
2014-03-02 14:08 - 2014-01-23 15:17 - 00001088 _____ () C:\Users\Public\Desktop\HD VDeck.lnk
2014-03-02 14:08 - 2014-01-23 15:16 - 00000000 ____D () C:\Program Files\VIA
2014-03-02 14:07 - 2014-01-23 15:15 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-03-01 16:32 - 2014-03-01 16:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-01 16:32 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-01 16:30 - 2014-03-01 16:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-01 16:30 - 2014-03-01 16:28 - 00000000 ____D () C:\NVIDIA
2014-03-01 16:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-03-01 13:30 - 2014-03-01 13:27 - 123137160 _____ (NVIDIA Corporation) C:\Users\Amaranthus\Desktop\296.10-desktop-win7-winvista-32bit-english-whql.exe

Some content of TEMP:
====================
C:\Users\Amaranthus\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Amaranthus\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Amaranthus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppf4sqw.dll
C:\Users\Amaranthus\AppData\Local\Temp\LOOP.EXE
C:\Users\Amaranthus\AppData\Local\Temp\Quarantine.exe
C:\Users\Amaranthus\AppData\Local\Temp\SIntf16.dll
C:\Users\Amaranthus\AppData\Local\Temp\SIntf32.dll
C:\Users\Amaranthus\AppData\Local\Temp\SIntfNT.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 16:08

==================== End Of Log ============================

 

 

Addition.txt

CheckResults.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.