Jump to content

Nasty Infection


Recommended Posts

Hi,

 

I've recently been infected with a nasty little bug of some type.  I first noticed it when I began getting random "download update to flv player", "you should update drivers", etc. pop ups in the steam client and on the steam overlay during games.  I tried removing the infection myself, using mbam (of course), avast!, spybot, CCcleaner, Adwcleaner, HijackThis, and even the Junkware Removal Tool by Thisisu.  None of these were able to detect or remove the infection.  Remarkably, it even seemed to survive a clean install of my OS, which is when I knew I was out of my league (in the past, an OS re-install has killed everything).  Now, I still get the pop ups in steam (more frequently) and in chrome, but mbam and avast! are able to detect and stop the pop up about 30% of the time.  This is the nastiest infection I've ever seen, and any information/help would be greatly appreciated.

 

Thanks.

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt




Please attach this file to your next reply.

Link to post
Share on other sites

Thanks for the quick reply and for your help!

 

From FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Mark (administrator) on MARK-HP on 10-06-2014 05:24:02
Running from C:\Users\Mark\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [beatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-04-04] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-07] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKU\S-1-5-21-2455823783-476655067-3290562836-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-03-09] (AMD)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 198.199.96.25 66.118.165.22 66.90.132.162
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-07]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-07]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-07]
CHR Extension: (AdBlock) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-07]
CHR Extension: (Crackle) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2014-06-07]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-06-07]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-07]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-07]
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor10.0; c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-15] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-07] (AVAST Software)
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-01-13] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-01-13] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
 
==================== Drivers (Whitelisted) ====================
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-07] ()
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-06-07] (Symantec Corporation)
S3 EraserUtilDrv11122; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys [138360 2012-03-26] (Symantec Corporation)
S3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2014-06-07] (Symantec Corporation) [File not signed]
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-10 05:24 - 2014-06-10 05:24 - 00015047 _____ () C:\Users\Mark\Downloads\FRST.txt
2014-06-10 05:23 - 2014-06-10 05:24 - 00000000 ____D () C:\FRST
2014-06-10 05:23 - 2014-06-10 05:23 - 02080768 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\ATI
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\AMD
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-06-09 22:33 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-09 22:33 - 2014-06-09 22:33 - 00000000 ____D () C:\Windows\LastGood
2014-06-09 22:24 - 2014-06-09 22:24 - 05245952 _____ () C:\Users\Mark\Downloads\RogueKillerX64.exe
2014-06-09 22:24 - 2014-06-09 22:24 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-09 00:29 - 2014-06-09 00:29 - 00000000 ____D () C:\Users\Mark\AppData\Local\CrashDumps
2014-06-09 00:09 - 2014-06-09 00:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-09 00:06 - 2014-06-09 00:06 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Mark\Downloads\mbar-1.07.0.1012.exe
2014-06-09 00:04 - 2014-06-09 00:04 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-08 19:48 - 2014-06-08 19:48 - 00000000 ____D () C:\Windows\ERUNT
2014-06-08 19:37 - 2014-06-08 19:37 - 01016261 _____ (Thisisu) C:\Users\Mark\Downloads\JunkRemovalTool.exe
2014-06-08 15:35 - 2014-06-08 19:13 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Lavasoft
2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\LavasoftStatistics
2014-06-08 15:28 - 2014-06-09 21:50 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-06-08 15:28 - 2014-06-08 15:28 - 00000061 _____ () C:\prefs.js
2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Users\Mark\AppData\Local\adawarebp
2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-06-08 15:26 - 2014-06-08 15:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-08 15:24 - 2014-06-08 15:24 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-08 15:24 - 2014-06-08 15:24 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-08 15:24 - 2014-06-08 15:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-08 15:21 - 2014-06-08 15:21 - 04748896 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup414.exe
2014-06-08 15:05 - 2014-06-08 15:11 - 00000000 ____D () C:\Program Files (x86)\HijackThis
2014-06-08 15:05 - 2014-06-08 15:05 - 00002993 _____ () C:\Users\Mark\Desktop\HiJackThis.lnk
2014-06-08 15:05 - 2014-06-08 15:05 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-06-08 15:04 - 2014-06-08 15:04 - 01402880 _____ () C:\Users\Mark\Downloads\HijackThis.msi
2014-06-08 15:02 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-08 14:50 - 2014-06-08 14:50 - 00000000 ____H () C:\Users\Mark\Documents\Default.rdp
2014-06-08 14:49 - 2014-06-08 14:49 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files\iTunes
2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files\iPod
2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-08 14:41 - 2014-06-08 14:41 - 00000000 ____D () C:\ProgramData\Stardock
2014-06-08 14:41 - 2014-06-08 14:41 - 00000000 ____D () C:\ProgramData\Ironclad Games
2014-06-08 03:07 - 2014-05-05 23:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-08 03:07 - 2014-05-05 23:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-08 03:07 - 2014-05-05 22:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-08 03:07 - 2014-05-05 22:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-08 03:07 - 2014-05-05 22:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-08 03:07 - 2014-05-05 21:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-08 03:03 - 2014-06-08 03:03 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-08 03:03 - 2014-06-08 03:03 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-08 00:46 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-08 00:46 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-08 00:46 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-08 00:46 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-08 00:46 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-08 00:46 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-06-08 00:46 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-06-08 00:46 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-08 00:45 - 2014-02-03 21:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-08 00:45 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-08 00:45 - 2012-02-11 01:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-08 00:45 - 2012-02-11 01:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-06-07 23:48 - 2014-06-07 23:48 - 00000000 ____D () C:\Users\Mark\Documents\Facepalm Games
2014-06-07 23:47 - 2014-06-07 23:47 - 00000085 _____ () C:\Windows\wininit.ini
2014-06-07 23:44 - 2014-06-07 23:44 - 00000000 ____D () C:\Users\Mark\Documents\ProcAlyzer Dumps
2014-06-07 23:14 - 2014-06-07 23:14 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software
2014-06-07 23:13 - 2014-06-07 23:14 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-07 23:13 - 2014-06-07 23:13 - 00001968 _____ () C:\Users\Public\Desktop\avast!.lnk
2014-06-07 23:13 - 2014-06-07 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-07 23:12 - 2014-06-07 23:13 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-07 23:12 - 2014-06-07 23:13 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-07 23:12 - 2014-06-07 23:13 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402200825149
2014-06-07 23:12 - 2014-06-07 23:12 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402200825149
2014-06-07 23:12 - 2014-06-07 23:12 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-07 23:12 - 2014-06-07 23:12 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-07 23:12 - 2014-06-07 23:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-07 23:12 - 2014-06-07 23:12 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-07 23:11 - 2014-06-07 23:11 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-07 23:10 - 2014-06-07 23:11 - 94714880 _____ (AVAST Software) C:\Users\Mark\Downloads\avast_free_antivirus_setup.exe
2014-06-07 22:55 - 2014-06-07 22:55 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieUserList
2014-06-07 22:55 - 2014-06-07 22:55 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieSiteList
2014-06-07 20:49 - 2014-06-07 20:50 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Trine2
2014-06-07 20:43 - 2014-06-07 21:16 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-07 19:19 - 2014-06-07 19:19 - 00000000 ____D () C:\Users\Mark\Documents\Wizards of the Coast
2014-06-07 19:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-06-07 19:18 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-06-07 19:18 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-06-07 19:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-06-07 13:22 - 2014-06-09 00:13 - 00000000 ____D () C:\Users\Mark\Documents\Paradox Interactive
2014-06-07 13:21 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-06-07 13:21 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-06-07 13:21 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-06-07 13:21 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-06-07 13:21 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-06-07 13:21 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-06-07 13:21 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-06-07 13:21 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-06-07 13:21 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-06-07 13:21 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-06-07 13:21 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-06-07 13:21 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-06-07 13:20 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-06-07 13:20 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-06-07 13:20 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-07 13:20 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-06-07 13:20 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-06-07 13:20 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-06-07 13:20 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-06-07 13:20 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-06-07 13:20 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-06-07 13:20 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-06-07 13:20 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-07 13:20 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-07 13:20 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-07 13:20 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-06-07 13:20 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-07 13:20 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-06-07 13:20 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-06-07 13:20 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-06-07 13:20 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-06-07 13:20 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-06-07 13:20 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-06-07 13:20 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-06-07 13:20 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-06-07 13:20 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-06-07 13:20 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-06-07 13:20 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-06-07 13:20 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-06-07 13:20 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-06-07 13:20 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-06-07 13:20 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-06-07 13:20 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-06-07 13:20 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-06-07 13:20 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-06-07 13:20 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-06-07 13:20 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-06-07 13:20 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-06-07 13:20 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-06-07 13:20 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-06-07 13:20 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-06-07 13:20 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-06-07 13:20 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-06-07 13:20 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-06-07 13:20 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-06-07 13:20 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-06-07 13:20 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-06-07 13:20 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-06-07 13:20 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-06-07 13:20 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-06-07 13:20 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-06-07 13:20 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-06-07 13:20 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-06-07 13:20 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-06-07 13:20 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-06-07 13:20 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-06-07 13:20 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-06-07 13:20 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-06-07 13:20 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-06-07 13:20 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-06-07 13:20 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-06-07 13:20 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-06-07 13:20 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-06-07 13:20 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-06-07 13:20 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-06-07 13:20 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-06-07 13:20 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-06-07 13:20 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-06-07 13:20 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-06-07 13:20 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-06-07 13:20 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-06-07 13:20 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-06-07 13:20 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-06-07 13:20 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-06-07 13:20 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-06-07 13:20 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-06-07 13:20 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-06-07 13:20 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-06-07 13:20 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-06-07 13:20 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-06-07 13:20 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-06-07 13:20 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-06-07 13:20 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-06-07 13:20 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-06-07 13:20 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-06-07 13:20 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-06-07 13:20 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-06-07 13:20 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-06-07 13:20 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-06-07 13:20 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-06-07 13:20 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-06-07 13:20 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-06-07 13:20 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-06-07 13:20 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-06-07 13:20 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-06-07 13:20 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-06-07 13:20 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-06-07 13:20 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-06-07 13:20 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-06-07 13:20 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-06-07 13:20 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-06-07 13:20 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-06-07 13:20 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-06-07 10:36 - 2014-06-07 10:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-07 10:34 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-06-07 10:34 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-06-07 10:34 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-06-07 10:34 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-06-07 10:34 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-06-07 10:34 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-06-07 10:34 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-06-07 10:34 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-06-07 10:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-06-07 10:15 - 2014-06-07 10:15 - 00001415 _____ () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-07 10:15 - 2014-06-07 10:15 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-07 10:10 - 2014-06-07 10:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-07 10:08 - 2014-06-09 21:48 - 00000000 ____D () C:\AdwCleaner
2014-06-07 10:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-07 10:07 - 2014-06-07 10:07 - 01333465 _____ () C:\Users\Mark\Downloads\AdwCleaner.exe
2014-06-07 07:44 - 2014-06-07 07:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-07 07:35 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-07 07:35 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-07 07:35 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-07 07:35 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-07 07:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-06-07 07:22 - 2014-06-07 07:22 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-07 07:22 - 2014-06-07 07:22 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-07 07:22 - 2014-06-07 07:22 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-07 07:22 - 2014-06-07 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-07 07:22 - 2014-06-07 07:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-07 07:22 - 2014-06-07 07:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-07 07:22 - 2014-06-07 07:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-07 07:22 - 2014-06-07 07:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-07 07:22 - 2014-06-07 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-07 07:22 - 2014-06-07 07:22 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-07 07:22 - 2014-06-07 07:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-07 07:21 - 2014-06-07 07:21 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-07 07:10 - 2014-06-07 07:24 - 00008225 _____ () C:\Windows\IE11_main.log
2014-06-07 07:08 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-07 07:08 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-07 07:08 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-07 07:08 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-07 07:08 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-07 07:08 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-07 07:08 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-07 07:08 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-07 07:08 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-07 07:08 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-07 07:08 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-07 07:08 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-07 07:08 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-07 07:08 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-07 07:08 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-07 07:08 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-07 06:52 - 2014-06-07 06:58 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-07 06:51 - 2014-06-07 06:51 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-06-07 06:51 - 2014-06-07 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-07 06:51 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-07 06:51 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-07 06:51 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-07 06:51 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-07 06:51 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-07 06:51 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-07 06:51 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-07 06:48 - 2013-01-13 16:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-07 06:48 - 2013-01-13 15:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-07 06:48 - 2013-01-13 15:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-07 06:48 - 2013-01-13 15:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-06-07 06:48 - 2013-01-13 14:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-07 06:48 - 2013-01-13 14:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-07 06:48 - 2013-01-13 14:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-06-07 06:48 - 2013-01-13 14:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-07 06:48 - 2013-01-13 14:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-06-07 06:48 - 2013-01-13 14:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-07 06:48 - 2013-01-13 14:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-07 06:48 - 2013-01-13 14:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-06-07 06:48 - 2013-01-13 14:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-07 06:48 - 2013-01-13 14:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-07 06:48 - 2013-01-13 14:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-07 06:48 - 2013-01-13 14:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-07 06:48 - 2013-01-13 14:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-07 06:48 - 2013-01-13 14:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-07 06:48 - 2013-01-13 14:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-07 06:48 - 2013-01-13 13:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-07 06:48 - 2013-01-13 13:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-07 06:48 - 2013-01-13 12:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-07 06:48 - 2013-01-13 12:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-07 06:48 - 2013-01-04 01:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-07 06:48 - 2013-01-04 01:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-07 06:46 - 2014-06-07 06:46 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-07 06:45 - 2014-06-07 06:45 - 00601728 _____ () C:\Windows\system32\atiicdxx.dat
2014-06-07 06:45 - 2014-06-07 06:45 - 00343040 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-06-07 06:45 - 2014-06-07 06:45 - 00236544 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-06-07 06:45 - 2014-06-07 06:45 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-06-07 06:45 - 2014-06-07 06:45 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-06-07 06:45 - 2014-06-07 06:45 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-06-07 06:45 - 2014-06-07 06:45 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00095760 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-06-07 06:45 - 2014-06-07 06:45 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\atisamu32.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-06-07 06:45 - 2014-06-07 06:45 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00360448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00245896 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-06-07 06:44 - 2014-06-07 06:44 - 00245896 _____ () C:\Windows\system32\atiapfxx.blb
2014-06-07 06:44 - 2014-06-07 06:44 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-06-07 06:44 - 2014-06-07 06:44 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-06-07 06:44 - 2014-06-07 06:44 - 00072704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00072704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00071680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00038159 _____ () C:\Windows\atiogl.xml
2014-06-07 06:44 - 2014-06-07 06:44 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-06-07 06:44 - 2014-06-07 06:44 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 26181632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 19753984 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 16090624 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 13764096 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 11174400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-06-07 06:43 - 2014-06-07 06:45 - 07431680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 06800896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 04731904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-06-07 06:43 - 2014-06-07 06:45 - 02664704 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-06-07 06:43 - 2014-06-07 06:45 - 02631008 _____ () C:\Windows\system32\atiumd6a.cap
2014-06-07 06:43 - 2014-06-07 06:45 - 01120768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-06-07 06:43 - 2014-06-07 06:44 - 01831424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-06-07 06:43 - 2014-06-07 06:44 - 00514560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-06-07 06:43 - 2014-06-07 06:44 - 00503808 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-06-07 06:43 - 2014-06-07 06:44 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-06-07 06:10 - 2014-06-10 03:00 - 01901775 _____ () C:\Windows\WindowsUpdate.log
2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\TouchSmartData
2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\RemEngine
2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\Hewlett-Packard_Company
2014-06-07 06:09 - 2014-06-10 05:24 - 00000000 ____D () C:\Users\Mark\AppData\Local\Temp
2014-06-07 06:09 - 2014-06-08 14:58 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-07 06:09 - 2014-06-07 06:09 - 00003290 _____ () C:\Windows\System32\Tasks\RMCreator
2014-06-07 06:09 - 2014-06-07 06:09 - 00000020 ___SH () C:\Users\Mark\ntuser.ini
2014-06-07 06:09 - 2014-06-07 04:22 - 00000000 ____D () C:\Users\Mark
2014-06-07 06:09 - 2012-09-05 22:14 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Macromedia
2014-06-07 06:09 - 2012-09-05 22:04 - 00000000 ____D () C:\Users\Mark\AppData\Local\Hewlett-Packard
2014-06-07 06:09 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-07 06:04 - 2014-06-07 06:10 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cPC_h8-1360t_Y53316J_0U_Q2MD23601PR_E12NA2RCW601_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B7.15_T120702_W73-1_L409_M8150_J1500_7Intel_8506_93.40_#120911_N19691091;18145392_Z_G1002679A_Ohp BDDVDRW CH28N.MRK
2014-06-07 06:04 - 2014-06-07 06:10 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_cPC_h8-1360t_Y53316J_0U_Q2MD23601PR_E12NA2RCW601_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B7.15_T120702_W73-1_L409_M8150_J1500_7Intel_8506_93.40_#120911_N19691091;18145392_Z_G1002679A_Ohp BDDVDRW CH28N.MRK
2014-06-07 05:53 - 2014-06-07 05:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-07 05:53 - 2014-05-04 17:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-07 05:46 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-06-07 05:46 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-06-07 05:46 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-06-07 05:46 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-06-07 05:46 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-06-07 05:46 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-06-07 05:46 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-06-07 05:46 - 2012-06-02 09:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-07 05:41 - 2014-06-07 05:41 - 00000000 ____D () C:\ProgramData\Brother
2014-06-07 05:36 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-06-07 05:36 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-06-07 05:36 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-06-07 05:27 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-07 05:27 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

TDSSKiller.3.0.0.39_10.06.2014_05.28.27_log.txt

Link to post
Share on other sites

2014-06-07 05:27 - 2014-04-11 21:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-06-07 05:27 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-06-07 05:27 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-06-07 05:27 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-06-07 05:27 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-06-07 05:27 - 2014-04-11 21:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-06-07 05:27 - 2014-04-11 21:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-06-07 05:27 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-06-07 05:27 - 2014-03-04 04:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-06-07 05:27 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-06-07 05:27 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-06-07 05:27 - 2014-03-04 04:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-06-07 05:27 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-06-07 05:27 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-06-07 05:27 - 2014-03-04 04:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-06-07 05:27 - 2014-03-04 04:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-06-07 05:27 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-06-07 05:27 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-06-07 05:27 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-06-07 05:27 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-06-07 05:27 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-06-07 05:27 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-06-07 05:27 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-06-07 05:27 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-06-07 05:27 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-06-07 05:27 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-06-07 05:26 - 2014-03-24 21:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-06-07 05:26 - 2014-03-24 21:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-06-07 05:26 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-06-07 05:26 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-06-07 05:26 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-06-07 05:26 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-06-07 05:26 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-06-07 05:26 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-06-07 05:26 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-06-07 05:26 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-06-07 05:26 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-06-07 05:26 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-06-07 05:26 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-06-07 05:26 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-06-07 05:26 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-06-07 05:26 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-06-07 05:26 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-06-07 05:26 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-06-07 05:26 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-06-07 05:26 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-06-07 05:26 - 2013-02-27 01:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-06-07 05:26 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-06-07 05:26 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-06-07 05:26 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll

2014-06-07 05:26 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-06-07 05:26 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll

2014-06-07 05:26 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs

2014-06-07 05:26 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs

2014-06-07 05:26 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs

2014-06-07 05:26 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs

2014-06-07 05:25 - 2014-06-07 05:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-06-07 05:25 - 2014-05-09 01:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-07 05:25 - 2014-05-09 01:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-07 05:25 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-06-07 05:25 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-06-07 05:25 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-06-07 05:25 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-06-07 05:25 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-06-07 05:25 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-06-07 05:25 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-06-07 05:25 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-06-07 05:25 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-06-07 05:25 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-06-07 05:25 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-06-07 05:25 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-06-07 05:25 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-06-07 05:25 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-06-07 05:25 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-06-07 05:25 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-06-07 05:25 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-06-07 05:25 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-06-07 05:25 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-06-07 05:24 - 2014-06-07 23:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-06-07 05:24 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-06-07 05:24 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-06-07 05:24 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-06-07 05:24 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-06-07 05:24 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-06-07 05:24 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-07 05:24 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-07 05:24 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-07 05:24 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-07 05:24 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-06-07 05:24 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-06-07 05:24 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-06-07 05:24 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-06-07 05:24 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-06-07 05:24 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-06-07 05:24 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-06-07 05:24 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-06-07 05:24 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-06-07 05:24 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-06-07 05:24 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-06-07 05:24 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-06-07 05:24 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-06-07 05:24 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-06-07 05:24 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-06-07 05:24 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-06-07 05:24 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-06-07 05:24 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-06-07 05:24 - 2012-10-03 12:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-06-07 05:24 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-06-07 05:24 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-06-07 05:24 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-06-07 05:24 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-06-07 05:24 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-06-07 05:24 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2014-06-07 05:24 - 2012-10-03 11:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2014-06-07 05:24 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2014-06-07 05:24 - 2012-10-03 11:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-06-07 05:24 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-06-07 05:24 - 2012-01-13 02:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2014-06-07 05:24 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-06-07 05:24 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-06-07 05:23 - 2014-02-06 20:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-07 05:23 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-06-07 05:23 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-06-07 05:23 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-06-07 05:23 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-06-07 05:23 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-06-07 05:23 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-06-07 05:23 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-06-07 05:23 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-06-07 05:23 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-06-07 05:23 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-06-07 05:23 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-06-07 05:23 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-06-07 05:23 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-06-07 05:23 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-06-07 05:23 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-06-07 05:23 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-06-07 05:23 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-06-07 05:23 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-06-07 05:23 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-06-07 05:23 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-06-07 05:23 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-06-07 05:23 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-06-07 05:23 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-06-07 05:23 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-06-07 05:23 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-06-07 05:23 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-06-07 05:23 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-06-07 05:23 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-06-07 05:23 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-06-07 05:23 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-06-07 05:23 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-06-07 05:23 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-06-07 05:23 - 2012-11-28 17:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-06-07 05:23 - 2012-11-22 00:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-07 05:23 - 2012-11-21 23:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-07 05:23 - 2012-11-01 00:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-07 05:23 - 2012-10-31 23:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-07 05:23 - 2012-08-22 13:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-06-07 05:23 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-06-07 05:23 - 2012-05-01 00:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-06-07 05:23 - 2012-04-26 00:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-06-07 05:23 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-06-07 05:23 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-06-07 05:20 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-06-07 05:20 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2014-06-07 05:20 - 2012-04-27 22:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-06-07 05:19 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-06-07 05:19 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-07 05:19 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-06-07 05:19 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-06-07 05:19 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-06-07 05:19 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-06-07 05:19 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-06-07 05:19 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-06-07 05:19 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-06-07 05:18 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-06-07 05:18 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-06-07 05:18 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-06-07 05:18 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-06-07 05:18 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-06-07 05:18 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-06-07 05:18 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-06-07 05:18 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-06-07 05:18 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-06-07 05:18 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-06-07 05:18 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-06-07 05:18 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-06-07 05:18 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-06-07 05:18 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-06-07 05:17 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-06-07 05:17 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-06-07 05:17 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-06-07 05:17 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-06-07 05:17 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-06-07 05:17 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-06-07 05:17 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-06-07 05:17 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-06-07 05:17 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-06-07 05:17 - 2013-01-03 01:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-07 05:17 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-06-07 05:17 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2014-06-07 05:16 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-06-07 05:16 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-06-07 05:16 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-06-07 05:16 - 2014-02-03 21:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-06-07 05:16 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-06-07 05:16 - 2014-02-03 21:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-06-07 05:16 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-06-07 05:16 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-06-07 05:16 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-06-07 05:16 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-06-07 05:16 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-06-07 05:16 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-06-07 05:16 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-06-07 05:16 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-06-07 05:16 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-06-07 05:16 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-06-07 05:16 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-06-07 05:16 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-06-07 05:16 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-06-07 05:16 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-06-07 05:16 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-06-07 05:16 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-06-07 05:16 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-06-07 05:16 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-06-07 05:16 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-06-07 05:16 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-06-07 05:16 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-06-07 05:16 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-06-07 05:16 - 2013-01-24 01:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-06-07 05:16 - 2012-11-22 22:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-06-07 05:16 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-06-07 05:16 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-06-07 05:16 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-06-07 05:16 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-06-07 05:16 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-06-07 05:16 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2014-06-07 05:16 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2014-06-07 05:16 - 2012-05-14 00:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-06-07 05:16 - 2012-05-05 03:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-06-07 05:16 - 2012-05-05 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-06-07 05:16 - 2012-04-07 07:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-06-07 05:16 - 2012-04-07 06:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-06-07 05:16 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-06-07 05:16 - 2011-02-22 23:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

2014-06-07 05:16 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-06-07 05:08 - 2014-06-07 05:10 - 13084896 _____ (Microsoft Corporation) C:\Users\Mark\Downloads\Silverlight_x64.exe

2014-06-07 05:02 - 2014-06-08 14:39 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\HpUpdate

2014-06-07 04:59 - 2014-06-07 04:59 - 00002583 _____ () C:\Users\Public\Desktop\GPower 3.1.lnk

2014-06-07 04:59 - 2014-06-07 04:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPower

2014-06-07 04:59 - 2014-06-07 04:59 - 00000000 ____D () C:\Program Files (x86)\GPower 3.1

2014-06-07 04:58 - 2014-06-07 04:58 - 00000000 ____D () C:\Users\Mark\Desktop\Psy3413

2014-06-07 04:58 - 2014-06-07 04:58 - 00000000 ____D () C:\Users\Mark\Desktop\MSARI

2014-06-07 04:56 - 2014-06-07 04:56 - 13451133 _____ () C:\Users\Mark\Downloads\GPowerWin_3.1.9.2.zip

2014-06-07 04:55 - 2014-06-07 04:55 - 00003021 _____ () C:\Users\Mark\Desktop\Microsoft Word 2010.lnk

2014-06-07 04:55 - 2014-06-07 04:55 - 00002951 _____ () C:\Users\Mark\Desktop\Microsoft Excel 2010.lnk

2014-06-07 04:55 - 2014-06-07 04:55 - 00002937 _____ () C:\Users\Mark\Desktop\Microsoft PowerPoint 2010.lnk

2014-06-07 04:54 - 2014-06-07 04:54 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-06-07 04:54 - 2014-06-07 04:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-06-07 04:53 - 2014-06-07 04:53 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-06-07 04:52 - 2014-06-08 03:08 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-07 04:52 - 2014-06-07 04:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 __RHD () C:\MSOCache

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 ____D () C:\Users\Mark\AppData\Local\Microsoft Help

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-06-07 04:50 - 2014-06-08 14:42 - 00000000 ____D () C:\Users\Mark\Documents\my games

2014-06-07 04:42 - 2014-06-07 04:49 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Windows\System32\Tasks\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files\Bonjour

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-06-07 04:42 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2014-06-07 04:41 - 2014-06-08 14:47 - 00000000 ____D () C:\ProgramData\Apple

2014-06-07 04:39 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-06-07 04:39 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-06-07 04:39 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-06-07 04:38 - 2014-06-07 04:40 - 97206096 _____ (Apple Inc.) C:\Users\Mark\Downloads\iTunes64Setup.exe

2014-06-07 04:33 - 2012-06-02 17:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-06-07 04:33 - 2012-06-02 17:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-06-07 04:33 - 2012-06-02 17:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-06-07 04:33 - 2012-06-02 17:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-06-07 04:33 - 2012-06-02 17:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-06-07 04:33 - 2012-06-02 17:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-06-07 04:33 - 2012-06-02 17:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-06-07 04:33 - 2012-06-02 17:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-06-07 04:33 - 2012-06-02 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-06-07 04:28 - 2014-06-09 22:36 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-06-07 04:28 - 2014-06-07 04:28 - 00000965 _____ () C:\Users\Public\Desktop\Steam.lnk

2014-06-07 04:28 - 2014-06-07 04:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-06-07 04:27 - 2014-06-07 04:27 - 01141680 _____ () C:\Users\Mark\Downloads\SteamSetup.exe

2014-06-07 04:26 - 2014-06-07 04:26 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-06-07 04:26 - 2014-06-07 04:26 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog

2014-06-07 04:26 - 2014-06-07 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-06-07 04:25 - 2014-06-10 04:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-07 04:25 - 2014-06-10 02:30 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-07 04:25 - 2014-06-07 04:26 - 00000000 ____D () C:\Users\Mark\AppData\Local\Google

2014-06-07 04:25 - 2014-06-07 04:26 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-07 04:25 - 2014-06-07 04:25 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-07 04:25 - 2014-06-07 04:25 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-07 04:25 - 2014-06-07 04:25 - 00000000 ____D () C:\Users\Mark\AppData\Local\Deployment

2014-06-07 04:25 - 2014-06-07 04:25 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apps\2.0

2014-06-07 04:22 - 2014-06-07 04:22 - 00002570 _____ () C:\Windows\DPINST.LOG

2014-06-07 04:22 - 2014-06-07 04:22 - 00000000 ____D () C:\Users\Mark\hpremote

2014-06-07 04:17 - 2014-06-10 01:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-07 04:17 - 2014-06-07 04:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-07 04:17 - 2014-06-07 04:17 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-07 04:17 - 2014-06-07 04:17 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-07 04:17 - 2014-06-07 04:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-07 04:17 - 2014-05-12 09:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-07 04:17 - 2014-05-12 09:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-07 04:17 - 2014-05-12 09:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-06-07 04:14 - 2014-06-07 23:23 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Adobe

2014-06-07 04:14 - 2014-06-07 06:25 - 00064672 _____ () C:\Users\Mark\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-07 04:13 - 2014-06-07 04:13 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\ATI

2014-06-07 04:13 - 2014-06-07 04:13 - 00000000 ____D () C:\Users\Mark\AppData\Local\ATI

2014-06-07 04:12 - 2014-06-09 16:25 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C60AD87D-CA0B-42B2-B557-19C8A7B84606}

2014-06-07 04:12 - 2014-06-07 23:23 - 00000000 ____D () C:\Users\Mark\AppData\Local\Adobe

2014-06-07 04:12 - 2014-06-07 10:15 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-06-07 04:12 - 2014-06-07 04:12 - 00000000 ____D () C:\Users\Mark\AppData\Local\VirtualStore

2014-06-07 04:12 - 2014-06-07 04:12 - 00000000 ____D () C:\Users\Mark\AppData\Local\PDFC

 

==================== One Month Modified Files and Folders =======

 

2014-06-10 05:24 - 2014-06-10 05:24 - 00015047 _____ () C:\Users\Mark\Downloads\FRST.txt

2014-06-10 05:24 - 2014-06-10 05:23 - 00000000 ____D () C:\FRST

2014-06-10 05:24 - 2014-06-07 06:09 - 00000000 ____D () C:\Users\Mark\AppData\Local\Temp

2014-06-10 05:23 - 2014-06-10 05:23 - 02080768 _____ (Farbar) C:\Users\Mark\Downloads\FRST64.exe

2014-06-10 05:19 - 2012-09-05 22:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-10 04:30 - 2014-06-07 04:25 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-10 03:00 - 2014-06-07 06:10 - 01901775 _____ () C:\Windows\WindowsUpdate.log

2014-06-10 02:30 - 2014-06-07 04:25 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-10 01:07 - 2014-06-07 04:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-09 22:37 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-09 22:36 - 2014-06-07 04:28 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\ATI

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\ProgramData\AMD

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2014-06-09 22:34 - 2014-06-09 22:34 - 00000000 ____D () C:\Program Files (x86)\AMD APP

2014-06-09 22:34 - 2014-06-09 22:33 - 00000000 ____D () C:\Program Files\ATI Technologies

2014-06-09 22:34 - 2012-09-05 22:03 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2014-06-09 22:34 - 2009-07-13 23:51 - 00043776 _____ () C:\Windows\setupact.log

2014-06-09 22:33 - 2014-06-09 22:33 - 00000000 ____D () C:\Windows\LastGood

2014-06-09 22:24 - 2014-06-09 22:24 - 05245952 _____ () C:\Users\Mark\Downloads\RogueKillerX64.exe

2014-06-09 22:24 - 2014-06-09 22:24 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-06-09 21:57 - 2009-07-13 23:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-09 21:57 - 2009-07-13 23:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-09 21:50 - 2014-06-08 15:28 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection

2014-06-09 21:50 - 2012-09-05 22:18 - 00000000 ____D () C:\ProgramData\PDFC

2014-06-09 21:50 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-09 21:49 - 2010-11-20 22:47 - 00290442 _____ () C:\Windows\PFRO.log

2014-06-09 21:48 - 2014-06-07 10:08 - 00000000 ____D () C:\AdwCleaner

2014-06-09 16:25 - 2014-06-07 04:12 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C60AD87D-CA0B-42B2-B557-19C8A7B84606}

2014-06-09 00:29 - 2014-06-09 00:29 - 00000000 ____D () C:\Users\Mark\AppData\Local\CrashDumps

2014-06-09 00:23 - 2014-06-09 00:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-06-09 00:13 - 2014-06-07 13:22 - 00000000 ____D () C:\Users\Mark\Documents\Paradox Interactive

2014-06-09 00:13 - 2012-09-05 22:19 - 00314272 _____ () C:\Windows\DirectX.log

2014-06-09 00:06 - 2014-06-09 00:06 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Mark\Downloads\mbar-1.07.0.1012.exe

2014-06-09 00:04 - 2014-06-09 00:04 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-06-08 19:48 - 2014-06-08 19:48 - 00000000 ____D () C:\Windows\ERUNT

2014-06-08 19:37 - 2014-06-08 19:37 - 01016261 _____ (Thisisu) C:\Users\Mark\Downloads\JunkRemovalTool.exe

2014-06-08 19:13 - 2014-06-08 15:35 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Lavasoft

2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\LavasoftStatistics

2014-06-08 15:28 - 2014-06-08 15:28 - 00000061 _____ () C:\prefs.js

2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Users\Mark\AppData\Local\adawarebp

2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Program Files\Lavasoft

2014-06-08 15:28 - 2014-06-08 15:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft

2014-06-08 15:26 - 2014-06-08 15:26 - 00000000 ____D () C:\ProgramData\Lavasoft

2014-06-08 15:24 - 2014-06-08 15:24 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2014-06-08 15:24 - 2014-06-08 15:24 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-06-08 15:24 - 2014-06-08 15:24 - 00000000 ____D () C:\Program Files\CCleaner

2014-06-08 15:21 - 2014-06-08 15:21 - 04748896 _____ (Piriform Ltd) C:\Users\Mark\Downloads\ccsetup414.exe

2014-06-08 15:11 - 2014-06-08 15:05 - 00000000 ____D () C:\Program Files (x86)\HijackThis

2014-06-08 15:05 - 2014-06-08 15:05 - 00002993 _____ () C:\Users\Mark\Desktop\HiJackThis.lnk

2014-06-08 15:05 - 2014-06-08 15:05 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2014-06-08 15:04 - 2014-06-08 15:04 - 01402880 _____ () C:\Users\Mark\Downloads\HijackThis.msi

2014-06-08 14:58 - 2014-06-07 06:09 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-08 14:50 - 2014-06-08 14:50 - 00000000 ____H () C:\Users\Mark\Documents\Default.rdp

2014-06-08 14:49 - 2014-06-08 14:49 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files\iTunes

2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files\iPod

2014-06-08 14:49 - 2014-06-08 14:49 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-06-08 14:47 - 2014-06-07 04:41 - 00000000 ____D () C:\ProgramData\Apple

2014-06-08 14:42 - 2014-06-07 04:50 - 00000000 ____D () C:\Users\Mark\Documents\my games

2014-06-08 14:41 - 2014-06-08 14:41 - 00000000 ____D () C:\ProgramData\Stardock

2014-06-08 14:41 - 2014-06-08 14:41 - 00000000 ____D () C:\ProgramData\Ironclad Games

2014-06-08 14:39 - 2014-06-07 05:02 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\HpUpdate

2014-06-08 14:32 - 2012-09-05 22:20 - 00000000 ____D () C:\ProgramData\Norton

2014-06-08 03:08 - 2014-06-07 04:52 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-08 03:04 - 2011-02-11 12:15 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-06-08 03:03 - 2014-06-08 03:03 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-06-08 03:03 - 2014-06-08 03:03 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-06-07 23:48 - 2014-06-07 23:48 - 00000000 ____D () C:\Users\Mark\Documents\Facepalm Games

2014-06-07 23:47 - 2014-06-07 23:47 - 00000085 _____ () C:\Windows\wininit.ini

2014-06-07 23:47 - 2014-06-07 05:24 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-06-07 23:44 - 2014-06-07 23:44 - 00000000 ____D () C:\Users\Mark\Documents\ProcAlyzer Dumps

2014-06-07 23:23 - 2014-06-07 04:14 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Adobe

2014-06-07 23:23 - 2014-06-07 04:12 - 00000000 ____D () C:\Users\Mark\AppData\Local\Adobe

2014-06-07 23:22 - 2012-09-05 22:11 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-06-07 23:22 - 2012-09-05 22:11 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-07 23:22 - 2012-09-05 22:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-06-07 23:17 - 2012-09-05 22:12 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-07 23:14 - 2014-06-07 23:14 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\AVAST Software

2014-06-07 23:14 - 2014-06-07 23:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-06-07 23:13 - 2014-06-07 23:13 - 00001968 _____ () C:\Users\Public\Desktop\avast!.lnk

2014-06-07 23:13 - 2014-06-07 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

2014-06-07 23:13 - 2014-06-07 23:12 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-06-07 23:13 - 2014-06-07 23:12 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-06-07 23:13 - 2014-06-07 23:12 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402200825149

2014-06-07 23:12 - 2014-06-07 23:12 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402200825149

2014-06-07 23:12 - 2014-06-07 23:12 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-06-07 23:12 - 2014-06-07 23:12 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-06-07 23:12 - 2014-06-07 23:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-06-07 23:12 - 2014-06-07 23:12 - 00000000 ____D () C:\Program Files\AVAST Software

2014-06-07 23:11 - 2014-06-07 23:11 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-06-07 23:11 - 2014-06-07 23:10 - 94714880 _____ (AVAST Software) C:\Users\Mark\Downloads\avast_free_antivirus_setup.exe

2014-06-07 22:55 - 2014-06-07 22:55 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieUserList

2014-06-07 22:55 - 2014-06-07 22:55 - 00000000 __SHD () C:\Users\Mark\AppData\Local\EmieSiteList

2014-06-07 21:16 - 2014-06-07 20:43 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-06-07 20:50 - 2014-06-07 20:49 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Trine2

2014-06-07 19:19 - 2014-06-07 19:19 - 00000000 ____D () C:\Users\Mark\Documents\Wizards of the Coast

2014-06-07 19:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-07 10:36 - 2014-06-07 10:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-06-07 10:15 - 2014-06-07 10:15 - 00001415 _____ () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-07 10:15 - 2014-06-07 10:15 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-06-07 10:15 - 2014-06-07 04:12 - 00000000 ___RD () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-06-07 10:15 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-06-07 10:15 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-07 10:11 - 2009-07-13 23:45 - 00291928 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-07 10:10 - 2014-06-07 10:10 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-07 10:10 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-06-07 10:10 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-06-07 10:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-06-07 10:07 - 2014-06-07 10:07 - 01333465 _____ () C:\Users\Mark\Downloads\AdwCleaner.exe

2014-06-07 07:44 - 2014-06-07 07:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-06-07 07:24 - 2014-06-07 07:10 - 00008225 _____ () C:\Windows\IE11_main.log

2014-06-07 07:22 - 2014-06-07 07:22 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-07 07:22 - 2014-06-07 07:22 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-07 07:22 - 2014-06-07 07:22 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-06-07 07:22 - 2014-06-07 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-06-07 07:22 - 2014-06-07 07:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-06-07 07:22 - 2014-06-07 07:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-06-07 07:22 - 2014-06-07 07:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-06-07 07:22 - 2014-06-07 07:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-06-07 07:22 - 2014-06-07 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-06-07 07:22 - 2014-06-07 07:22 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-06-07 07:22 - 2014-06-07 07:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-07 07:21 - 2014-06-07 07:21 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-06-07 07:06 - 2012-09-05 21:57 - 00000000 ____D () C:\ProgramData\SonicFocus

2014-06-07 07:06 - 2012-09-05 21:57 - 00000000 ____D () C:\Program Files\IDT

2014-06-07 06:58 - 2014-06-07 06:52 - 00000000 ____D () C:\ProgramData\Recovery

2014-06-07 06:52 - 2009-07-14 00:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG

2014-06-07 06:52 - 2009-07-14 00:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

2014-06-07 06:51 - 2014-06-07 06:51 - 00000000 ____D () C:\Windows\Hewlett-Packard

2014-06-07 06:51 - 2014-06-07 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2014-06-07 06:51 - 2012-09-05 22:03 - 00000000 ____D () C:\Program Files (x86)\Hp

2014-06-07 06:46 - 2014-06-07 06:46 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2014-06-07 06:45 - 2014-06-07 06:45 - 00601728 _____ () C:\Windows\system32\atiicdxx.dat

2014-06-07 06:45 - 2014-06-07 06:45 - 00343040 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys

2014-06-07 06:45 - 2014-06-07 06:45 - 00236544 _____ (AMD) C:\Windows\system32\atiesrxx.exe

2014-06-07 06:45 - 2014-06-07 06:45 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat

2014-06-07 06:45 - 2014-06-07 06:45 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat

2014-06-07 06:45 - 2014-06-07 06:45 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe

2014-06-07 06:45 - 2014-06-07 06:45 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00095760 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys

2014-06-07 06:45 - 2014-06-07 06:45 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\atisamu32.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll

2014-06-07 06:45 - 2014-06-07 06:45 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 26181632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 19753984 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 16090624 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 13764096 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 11174400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys

2014-06-07 06:45 - 2014-06-07 06:43 - 07431680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 06800896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 04731904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll

2014-06-07 06:45 - 2014-06-07 06:43 - 02664704 _____ () C:\Windows\SysWOW64\atiumdva.cap

2014-06-07 06:45 - 2014-06-07 06:43 - 02631008 _____ () C:\Windows\system32\atiumd6a.cap

2014-06-07 06:45 - 2014-06-07 06:43 - 01120768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll

2014-06-07 06:45 - 2012-03-10 05:59 - 01067520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll

2014-06-07 06:45 - 2012-03-10 05:33 - 07479296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll

2014-06-07 06:45 - 2012-03-10 05:14 - 06203392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll

2014-06-07 06:45 - 2012-03-10 05:05 - 04795904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll

2014-06-07 06:45 - 2012-03-10 04:57 - 00064000 _____ (AMD) C:\Windows\system32\coinst.dll

2014-06-07 06:45 - 2012-03-10 04:50 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll

2014-06-07 06:45 - 2012-03-10 04:50 - 00032256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00360448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00245896 _____ () C:\Windows\SysWOW64\atiapfxx.blb

2014-06-07 06:44 - 2014-06-07 06:44 - 00245896 _____ () C:\Windows\system32\atiapfxx.blb

2014-06-07 06:44 - 2014-06-07 06:44 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat

2014-06-07 06:44 - 2014-06-07 06:44 - 00157144 _____ () C:\Windows\system32\ativvsva.dat

2014-06-07 06:44 - 2014-06-07 06:44 - 00072704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00072704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00071680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00038159 _____ () C:\Windows\atiogl.xml

2014-06-07 06:44 - 2014-06-07 06:44 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll

2014-06-07 06:44 - 2014-06-07 06:44 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll

2014-06-07 06:44 - 2014-06-07 06:43 - 01831424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll

2014-06-07 06:44 - 2014-06-07 06:43 - 00514560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll

2014-06-07 06:44 - 2014-06-07 06:43 - 00503808 _____ (AMD) C:\Windows\system32\atieclxx.exe

2014-06-07 06:44 - 2014-06-07 06:43 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll

2014-06-07 06:44 - 2012-03-10 06:01 - 00909312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll

2014-06-07 06:25 - 2014-06-07 04:14 - 00064672 _____ () C:\Users\Mark\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-07 06:23 - 2011-02-11 11:32 - 00000000 ____D () C:\SWSETUP

2014-06-07 06:23 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\restore

2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\TouchSmartData

2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\RemEngine

2014-06-07 06:10 - 2014-06-07 06:10 - 00000000 ____D () C:\Users\Mark\AppData\Local\Hewlett-Packard_Company

2014-06-07 06:10 - 2014-06-07 06:04 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cPC_h8-1360t_Y53316J_0U_Q2MD23601PR_E12NA2RCW601_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B7.15_T120702_W73-1_L409_M8150_J1500_7Intel_8506_93.40_#120911_N19691091;18145392_Z_G1002679A_Ohp BDDVDRW CH28N.MRK

2014-06-07 06:10 - 2014-06-07 06:04 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_cPC_h8-1360t_Y53316J_0U_Q2MD23601PR_E12NA2RCW601_4A_I2AD5_SPEGATRON CORPORATION_V1.03_B7.15_T120702_W73-1_L409_M8150_J1500_7Intel_8506_93.40_#120911_N19691091;18145392_Z_G1002679A_Ohp BDDVDRW CH28N.MRK

2014-06-07 06:10 - 2012-09-05 22:20 - 00000000 ___RD () C:\Program Files\Online Services

2014-06-07 06:10 - 2012-09-05 22:07 - 00000000 ___RD () C:\Program Files (x86)\Online Services

2014-06-07 06:10 - 2012-09-05 22:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection

2014-06-07 06:10 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar

2014-06-07 06:10 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar

2014-06-07 06:09 - 2014-06-07 06:09 - 00003290 _____ () C:\Windows\System32\Tasks\RMCreator

2014-06-07 06:09 - 2014-06-07 06:09 - 00000020 ___SH () C:\Users\Mark\ntuser.ini

2014-06-07 06:09 - 2011-02-11 12:00 - 00000000 ____D () C:\Windows\Panther

2014-06-07 06:08 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-06-07 06:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-06-07 06:04 - 2009-07-13 23:46 - 00005075 _____ () C:\Windows\DtcInstall.log

2014-06-07 06:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep

2014-06-07 06:03 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-06-07 06:00 - 2011-02-11 12:04 - 00005949 _____ () C:\Windows\TSSysprep.log

2014-06-07 05:54 - 2014-06-07 05:53 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-07 05:41 - 2014-06-07 05:41 - 00000000 ____D () C:\ProgramData\Brother

2014-06-07 05:30 - 2012-09-05 22:03 - 00008157 _____ () C:\Windows\system32\RaCoInst.log

2014-06-07 05:25 - 2014-06-07 05:25 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-06-07 05:10 - 2014-06-07 05:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-06-07 05:10 - 2014-06-07 05:08 - 13084896 _____ (Microsoft Corporation) C:\Users\Mark\Downloads\Silverlight_x64.exe

2014-06-07 04:59 - 2014-06-07 04:59 - 00002583 _____ () C:\Users\Public\Desktop\GPower 3.1.lnk

2014-06-07 04:59 - 2014-06-07 04:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPower

2014-06-07 04:59 - 2014-06-07 04:59 - 00000000 ____D () C:\Program Files (x86)\GPower 3.1

2014-06-07 04:58 - 2014-06-07 04:58 - 00000000 ____D () C:\Users\Mark\Desktop\Psy3413

2014-06-07 04:58 - 2014-06-07 04:58 - 00000000 ____D () C:\Users\Mark\Desktop\MSARI

2014-06-07 04:56 - 2014-06-07 04:56 - 13451133 _____ () C:\Users\Mark\Downloads\GPowerWin_3.1.9.2.zip

2014-06-07 04:55 - 2014-06-07 04:55 - 00003021 _____ () C:\Users\Mark\Desktop\Microsoft Word 2010.lnk

2014-06-07 04:55 - 2014-06-07 04:55 - 00002951 _____ () C:\Users\Mark\Desktop\Microsoft Excel 2010.lnk

2014-06-07 04:55 - 2014-06-07 04:55 - 00002937 _____ () C:\Users\Mark\Desktop\Microsoft PowerPoint 2010.lnk

2014-06-07 04:54 - 2014-06-07 04:54 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2014-06-07 04:54 - 2014-06-07 04:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-06-07 04:54 - 2014-06-07 04:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-06-07 04:53 - 2014-06-07 04:53 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-06-07 04:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 __RHD () C:\MSOCache

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 ____D () C:\Users\Mark\AppData\Local\Microsoft Help

2014-06-07 04:52 - 2014-06-07 04:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-06-07 04:52 - 2010-11-21 02:16 - 00000000 ____D () C:\Windows\ShellNew

2014-06-07 04:49 - 2014-06-07 04:42 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Windows\System32\Tasks\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\ProgramData\Apple Computer

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files\Bonjour

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour

2014-06-07 04:42 - 2014-06-07 04:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

2014-06-07 04:40 - 2014-06-07 04:38 - 97206096 _____ (Apple Inc.) C:\Users\Mark\Downloads\iTunes64Setup.exe

2014-06-07 04:30 - 2012-09-05 22:16 - 00000000 ____D () C:\ProgramData\Skype

2014-06-07 04:29 - 2012-09-05 22:07 - 00000000 ____D () C:\ProgramData\CyberLink

2014-06-07 04:29 - 2012-09-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Cyberlink

2014-06-07 04:29 - 2012-09-05 22:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-06-07 04:28 - 2014-06-07 04:28 - 00000965 _____ () C:\Users\Public\Desktop\Steam.lnk

2014-06-07 04:28 - 2014-06-07 04:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2014-06-07 04:27 - 2014-06-07 04:27 - 01141680 _____ () C:\Users\Mark\Downloads\SteamSetup.exe

2014-06-07 04:27 - 2012-09-05 22:12 - 00000000 ____D () C:\ProgramData\TouchSmartData

2014-06-07 04:26 - 2014-06-07 04:26 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-06-07 04:26 - 2014-06-07 04:26 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\hpqLog

2014-06-07 04:26 - 2014-06-07 04:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-06-07 04:26 - 2014-06-07 04:25 - 00000000 ____D () C:\Users\Mark\AppData\Local\Google

2014-06-07 04:26 - 2014-06-07 04:25 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-07 04:26 - 2012-09-05 22:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2014-06-07 04:26 - 2012-09-05 22:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard

2014-06-07 04:25 - 2014-06-07 04:25 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-07 04:25 - 2014-06-07 04:25 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-07 04:25 - 2014-06-07 04:25 - 00000000 ____D () C:\Users\Mark\AppData\Local\Deployment

2014-06-07 04:25 - 2014-06-07 04:25 - 00000000 ____D () C:\Users\Mark\AppData\Local\Apps\2.0

2014-06-07 04:22 - 2014-06-07 06:09 - 00000000 ____D () C:\Users\Mark

2014-06-07 04:22 - 2014-06-07 04:22 - 00002570 _____ () C:\Windows\DPINST.LOG

2014-06-07 04:22 - 2014-06-07 04:22 - 00000000 ____D () C:\Users\Mark\hpremote

2014-06-07 04:21 - 2012-09-05 22:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers

2014-06-07 04:21 - 2012-09-05 22:02 - 00000000 ____D () C:\ProgramData\Hewlett-Packard

2014-06-07 04:21 - 2012-09-05 22:02 - 00000000 ____D () C:\Program Files\Hewlett-Packard

2014-06-07 04:17 - 2014-06-07 04:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-07 04:17 - 2014-06-07 04:17 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-07 04:17 - 2014-06-07 04:17 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-07 04:17 - 2014-06-07 04:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-07 04:13 - 2014-06-07 04:13 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\ATI

2014-06-07 04:13 - 2014-06-07 04:13 - 00000000 ____D () C:\Users\Mark\AppData\Local\ATI

2014-06-07 04:12 - 2014-06-07 04:12 - 00000000 ____D () C:\Users\Mark\AppData\Local\VirtualStore

2014-06-07 04:12 - 2014-06-07 04:12 - 00000000 ____D () C:\Users\Mark\AppData\Local\PDFC

2014-06-07 04:12 - 2011-02-11 11:32 - 00000000 __RHD () C:\SYSTEM.SAV

2014-05-12 09:26 - 2014-06-07 04:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-12 09:26 - 2014-06-07 04:17 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-12 09:25 - 2014-06-07 04:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

 

Some content of TEMP:

====================

C:\Users\Mark\AppData\Local\Temp\HitmanPro.exe

C:\Users\Mark\AppData\Local\Temp\ose00000.exe

C:\Users\Mark\AppData\Local\Temp\ose00001.exe

C:\Users\Mark\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2011-02-11 14:22

 

==================== End Of Log ============================

Link to post
Share on other sites

From Additional:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Mark at 2014-06-10 05:25:38
Running from C:\Users\Mark\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E4490157-303F-F06F-FB6E-D2053A43A182}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.3907 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.3907 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Escape the Emerald Star (x32 Version: 2.2.0.98 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.97 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
Golden Trails 2: The Lost Legacy Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
My Farm Life 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
My Game Long Name (HKLM\...\UDK-09516410-a1eb-4073-8e3d-f890d434c9cb) (Version:  - Epic Games, Inc.)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version:  - The Men Who Wear Many Hats)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.95 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Recovery Manager (x32 Version: 5.5.0.5119 - CyberLink Corp.) Hidden
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Victoria II (HKLM-x32\...\Steam App 42960) (Version:  - Paradox Development Studio)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Youda Fisherman (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
08-06-2014 04:11:52 avast! antivirus system restore point
08-06-2014 04:16:50 Removed Adobe Community Help
08-06-2014 08:00:16 Windows Update
08-06-2014 19:39:18 Installed DirectX
08-06-2014 20:01:37 Windows Update
08-06-2014 20:04:49 Installed HiJackThis
08-06-2014 20:26:37 AA11
09-06-2014 00:12:21 AA11
09-06-2014 04:54:53 Windows Update
09-06-2014 05:11:51 Installed DirectX
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00EB65FF-CD23-4B33-BE18-8EEFF15E0694} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {05875E5D-E31E-4D47-8955-B79A34104F86} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-07] (AVAST Software)
Task: {0FA4C2BD-F043-4741-B697-2598CF012580} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {1D609124-20B5-4296-86CB-13812C57EF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FB28E13-7764-45C3-B7E1-34D05A6806BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-07] (Adobe Systems Incorporated)
Task: {41A6DF3A-0615-4F77-9741-568EED0354B3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {571F8841-9169-42FE-AD54-B13DFA7612D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
Task: {63498CC1-CDEC-421B-A8C3-D33BFE77EB37} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2455823783-476655067-3290562836-1000
Task: {6C264F05-8E26-4FC1-B293-5D34E30332AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {C3526567-5C66-4213-9EB4-052D1B8D2D0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {C98DF979-59E5-49E9-978C-E58D0C86B160} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2012-03-19] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-04-05 22:00 - 2012-04-05 22:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-06-09 16:20 - 2014-06-09 16:20 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060901\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-07 23:12 - 2014-06-07 23:12 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-07 04:28 - 2014-04-29 19:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-06-07 04:28 - 2014-04-29 19:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-06-07 04:28 - 2014-04-29 19:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-06-07 04:28 - 2014-04-29 19:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-06-07 04:28 - 2014-05-16 20:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-06-07 04:28 - 2014-05-29 12:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-06-07 04:28 - 2014-04-28 19:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-06-07 04:28 - 2014-05-29 12:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-07 04:28 - 2014-05-01 18:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-06-07 04:28 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2014-06-07 04:28 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2014-06-07 04:28 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-07 04:26 - 2014-05-13 18:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-07 04:26 - 2014-05-13 18:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-06-07 04:26 - 2014-05-13 18:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-07 04:26 - 2014-05-13 18:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-06-07 04:26 - 2014-05-13 18:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/09/2014 09:41:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31216
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31216
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/09/2014 02:13:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program hoi3_tfh.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: dac
 
Start Time: 01cf83a449620618
 
Termination Time: 132
 
Application Path: C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron 3\hoi3_tfh.exe
 
Report Id:
 
Error: (06/09/2014 00:29:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hoi3_tfh.exe, version: 0.0.0.0, time stamp: 0x50978b2f
Faulting module name: hoi3_tfh.exe, version: 0.0.0.0, time stamp: 0x50978b2f
Exception code: 0xc0000005
Fault offset: 0x004564e9
Faulting process id: 0x9f0
Faulting application start time: 0xhoi3_tfh.exe0
Faulting application path: hoi3_tfh.exe1
Faulting module path: hoi3_tfh.exe2
Report Id: hoi3_tfh.exe3
 
Error: (06/09/2014 00:04:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (06/09/2014 09:50:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.
 
Error: (06/09/2014 04:20:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (06/09/2014 09:41:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Downloads\esetsmartinstaller_enu.exe
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31216
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31216
 
Error: (06/09/2014 06:49:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616
 
Error: (06/09/2014 06:49:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/09/2014 02:13:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hoi3_tfh.exe0.0.0.0dac01cf83a449620618132C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron 3\hoi3_tfh.exe
 
Error: (06/09/2014 00:29:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hoi3_tfh.exe0.0.0.050978b2fhoi3_tfh.exe0.0.0.050978b2fc0000005004564e99f001cf83a369964b7cC:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron 3\hoi3_tfh.exeC:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron 3\hoi3_tfh.exe0d432d5f-ef97-11e3-a32e-4c72b9582829
 
Error: (06/09/2014 00:04:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Downloads\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 8149.41 MB
Available physical RAM: 5033.79 MB
Total Pagefile: 16297 MB
Available Pagefile: 12824.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:1376.85 GB) (Free:1219.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:20.19 GB) (Free:2.5 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: 970281AF)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.


  • The logs can be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Zip any and all of these logs and attach the file to your next reply.

Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Would some one please help me?

I've been waiting two weeks for a reply

and no one is willing to help. I havn't said

anything wrong, and I can't figure out why

no one will help... I posted my story, and waited..

waited... nothing. Tried a second time... nothing 2 weeks later..

What do I have to do to receive a little assistance? I would donate

money to whoever PLEASE helps me de-bug my computer..

I'm almost in tears because my laptop is probably days away

from permanently being ruined and I cannot afford hundreds

of dollars to get it de-bugged... Would some one PLEASE

look at my post and help? I did everything right, posted logs,

etc... PLEASE.

Link to post
Share on other sites

I get the pop-ups occasionally in Chrome, but it is much more common on steam.  I am running the AdBlock extension on Chrome, however, so that might be blocking some of the pop ups from getting through.  I don't use Firefox too often and I never use IE, so I couldn't speak to how bad the problem is in those browsers.

Link to post
Share on other sites

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-03-09 393216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-04-04 684024]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-04-23 43848]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-08 3890208]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-27 152392]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe

.

R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/09/05 20:15;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\Common\RaMediaServer.exe;c:\program files (x86)\Ralink\Common\RaMediaServer.exe [x]

R3 EraserUtilDrv11122;EraserUtilDrv11122;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys [x]

R3 EraserUtilDrv11312;EraserUtilDrv11312;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]

S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]

S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

*Deregistered* - CLKMDRV10_38F51D56

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-06-07 09:26 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-06 04:22]

.

2014-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 09:25]

.

2014-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 09:25]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-06-08 04:12 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]

"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-25 1425408]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 198.199.96.25 66.118.165.22 66.90.132.162

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.13"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe

c:\program files (x86)\Ralink\Common\RaRegistry.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\SysWOW64\ctfmon.exe

.

**************************************************************************

.

Completion time: 2014-06-11  14:28:33 - machine was rebooted

ComboFix-quarantined-files.txt  2014-06-11 19:28

.

Pre-Run: 1,308,293,922,816 bytes free

Post-Run: 1,308,209,950,720 bytes free

.

- - End Of File - - FE4D72A0DD6A43F263874B7CB429389A
Link to post
Share on other sites

That was the entire text document.  I'll attach the document and re-copy it, if it helps.

 

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-03-09 393216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-04-04 684024]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-04-23 43848]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-08 3890208]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-27 152392]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe

.

R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/09/05 20:15;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\Common\RaMediaServer.exe;c:\program files (x86)\Ralink\Common\RaMediaServer.exe [x]

R3 EraserUtilDrv11122;EraserUtilDrv11122;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys [x]

R3 EraserUtilDrv11312;EraserUtilDrv11312;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]

S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]

S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

*Deregistered* - CLKMDRV10_38F51D56

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-06-07 09:26 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-06 04:22]

.

2014-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 09:25]

.

2014-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07 09:25]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-06-08 04:12 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]

"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-25 1425408]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 198.199.96.25 66.118.165.22 66.90.132.162

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.13"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe

c:\program files (x86)\Ralink\Common\RaRegistry.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\SysWOW64\ctfmon.exe

.

**************************************************************************

.

Completion time: 2014-06-11  14:28:33 - machine was rebooted

ComboFix-quarantined-files.txt  2014-06-11 19:28

.

Pre-Run: 1,308,293,922,816 bytes free

Post-Run: 1,308,209,950,720 bytes free

.

- - End Of File - - FE4D72A0DD6A43F263874B7CB429389A

 

ComboFix.txt

Link to post
Share on other sites

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

Here's the log.  Just to note, I didn't get the prompt to download the latest Avast! virus definitions. I'm assuming it's because I'm already running Avast! antivirus, but I thought I should mention this in case it's a problem.

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-06-13 03:41:40
-----------------------------
03:41:40.643    OS Version: Windows x64 6.1.7601 Service Pack 1
03:41:40.643    Number of processors: 8 586 0x3A09
03:41:40.644    ComputerName: MARK-HP  UserName: Mark
03:41:41.170    Initialze error 1 
03:41:44.397    AVAST engine defs: 14061201
03:42:30.512    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
03:42:30.515    Disk 0 Vendor: Hitachi_ MN5O Size: 1430799MB BusType: 3
03:42:30.531    Disk 0 MBR read successfully
03:42:30.534    Disk 0 MBR scan
03:42:30.538    Disk 0 unknown MBR code
03:42:30.541    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
03:42:30.544    Disk 0 scanning C:\Windows\system32\drivers
03:42:30.547    Service scanning
03:42:31.099    Modules scanning
03:42:31.104    Disk 0 trace - called modules:
03:42:31.114    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
03:42:31.119    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800772a790]
03:42:31.124    3 CLASSPNP.SYS[fffff88001c7143f] -> nt!IofCallDriver -> [0xfffffa8007632950]
03:42:31.131    5 ACPI.sys[fffff88000f527a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007729050]
03:42:31.137    AVAST engine scan C:\Windows
03:42:31.143    AVAST engine scan C:\Windows\system32
03:42:31.149    AVAST engine scan C:\Windows\system32\drivers
03:42:31.155    AVAST engine scan C:\Users\Mark
03:42:31.162    AVAST engine scan C:\ProgramData
03:42:31.168    Scan finished successfully
03:43:10.387    Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
03:43:10.590    The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"
Link to post
Share on other sites

No, that´s ok.

 

 

Scan file(s) via VirusTotal

Please check the file in the code box via Virustotal

  • Click browse
  • copy the following into the search box
    C:\Users\Mark\Desktop\MBR.dat
  • and click open.
  • click Send File.

please be patinet until the file is uploade completely. If you get the message

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:
click on Reanalyse. Wait until Current status: Finished appears. Now, copy the link from within your browser´s adress bar and poste it here.
Link to post
Share on other sites

Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

  • Click the "Windows Orb" Start button, then click Computer.
  • Right-click on the drive that you wish to check > Properties > Tools tab
  • In the "Error checking" section, click on Check now.
  • Place a checkmark in both boxes > Start.
  • If the disk you have chosen is the Windows system disk:
  • A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
  • Click Schedule disk check > OK and close all windows.
  • Re-start the computer. The disk will be checked when the system boots.
  • This will take some time to run and at times may appear stalled but just let it run.
  • When the disk check is complete, the system will re-start automatically and load Windows.


A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

  • Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
  • The Event Viewer window will open.
  • In the left pane, expand "Windows Logs" and then click on Application.
  • In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
  • Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
  • Click on that Wininit entry to select it.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.

 

 

 

System File Check

For Windows XP:

  • Press the Windows- and the R-key simultanously.
  • Within the text box that jus opened, write cmd and hit Enter.


For Windows Vista/7:

  • Press the Windows key to open the start menu.
  • Don´t highlight anything, just write cmd.
  • The start menu will offer you an entry named cmd.
  • Right click it and select "run as administrator"




Within the opening window, write the following:

sfc /scannow
(See the blank within).


  • Hit enter. Your system will be checked for damaged system files.
  • Tell me the result of that scan in here (as the tool produces no log).

Link to post
Share on other sites

The result of the system file check was that "Windows Resource Protection did not find any integrity violations."  Here is the log from the Error Checking Utility:

 

Log Name:      Application

Source:        Microsoft-Windows-Wininit

Date:          6/13/2014 5:32:42 PM

Event ID:      1001

Task Category: None

Level:         Information

Keywords:      Classic

User:          N/A

Computer:      Mark-HP

Description:

 

 

Checking file system on C:

The type of the file system is NTFS.

Volume label is OS.

 

A disk check has been scheduled.

Windows will now check the disk.                         

 

CHKDSK is verifying files (stage 1 of 5)...

  414720 file records processed.                                         

 

File verification completed.

  368 large file records processed.                                   

 

  0 bad file records processed.                                     

 

  0 EA records processed.                                           

 

  44 reparse records processed.                                      

 

CHKDSK is verifying indexes (stage 2 of 5)...

  484012 index entries processed.                                        

 

Index verification completed.

  0 unindexed files scanned.                                        

 

  0 unindexed files recovered.                                      

 

CHKDSK is verifying security descriptors (stage 3 of 5)...

  414720 file SDs/SIDs processed.                                        

 

Cleaning up 456 unused index entries from index $SII of file 0x9.

Cleaning up 456 unused index entries from index $SDH of file 0x9.

Cleaning up 456 unused security descriptors.

Security descriptor verification completed.

  34647 data files processed.                                           

 

CHKDSK is verifying Usn Journal...

  34180488 USN bytes processed.                                            

 

Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

  414704 files processed.                                                

 

File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

  316361563 free clusters processed.                                        

 

Free space verification is complete.

CHKDSK discovered free space marked as allocated in the

master file table (MFT) bitmap.

CHKDSK discovered free space marked as allocated in the volume bitmap.

Windows has made corrections to the file system.

 

1443733503 KB total disk space.

 177546060 KB in 379455 files.

    181820 KB in 34648 indexes.

         0 KB in bad sectors.

    559367 KB in use by the system.

     65536 KB occupied by the log file.

1265446256 KB available on disk.

 

      4096 bytes in each allocation unit.

 360933375 total allocation units on disk.

 316361564 allocation units available on disk.

 

Internal Info:

00 54 06 00 a3 51 06 00 09 72 0b 00 00 00 00 00  .T...Q...r......

90 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ....,...........

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

 

Windows has finished checking your disk.

Please wait while your computer restarts.

 

Event Xml:


  <System>

    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />

    <EventID Qualifiers="16384">1001</EventID>

    <Version>0</Version>

    <Level>4</Level>

    <Task>0</Task>

    <Opcode>0</Opcode>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2014-06-13T22:32:42.000000000Z" />

    <EventRecordID>6141</EventRecordID>

    <Correlation />

    <Execution ProcessID="0" ThreadID="0" />

    <Channel>Application</Channel>

    <Computer>Mark-HP</Computer>

    <Security />

  </System>

  <EventData>

    <Data>

 

Checking file system on C:

The type of the file system is NTFS.

Volume label is OS.

 

A disk check has been scheduled.

Windows will now check the disk.                         

 

CHKDSK is verifying files (stage 1 of 5)...

  414720 file records processed.                                         

 

File verification completed.

  368 large file records processed.                                   

 

  0 bad file records processed.                                     

 

  0 EA records processed.                                           

 

  44 reparse records processed.                                      

 

CHKDSK is verifying indexes (stage 2 of 5)...

  484012 index entries processed.                                        

 

Index verification completed.

  0 unindexed files scanned.                                        

 

  0 unindexed files recovered.                                      

 

CHKDSK is verifying security descriptors (stage 3 of 5)...

  414720 file SDs/SIDs processed.                                        

 

Cleaning up 456 unused index entries from index $SII of file 0x9.

Cleaning up 456 unused index entries from index $SDH of file 0x9.

Cleaning up 456 unused security descriptors.

Security descriptor verification completed.

  34647 data files processed.                                           

 

CHKDSK is verifying Usn Journal...

  34180488 USN bytes processed.                                            

 

Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...

  414704 files processed.                                                

 

File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...

  316361563 free clusters processed.                                        

 

Free space verification is complete.

CHKDSK discovered free space marked as allocated in the

master file table (MFT) bitmap.

CHKDSK discovered free space marked as allocated in the volume bitmap.

Windows has made corrections to the file system.

 

1443733503 KB total disk space.

 177546060 KB in 379455 files.

    181820 KB in 34648 indexes.

         0 KB in bad sectors.

    559367 KB in use by the system.

     65536 KB occupied by the log file.

1265446256 KB available on disk.

 

      4096 bytes in each allocation unit.

 360933375 total allocation units on disk.

 316361564 allocation units available on disk.

 

Internal Info:

00 54 06 00 a3 51 06 00 09 72 0b 00 00 00 00 00  .T...Q...r......

90 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ....,...........

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

 

Windows has finished checking your disk.

Please wait while your computer restarts.

</Data>

  </EventData>

</Event>

Link to post
Share on other sites

So, there was an error at the end of ComboFix and no log was created.  Basically, it said that it could not find a file named something (I didn't write it down) and then closed without creating the log.  Also, I'm not sure if this is important, but the entire time when running ComboFix, I was getting an error that was saying a file named "Nirkmd" or something similar could not be found (however, it seemed like part of the program - this popped up every time made progress).  Finally, (again, not sure if this is important) after ComboFix rebooted my computer, the dialogue box popped up and said "ComboFix is creating a log.  Don't run any programs until it is finished." My antivirus and malwarebytes are both set up to run on startup, so they ran while ComboFix was finishing up.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.