Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible malware infection -iastor.sys bsod


  • This topic is locked This topic is locked
20 replies to this topic

#1 deprived94

deprived94

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 09 May 2013 - 04:22 AM

Hi, i think that i might be infected after installing a game. At first, everything was fine but when i left the desktop in idle mode, it went into bsod and the only codes i saw were 0x50 and iastor.sys. I did a restart but i realised that it took a lot longer to boot than usual. I then proceeded to uninstall the game and did 2 individual scans with malwarebtyes free edition and MSE however there were nothreats found. I am really paranoid as i have searched online and most of the post stated that iastor.sys is some virus unless i'm wrong.  So yea thanks for any help in advance and heres my dds log.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537
Run by erik at 17:19:06 on 2013-05-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.65.1033.18.6103.3829 [GMT 8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Garena Plus\bbtalk\GarenaTalkOverlay.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - 
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\erik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1BB5E6F0-3E7E-44D3-8715-DCD9D0BE5706} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{493B10FE-1A35-4105-A535-DA63476B44CD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{493B10FE-1A35-4105-A535-DA63476B44CD}\542796B672370284F6D656 : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-1-22 13336]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-4-28 239176]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-1-23 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-1-23 702976]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-1-23 239616]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-1 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe" --> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [?]
S3 MHIKEY10;MHIKEY10;C:\Windows\System32\drivers\MHIKEY10x64.sys [2010-4-9 59392]
S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\System32\drivers\nmwcdx64.sys [2007-6-28 173056]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-24 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-2 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2018-08-29 12:41:16 -------- d--h--w- C:\Windows\msdownld.tmp
2014-08-18 13:54:34 -------- d--h--w- C:\SYSTEM.SAV
2014-08-18 13:54:34 -------- d---a-w- C:\swsetup
2014-02-03 01:08:04 -------- d-----w- C:\Users\erik\AppData\Local\{14B74581-14A6-4232-921E-FE360964A0AA}
2014-02-02 01:43:49 -------- d-----w- C:\Users\erik\AppData\Local\{07870DD6-F650-408A-BF76-7A7E45F1D2D4}
2014-02-02 01:43:37 -------- d-----w- C:\Users\erik\AppData\Local\{CF0AB0CD-143C-40A6-B43A-4C7A9E631AB2}
2013-05-09 08:49:26 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9A85259-8B51-4F9C-8836-0B04F29F175F}\mpengine.dll
2013-05-09 08:39:00 -------- d-----w- C:\Users\erik\AppData\Local\{3D5DB1A3-FBA3-4FB9-87E3-A8F6A219B65F}
2013-05-08 11:30:50 -------- d-----w- C:\ProgramData\Steam
2013-05-08 09:53:32 -------- d-----w- C:\Users\erik\AppData\Local\{861EFF92-1A13-464E-BF4F-52A093255B54}
2013-05-08 08:22:59 9317456 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-08 08:07:51 -------- d-----w- C:\Users\erik\AppData\Local\{75A50A46-1E76-421C-A772-178EC0BE6F19}
2013-05-07 07:50:46 -------- d-----w- C:\Users\erik\AppData\Local\{19093881-5895-40F8-AF3B-D5442118A6E5}
2013-05-06 13:21:05 -------- d-----w- C:\Users\erik\AppData\Roaming\raidcall
2013-05-06 13:20:27 -------- d-----w- C:\Program Files (x86)\RaidCall
2013-05-06 08:00:36 -------- d-----w- C:\Users\erik\AppData\Local\{DA066642-1156-48AD-89E7-18F91EBE5AC2}
2013-05-06 01:00:58 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-05 02:07:52 -------- d-----w- C:\Users\erik\AppData\Local\{4D1782C5-81C2-4D90-8ADB-6F5195FBA38B}
2013-05-04 17:50:30 877856 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-05-04 17:50:30 6398240 ----a-w- C:\Windows\System32\nvcpl.dll
2013-05-04 17:50:30 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-05-04 17:50:30 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-05-04 17:50:30 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-05-04 17:50:30 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-05-04 17:50:13 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-05-04 17:48:54 -------- d-----w- C:\NVIDIA
2013-05-04 17:40:14 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-05-04 17:30:12 -------- d-----w- C:\Users\erik\AppData\Local\{4B0B218D-1F78-4B66-B44A-EC9EAD232928}
2013-05-04 17:20:13 -------- d-----w- C:\Users\erik\AppData\Local\{89A26572-A7E3-4952-BA76-19CD00C9C4F8}
2013-05-04 16:32:43 -------- d-----w- C:\Users\erik\AppData\Local\NVIDIA
2013-05-04 16:22:38 -------- d-----w- C:\Users\erik\AppData\Local\{AE01698C-ED93-4FE0-9666-1D38AB952AA3}
2013-05-03 08:15:53 -------- d-----w- C:\Windows\SysWow64\directx
2013-05-03 08:15:28 -------- d-----w- C:\Program Files (x86)\MSI Afterburner
2013-05-03 05:58:59 -------- d-----w- C:\Users\erik\AppData\Local\{211AE7A3-742C-4360-BBC5-94ACABCC2F66}
2013-05-02 12:57:51 -------- d-----w- C:\Users\erik\AppData\Roaming\Malwarebytes
2013-05-02 12:57:40 -------- d-----w- C:\ProgramData\Malwarebytes
2013-05-02 12:57:38 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-05-02 12:57:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-02 08:43:43 -------- d-----w- C:\Users\erik\AppData\Local\{20AB566A-C520-4417-B620-3F1FB599C99A}
2013-05-01 05:46:08 -------- d-----w- C:\Users\erik\AppData\Local\{228DA0DF-592C-4F44-B0C0-A7E421C00509}
2013-05-01 02:51:51 -------- d-----w- C:\Users\erik\AppData\Local\{6EA5BED9-F06B-45B3-86CB-C9EFF2391492}
2013-04-30 10:59:06 -------- d-----w- C:\Users\erik\AppData\Roaming\Garena
2013-04-30 10:59:06 -------- d-----w- C:\ProgramData\Garena
2013-04-30 09:19:04 -------- d-----w- C:\Users\erik\AppData\Local\{1789E808-773C-4F7F-BC9F-DC3DF96671BE}
2013-04-29 01:12:02 -------- d-----w- C:\Users\erik\AppData\Local\{3849E51D-1314-4615-9292-E175E9914590}
2013-04-28 11:06:10 -------- d-----w- C:\Users\erik\AppData\Local\{411022D7-6D3F-4441-83C6-0E82E16667C5}
2013-04-27 17:41:05 -------- d-----w- C:\Windows\System32\SRSLabs
2013-04-27 17:41:01 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-04-27 17:41:01 -------- d-----w- C:\Program Files\Realtek
2013-04-27 17:32:15 -------- d-----w- C:\Program Files (x86)\Phyxion.net
2013-04-27 16:24:01 -------- d-----w- C:\Users\erik\AppData\Local\{E04D81F3-6A1C-4141-974E-859C0E19FDBE}
2013-04-27 03:09:16 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87386880-641A-425F-937C-CE5812317772}\gapaengine.dll
2013-04-27 03:04:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-04-27 03:04:35 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-04-27 02:58:12 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2013-04-26 23:48:15 -------- d-----w- C:\Users\erik\AppData\Local\{C89C2112-3460-4CB9-A11F-871D40A783F6}
2013-04-26 12:56:58 -------- d-----w- C:\Users\erik\AppData\Local\FLT
2013-04-26 12:44:56 -------- d-----w- C:\Program Files (x86)\BioShock Infinite
2013-04-26 08:59:16 -------- d-----w- C:\Users\erik\AppData\Local\NBGI
2013-04-26 08:57:59 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll
2013-04-26 08:56:51 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5630BCCF-8ADC-47A8-B146-68A9467587F8}\offreg.dll
2013-04-26 08:42:10 -------- d-----w- C:\Program Files (x86)\NAMCO BANDAI Games
2013-04-26 08:42:06 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2013-04-26 08:40:53 393576 ----a-w- C:\Windows\System32\xactengine2_6.dll
2013-04-26 08:40:53 255848 ----a-w- C:\Windows\SysWow64\xactengine2_6.dll
2013-04-26 08:40:38 390424 ----a-w- C:\Windows\System32\xactengine2_5.dll
2013-04-26 08:40:38 251672 ----a-w- C:\Windows\SysWow64\xactengine2_5.dll
2013-04-26 08:40:24 469264 ----a-w- C:\Windows\System32\d3dx10.dll
2013-04-26 08:40:24 440080 ----a-w- C:\Windows\SysWow64\d3dx10.dll
2013-04-26 08:39:54 364824 ----a-w- C:\Windows\System32\xactengine2_4.dll
2013-04-26 08:39:54 237848 ----a-w- C:\Windows\SysWow64\xactengine2_4.dll
2013-04-26 08:39:54 17688 ----a-w- C:\Windows\System32\x3daudio1_1.dll
2013-04-26 08:39:54 15128 ----a-w- C:\Windows\SysWow64\x3daudio1_1.dll
2013-04-26 08:39:40 3977496 ----a-w- C:\Windows\System32\d3dx9_31.dll
2013-04-26 08:39:40 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2013-04-26 08:39:25 363288 ----a-w- C:\Windows\System32\xactengine2_3.dll
2013-04-26 08:39:25 236824 ----a-w- C:\Windows\SysWow64\xactengine2_3.dll
2013-04-26 08:39:11 83736 ----a-w- C:\Windows\System32\xinput1_2.dll
2013-04-26 08:39:11 62744 ----a-w- C:\Windows\SysWow64\xinput1_2.dll
2013-04-26 08:36:56 3767504 ----a-w- C:\Windows\System32\d3dx9_26.dll
2013-04-26 08:36:56 2297552 ----a-w- C:\Windows\SysWow64\d3dx9_26.dll
2013-04-26 08:32:25 91568 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2013-04-26 08:32:10 -------- d-----w- C:\Program Files (x86)\PowerISO
2013-04-26 08:21:05 -------- d-----w- C:\Users\erik\AppData\Roaming\uTorrent
2013-04-26 06:40:26 -------- d-----w- C:\Users\erik\AppData\Local\{9CF7C8B2-C5A1-4CFA-A95F-A247B10BBDCB}
2013-04-25 15:39:09 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-04-25 15:39:09 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-04-25 15:34:27 -------- d-----w- C:\ProgramData\Battle.net
2013-04-25 12:26:33 -------- d-----w- C:\Users\erik\AppData\Local\{11E7EB20-DCA9-4A0A-8BED-5EF44C8BFB15}
2013-04-25 11:23:14 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-25 11:14:17 -------- d-----w- C:\Users\erik\AppData\Local\{517CE58F-E3A5-4488-94EA-1B8EEFABC6AF}
2013-04-23 10:01:10 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5630BCCF-8ADC-47A8-B146-68A9467587F8}\mpengine.dll
2013-04-23 09:37:18 -------- d-----w- C:\Users\erik\AppData\Local\{0AF46812-CC04-4B65-B973-9A7B61D7448A}
2013-04-22 09:37:55 -------- d-----w- C:\Users\erik\AppData\Local\{CE0F0C24-C7A5-499C-9E4F-61FBF877DED8}
2013-04-21 09:30:47 -------- d-----r- C:\Program Files (x86)\Skype
2013-04-21 04:36:56 -------- d-----w- C:\Users\erik\AppData\Local\{1C97D1B6-6489-4C8E-B378-62F293198813}
2013-04-20 14:22:05 -------- d-----w- C:\Program Files\CCleaner
2013-04-20 07:33:35 -------- d-----w- C:\Users\erik\AppData\Roaming\NVIDIA
2013-04-20 07:15:57 -------- d-----w- C:\Users\erik\AppData\Local\{0DB8738F-C9C6-40E3-B4A1-285140069856}
2013-04-20 06:52:19 -------- d-----w- C:\Users\erik\AppData\Local\{310B3C09-A8C8-4467-85C7-467326B801C7}
2013-04-20 06:47:33 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-04-20 06:45:51 -------- d-----w- C:\Users\erik\AppData\Local\{14C1A918-BB7F-43DB-8DBB-F8AA159E4FD7}
2013-04-19 14:23:30 262144 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-04-19 14:23:29 86016 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-04-19 14:17:31 3972 ----a-w- C:\Windows\SysWow64\drivers\PciBus.sys
2013-04-19 14:17:31 27672 ----a-w- C:\Windows\SysWow64\drivers\Entech.sys
2013-04-19 14:17:31 12744 ----a-w- C:\Windows\SysWow64\drivers\Entech64.sys
2013-04-19 14:17:31 -------- d-----w- C:\Windows\SysWow64\Futuremark
2013-04-19 05:32:39 -------- d-----w- C:\Users\erik\AppData\Local\{3F45875C-415E-4305-A4EA-630A13BF7179}
2013-04-18 08:53:49 -------- d-----w- C:\Users\erik\AppData\Local\{4218D189-5760-4303-834C-57F00A5B585C}
2013-04-17 10:22:01 -------- d-----w- C:\Users\erik\AppData\Local\{4DFE3B69-EECF-46BD-A754-6FC65C3496D6}
2013-04-16 08:56:46 -------- d-----w- C:\Users\erik\AppData\Local\{C3606676-C289-4C0B-BCF4-A9785E85C5E2}
2013-04-15 08:35:34 -------- d-----w- C:\Users\erik\AppData\Local\{C733DD3C-8AAD-459A-BB34-2312D4E1D764}
2013-04-14 14:22:29 -------- d-----w- C:\Users\erik\AppData\Local\{F763C8A7-7350-4FC9-B4EB-07B0CE32F41D}
2013-04-14 05:24:31 -------- d-----w- C:\Users\erik\AppData\Local\{F3C26083-7CEA-45F8-820F-853CCA634E8C}
2013-04-14 05:19:29 -------- d-----w- C:\Users\erik\AppData\Local\{867CB9E1-649B-43D6-BD64-91D304B11C96}
2013-04-14 05:17:11 -------- d-----w- C:\Users\erik\AppData\Local\{948A9A2A-73D7-41A9-8E73-4772472BD745}
2013-04-14 04:58:33 -------- d-----w- C:\Users\erik\AppData\Local\{F5A576B7-BB4C-4979-9E0E-AA41B66741CD}
2013-04-14 04:43:41 -------- d-----w- C:\Users\erik\AppData\Local\{CF7140F2-99CA-4A36-A9B6-921F1C511970}
2013-04-13 15:34:08 -------- d-----w- C:\Users\erik\AppData\Local\{55912F1D-CC0F-4D98-9D98-71E31195BF6F}
2013-04-13 03:33:55 -------- d-----w- C:\Users\erik\AppData\Local\{A4684F73-9A17-4CAE-AC78-DA034ACB04EA}
2013-04-12 15:33:30 -------- d-----w- C:\Users\erik\AppData\Local\{66169839-8BBE-4814-B5F0-E40B12ACBC86}
2013-04-12 03:33:31 -------- d-----w- C:\Users\erik\AppData\Local\{2757CAE9-612C-4E91-9101-14CDBD8F3268}
2013-04-11 07:09:59 -------- d-----w- C:\Program Files\Speccy
2013-04-11 03:08:00 -------- d-----w- C:\Users\erik\AppData\Local\{AC924A6B-7B6B-4919-B12A-48C4906A65FF}
2013-04-11 02:56:41 -------- d-----w- C:\Users\erik\AppData\Local\{3FB9F1CE-FE5F-4C67-8A85-96DC32597FD9}
2013-04-10 14:04:43 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 14:04:41 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-10 14:04:39 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 14:04:39 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-10 14:04:39 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 14:04:39 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-10 14:00:45 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 13:56:38 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 13:56:35 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 13:56:34 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 13:56:34 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 13:56:33 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 13:56:33 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 13:56:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 06:13:19 -------- d-----w- C:\Users\erik\AppData\Roaming\xim
2013-04-10 05:23:27 -------- d-----w- C:\Users\erik\AppData\Local\{408DD458-B501-49BD-A556-886CDB2854A3}
2013-04-10 03:27:36 -------- d-----w- C:\Users\erik\AppData\Local\{9BCBED4E-4A02-4007-92E1-DDD5E16BE1D9}
2013-04-10 03:12:53 -------- d-----w- C:\Users\erik\AppData\Local\{5B5B02C5-8DBF-45D4-A141-2888A25A54F9}
2013-04-10 03:08:57 -------- d-----w- C:\Users\erik\AppData\Local\{32BB764F-7C32-470A-828D-4FA27B34DAF3}
2013-04-09 13:13:38 -------- d-----w- C:\Users\erik\AppData\Local\{4CBEBF6A-97E8-4BA7-94B9-4E0301EE9B5E}
.
==================== Find3M  ====================
.
2013-05-06 01:00:58 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-26 23:51:03 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-26 23:51:03 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-02 13:53:03 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-04-02 13:53:02 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-03-29 13:42:42 3379272 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2013-03-29 10:04:04 21170176 ----a-w- C:\Windows\System32\RCoRes64.dat
2013-03-27 08:57:08 135240 ----a-w- C:\Windows\System32\RCoInstII64.dll
2013-03-26 09:06:30 2797128 ----a-w- C:\Windows\System32\RtPgEx64.dll
2013-03-26 09:04:40 2734624 ----a-w- C:\Windows\System32\FMAPO64.dll
2013-03-26 07:40:04 3693128 ----a-w- C:\Windows\System32\RtkAPO64.dll
2013-03-26 06:38:02 1659464 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2013-03-22 19:43:22 208072 ----a-w- C:\Windows\System32\AERTAC64.dll
2013-03-12 10:16:20 613448 ----a-w- C:\Windows\System32\RtDataProc64.dll
2013-02-20 10:55:16 1284680 ----a-w- C:\Windows\System32\RTCOM64.dll
2013-02-19 10:52:38 991816 ----a-w- C:\Windows\System32\RtkApi64.dll
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
============= FINISH: 17:19:30.95 ===============
 
 

Attached Files


Edited by deprived94, 09 May 2013 - 04:25 AM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 09 May 2013 - 02:53 PM

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 10 May 2013 - 01:07 AM

Hi, thanks for helping me out. Here are the logs

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-05-2013
Ran by erik (administrator) on 10-05-2013 14:01:28
Running from C:\Users\erik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
() C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Garena Plus\bbtalk\GarenaTalkOverlay.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Users\erik\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\erik\Desktop\FRST64.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [610360 2009-09-14] ()
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" [5120 2013-05-10] ()
HKCU\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKCU\...\Run: [Google Update] "C:\Users\erik\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-10-24] (Google Inc.)
HKCU\...\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch [9829168 2013-05-03] ()
MountPoints2: J - J:\setup.exe
MountPoints2: K - K:\setup.exe
HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 [x]
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sg.msn.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [65024] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Chrome: 
=======
CHR HomePage: hxxp://sg.msn.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\erik\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\erik\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\erik\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Garena Talk Plugin) - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (AdBlock) - C:\Users\erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0
CHR Extension: (Google Dictionary (by Google)) - C:\Users\erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.17_0
 
==================== Services (Whitelisted) =================
 
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
S3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe" [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [59392 2010-04-09] (Generic USB smartcard reader)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 nmwcdx64; C:\Windows\System32\drivers\nmwcdx64.sys [173056 2007-06-28] (Nokia)
S3 cpuz135; \??\C:\Users\erik\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S4 NVHDA; system32\drivers\nvhda64v.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2018-08-30 12:17 - 2013-04-10 20:26 - 00002408 ____A C:\Users\erik\Desktop\Google Chrome.lnk
2018-08-30 12:16 - 2013-05-09 22:29 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001UA.job
2018-08-30 12:16 - 2013-05-05 14:29 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001Core.job
2018-08-30 12:08 - 2013-05-09 20:27 - 00007598 ____A C:\Users\erik\AppData\Local\Resmon.ResmonCfg
2018-08-29 20:41 - 2013-05-03 16:15 - 00000000 ___HD C:\Windows\msdownld.tmp
2018-08-29 20:36 - 2018-08-29 20:37 - 09057936 ____A (Microsoft Corporation) C:\Users\erik\Downloads\MSNOIE8_ENSG_W64L.EXE
2014-08-18 21:54 - 2014-08-18 21:54 - 00000000 ___HD C:\SYSTEM.SAV
2014-08-18 21:54 - 2013-04-07 18:02 - 00000000 ___AD C:\swsetup
2014-02-03 09:08 - 2014-02-03 09:08 - 00000000 ____D C:\Users\erik\AppData\Local\{14B74581-14A6-4232-921E-FE360964A0AA}
2014-02-02 09:43 - 2014-02-02 09:44 - 00000000 ____D C:\Users\erik\AppData\Local\{07870DD6-F650-408A-BF76-7A7E45F1D2D4}
2014-02-02 09:43 - 2014-02-02 09:43 - 00000000 ____D C:\Users\erik\AppData\Local\{CF0AB0CD-143C-40A6-B43A-4C7A9E631AB2}
2013-05-10 14:01 - 2013-05-10 14:01 - 00000000 ____D C:\FRST
2013-05-10 14:00 - 2013-05-10 14:00 - 01874958 ____A (Farbar) C:\Users\erik\Desktop\FRST64.exe
2013-05-10 13:57 - 2013-05-10 13:57 - 00000000 ____D C:\Users\erik\AppData\Local\{32353FB5-8ED1-4FD2-B5D0-0899D13B8A8D}
2013-05-09 17:20 - 2013-05-09 17:20 - 00000000 ____D C:\Users\erik\Desktop\Upload
2013-05-09 17:17 - 2013-05-09 17:18 - 00688992 ____R (Swearware) C:\Users\erik\Desktop\dds.com
2013-05-09 16:39 - 2013-05-09 16:39 - 00000000 ____D C:\Users\erik\AppData\Local\{3D5DB1A3-FBA3-4FB9-87E3-A8F6A219B65F}
2013-05-08 19:30 - 2013-05-08 19:30 - 00000000 ____D C:\ProgramData\Steam
2013-05-08 17:53 - 2013-05-08 17:53 - 00000000 ____D C:\Users\erik\AppData\Local\{861EFF92-1A13-464E-BF4F-52A093255B54}
2013-05-08 16:07 - 2013-05-08 16:07 - 00000000 ____D C:\Users\erik\AppData\Local\{75A50A46-1E76-421C-A772-178EC0BE6F19}
2013-05-07 15:50 - 2013-05-07 15:50 - 00000000 ____D C:\Users\erik\AppData\Local\{19093881-5895-40F8-AF3B-D5442118A6E5}
2013-05-06 21:21 - 2013-05-06 21:21 - 00000000 ____D C:\Users\erik\AppData\Roaming\raidcall
2013-05-06 21:20 - 2013-05-07 17:08 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-05-06 21:19 - 2013-05-06 21:19 - 05516016 ____A C:\Users\erik\Downloads\raidcall_v7.2.0.exe
2013-05-06 16:00 - 2013-05-06 16:00 - 00000000 ____D C:\Users\erik\AppData\Local\{DA066642-1156-48AD-89E7-18F91EBE5AC2}
2013-05-06 09:02 - 2013-05-06 09:02 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-06 09:02 - 2013-05-06 09:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-06 09:02 - 2013-05-06 09:02 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-06 09:02 - 2013-05-06 09:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-06 09:02 - 2013-05-06 09:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-06 09:02 - 2013-05-06 09:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-06 09:02 - 2013-05-06 09:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-06 09:02 - 2013-05-06 09:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-06 09:02 - 2013-05-06 09:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-06 09:02 - 2013-05-06 09:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-06 09:02 - 2013-05-06 09:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-06 09:00 - 2013-05-06 09:00 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-06 08:59 - 2013-05-06 09:04 - 00007985 ____A C:\Windows\IE10_main.log
2013-05-05 10:15 - 2013-05-05 11:51 - 00000457 ____A C:\Users\erik\Downloads\Boeing.txt
2013-05-05 10:07 - 2013-05-05 10:07 - 00000000 ____D C:\Users\erik\AppData\Local\{4D1782C5-81C2-4D90-8ADB-6F5195FBA38B}
2013-05-05 01:55 - 2013-05-05 01:55 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
2013-05-05 01:54 - 2013-05-05 01:54 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-05-05 01:54 - 2010-07-08 23:41 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-05-05 01:51 - 2013-05-05 01:54 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-05 01:50 - 2013-05-05 01:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-05-05 01:50 - 2013-05-05 01:50 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-05 01:50 - 2013-03-15 12:16 - 06398240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-05-05 01:50 - 2013-03-15 12:16 - 03477280 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-05-05 01:50 - 2013-03-15 12:16 - 00877856 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-05-05 01:50 - 2013-03-15 12:16 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-05-05 01:50 - 2013-03-15 12:16 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-05-05 01:50 - 2013-03-14 00:24 - 03065455 ____A C:\Windows\System32\nvcoproc.bin
2013-05-05 01:49 - 2013-03-15 13:53 - 26956576 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 25256736 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 20542752 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 17990800 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 15508512 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 15042928 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 13088000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 11048736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-05-05 01:49 - 2013-03-15 13:53 - 09414456 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 07959000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 07573816 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 06271872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 02913056 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 02864144 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 02728736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 02539128 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 02355488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 01995552 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 01807136 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6431422.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 01510176 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6431422.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 01118776 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00968408 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00420128 ____A (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00364832 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00250504 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00205184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-05-05 01:49 - 2013-03-15 13:53 - 00017738 ____A C:\Windows\System32\nvinfo.pb
2013-05-05 01:48 - 2013-05-05 01:48 - 00000000 ____D C:\NVIDIA
2013-05-05 01:40 - 2013-05-05 01:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-05 01:30 - 2013-05-05 01:30 - 00000000 ____D C:\Users\erik\AppData\Local\{4B0B218D-1F78-4B66-B44A-EC9EAD232928}
2013-05-05 01:20 - 2013-05-05 01:20 - 00000000 ____D C:\Users\erik\AppData\Local\{89A26572-A7E3-4952-BA76-19CD00C9C4F8}
2013-05-05 00:32 - 2013-05-05 01:56 - 00000000 ____D C:\Users\erik\AppData\Local\NVIDIA
2013-05-05 00:30 - 2013-05-06 08:59 - 00764302 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-05 00:28 - 2013-05-05 00:29 - 11268424 ____A (NVIDIA Corporation) C:\Users\erik\Downloads\GeForce_Experience_v1.1.exe
2013-05-05 00:22 - 2013-05-05 00:22 - 00000000 ____D C:\Users\erik\AppData\Local\{AE01698C-ED93-4FE0-9666-1D38AB952AA3}
2013-05-03 16:15 - 2013-05-05 01:02 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-05-03 16:15 - 2013-05-03 16:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-05-03 16:15 - 2013-05-03 16:15 - 00001084 ____A C:\Users\erik\Desktop\MSI Afterburner.lnk
2013-05-03 16:13 - 2013-01-23 14:13 - 09180976 ____A C:\Users\erik\Downloads\MSIAfterburnerSetup231.exe
2013-05-03 13:58 - 2013-05-03 13:58 - 00000000 ____D C:\Users\erik\AppData\Local\{211AE7A3-742C-4360-BBC5-94ACABCC2F66}
2013-05-02 20:57 - 2013-05-02 20:57 - 00001107 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\Users\erik\AppData\Roaming\Malwarebytes
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-02 20:57 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-02 16:43 - 2013-05-02 16:43 - 00000000 ____D C:\Users\erik\AppData\Local\{20AB566A-C520-4417-B620-3F1FB599C99A}
2013-05-01 13:46 - 2013-05-01 13:47 - 00000000 ____D C:\Users\erik\AppData\Local\{228DA0DF-592C-4F44-B0C0-A7E421C00509}
2013-05-01 10:51 - 2013-05-01 10:51 - 00000000 ____D C:\Users\erik\AppData\Local\{6EA5BED9-F06B-45B3-86CB-C9EFF2391492}
2013-04-30 18:59 - 2013-04-30 18:59 - 00000000 ____D C:\Users\erik\AppData\Roaming\Garena
2013-04-30 18:59 - 2013-04-30 18:59 - 00000000 ____D C:\ProgramData\Garena
2013-04-30 17:19 - 2013-04-30 17:19 - 00000000 ____D C:\Users\erik\AppData\Local\{1789E808-773C-4F7F-BC9F-DC3DF96671BE}
2013-04-29 09:12 - 2013-04-29 09:13 - 00000000 ____D C:\Users\erik\AppData\Local\{3849E51D-1314-4615-9292-E175E9914590}
2013-04-28 19:06 - 2013-04-28 19:07 - 00000000 ____D C:\Users\erik\AppData\Local\{411022D7-6D3F-4441-83C6-0E82E16667C5}
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Windows\System32\SRSLabs
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Program Files\Realtek
2013-04-28 01:40 - 2013-04-28 01:40 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-04-28 01:40 - 2013-03-29 21:42 - 03379272 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-04-28 01:40 - 2013-03-29 18:04 - 21170176 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2013-04-28 01:40 - 2013-03-29 17:10 - 00449481 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-04-28 01:40 - 2013-03-27 16:57 - 00135240 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-04-28 01:40 - 2013-03-26 17:06 - 02797128 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-04-28 01:40 - 2013-03-26 17:04 - 02734624 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-04-28 01:40 - 2013-03-26 15:40 - 03693128 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-04-28 01:40 - 2013-03-26 14:38 - 01659464 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-04-28 01:40 - 2013-03-23 03:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-04-28 01:40 - 2013-03-12 18:16 - 00613448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtDataProc64.dll
2013-04-28 01:40 - 2013-02-20 18:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-04-28 01:40 - 2013-02-19 18:52 - 00991816 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-04-28 01:40 - 2013-01-16 16:02 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-04-28 01:40 - 2012-06-20 17:26 - 00110592 ____A (Real Sound Lab SIA) C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2013-04-28 01:40 - 2012-03-08 11:47 - 00108640 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-04-28 01:40 - 2011-12-20 15:32 - 00331880 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-04-28 01:40 - 2011-11-22 16:28 - 00014952 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR64.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00375128 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00204120 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00101208 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-04-28 01:40 - 2010-11-08 07:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-04-28 01:40 - 2010-11-03 18:30 - 00149608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-04-28 01:40 - 2009-11-24 09:55 - 00518896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-04-28 01:40 - 2009-11-24 09:55 - 00211184 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-04-28 01:40 - 2009-11-24 09:55 - 00198896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-04-28 01:40 - 2009-11-24 09:55 - 00155888 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-04-28 01:32 - 2013-04-28 01:32 - 00001231 ____A C:\Users\Public\Desktop\Driver Sweeper.lnk
2013-04-28 01:32 - 2013-04-28 01:32 - 00000000 ____D C:\Program Files (x86)\Phyxion.net
2013-04-28 00:24 - 2013-04-28 00:25 - 00000000 ____D C:\Users\erik\AppData\Local\{E04D81F3-6A1C-4141-974E-859C0E19FDBE}
2013-04-27 11:04 - 2013-04-27 11:04 - 00001945 ____A C:\Windows\epplauncher.mif
2013-04-27 11:04 - 2013-04-27 11:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-04-27 11:04 - 2013-04-27 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-04-27 07:48 - 2013-04-27 07:49 - 00000000 ____D C:\Users\erik\AppData\Local\{C89C2112-3460-4CB9-A11F-871D40A783F6}
2013-04-27 07:47 - 2013-04-27 07:47 - 00291552 ____A C:\Windows\Minidump\042713-37518-01.dmp
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\Users\erik\Documents\My Games
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\Users\erik\AppData\Local\FLT
2013-04-26 20:55 - 2013-04-26 20:55 - 00002233 ____A C:\Users\Public\Desktop\Launch BioShock Infinite.lnk
2013-04-26 20:55 - 2013-04-26 20:55 - 00002198 ____A C:\Users\Public\Desktop\Launch BioShock Infinite Benchmarking Utility.lnk
2013-04-26 20:44 - 2013-04-26 20:56 - 00000000 ____D C:\Program Files (x86)\BioShock Infinite
2013-04-26 17:00 - 2013-04-26 17:00 - 00001725 ____A C:\Users\erik\Desktop\DARKSOULS - Shortcut.lnk
2013-04-26 16:59 - 2013-04-26 16:59 - 00000000 ____D C:\Users\erik\Documents\NBGI
2013-04-26 16:59 - 2013-04-26 16:59 - 00000000 ____D C:\Users\erik\AppData\Local\NBGI
2013-04-26 16:58 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-04-26 16:58 - 2010-06-02 04:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2013-04-26 16:58 - 2010-06-02 04:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-04-26 16:58 - 2010-06-02 04:55 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2013-04-26 16:58 - 2010-06-02 04:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2013-04-26 16:58 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 02401112 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 01907552 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 00511328 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2013-04-26 16:58 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00530776 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00176984 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00078680 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2013-04-26 16:58 - 2010-02-04 10:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-04-26 16:58 - 2009-09-04 17:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2013-04-26 16:58 - 2009-09-04 17:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-04-26 16:58 - 2009-09-04 17:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2013-04-26 16:58 - 2009-09-04 17:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-04-26 16:58 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-04-26 16:58 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-04-26 16:58 - 2009-03-09 15:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2013-04-26 16:58 - 2009-03-09 15:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2013-04-26 16:57 - 2009-09-04 17:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2013-04-26 16:57 - 2009-03-16 14:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00235856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00025936 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2013-04-26 16:57 - 2008-10-27 10:04 - 00023376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-04-26 16:57 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-04-26 16:57 - 2008-07-31 10:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-04-26 16:57 - 2008-07-31 10:41 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2013-04-26 16:57 - 2008-07-31 10:41 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2013-04-26 16:57 - 2008-07-31 10:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-04-26 16:57 - 2008-07-31 10:40 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2013-04-26 16:57 - 2008-07-31 10:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-04-26 16:57 - 2008-07-10 11:01 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-04-26 16:57 - 2008-07-10 11:00 - 04992520 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2013-04-26 16:57 - 2008-07-10 11:00 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-04-26 16:57 - 2008-07-10 11:00 - 01942552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2013-04-26 16:57 - 2008-07-10 11:00 - 01493528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-04-26 16:57 - 2008-07-10 11:00 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2013-04-26 16:57 - 2008-05-30 14:19 - 00511496 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2013-04-26 16:57 - 2008-05-30 14:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-04-26 16:57 - 2008-05-30 14:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-04-26 16:57 - 2008-05-30 14:18 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2013-04-26 16:57 - 2008-05-30 14:17 - 00068104 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2013-04-26 16:57 - 2008-05-30 14:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-04-26 16:57 - 2008-05-30 14:16 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2013-04-26 16:49 - 2013-04-26 16:49 - 00000000 ____D C:\Users\erik\Downloads\DSfix15-19-1-5
2013-04-26 16:45 - 2013-04-26 16:46 - 00000000 ____D C:\Users\erik\Downloads\DSfix12
2013-04-26 16:43 - 2013-04-26 16:54 - 00000000 ____D C:\Users\erik\Downloads\BioShock_Infinite-FLT
2013-04-26 16:42 - 2013-04-26 16:42 - 00000000 ____D C:\Program Files (x86)\NAMCO BANDAI Games
2013-04-26 16:42 - 2009-09-04 17:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-04-26 16:41 - 2013-04-26 16:41 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-04-26 16:41 - 2013-04-26 16:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-04-26 16:41 - 2008-05-30 14:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 04991496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 01941528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2013-04-26 16:41 - 2008-05-30 14:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-04-26 16:41 - 2008-03-05 16:04 - 00489480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2013-04-26 16:41 - 2008-03-05 16:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-04-26 16:41 - 2008-03-05 16:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-04-26 16:41 - 2008-03-05 16:03 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2013-04-26 16:41 - 2008-03-05 16:00 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2013-04-26 16:41 - 2008-03-05 16:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-04-26 16:41 - 2008-03-05 15:56 - 04910088 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2013-04-26 16:41 - 2008-03-05 15:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-04-26 16:41 - 2008-03-05 15:56 - 01860120 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2013-04-26 16:41 - 2008-03-05 15:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-04-26 16:41 - 2008-02-05 23:07 - 00529424 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2013-04-26 16:41 - 2008-02-05 23:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-04-26 16:41 - 2007-10-22 03:40 - 00411656 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2013-04-26 16:41 - 2007-10-22 03:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-04-26 16:41 - 2007-10-22 03:37 - 00021000 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2013-04-26 16:41 - 2007-10-22 03:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-04-26 16:41 - 2007-10-12 15:14 - 05081608 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2013-04-26 16:41 - 2007-10-12 15:14 - 03734536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-04-26 16:41 - 2007-10-12 15:14 - 02006552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2013-04-26 16:41 - 2007-10-12 15:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-04-26 16:41 - 2007-10-02 09:56 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2013-04-26 16:41 - 2007-10-02 09:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-04-26 16:41 - 2007-07-20 00:57 - 00411496 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2013-04-26 16:41 - 2007-07-20 00:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 05073256 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 01985904 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2013-04-26 16:41 - 2007-07-19 18:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-04-26 16:41 - 2007-06-20 20:49 - 00409960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2013-04-26 16:41 - 2007-06-20 20:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 04496232 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 01401200 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2013-04-26 16:41 - 2007-05-16 16:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-04-26 16:41 - 2007-04-04 18:55 - 00403304 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2013-04-26 16:41 - 2007-04-04 18:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-04-26 16:41 - 2007-04-04 18:54 - 00107368 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2013-04-26 16:41 - 2007-04-04 18:53 - 00081768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-04-26 16:41 - 2007-03-15 16:57 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2013-04-26 16:41 - 2007-03-15 16:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-04-26 16:41 - 2007-03-12 16:42 - 04494184 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2013-04-26 16:41 - 2007-03-12 16:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-04-26 16:41 - 2007-03-12 16:42 - 01400176 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2013-04-26 16:41 - 2007-03-12 16:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-04-26 16:40 - 2007-01-24 15:27 - 00393576 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2013-04-26 16:40 - 2007-01-24 15:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-04-26 16:40 - 2006-12-08 12:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-04-26 16:40 - 2006-12-08 12:00 - 00390424 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2013-04-26 16:40 - 2006-11-29 13:06 - 00469264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2013-04-26 16:40 - 2006-11-29 13:06 - 00440080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-04-26 16:39 - 2007-03-05 12:42 - 00017688 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2013-04-26 16:39 - 2007-03-05 12:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-04-26 16:39 - 2006-09-28 16:05 - 03977496 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2013-04-26 16:39 - 2006-09-28 16:05 - 02414360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-04-26 16:39 - 2006-09-28 16:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-04-26 16:39 - 2006-09-28 16:04 - 00364824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2013-04-26 16:39 - 2006-07-28 09:31 - 00083736 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2013-04-26 16:39 - 2006-07-28 09:30 - 00363288 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2013-04-26 16:39 - 2006-07-28 09:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-04-26 16:39 - 2006-07-28 09:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-04-26 16:38 - 2006-05-31 07:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-04-26 16:38 - 2006-05-31 07:22 - 00354072 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2013-04-26 16:38 - 2006-03-31 12:41 - 03927248 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2013-04-26 16:38 - 2006-03-31 12:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-04-26 16:38 - 2006-03-31 12:40 - 00352464 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2013-04-26 16:38 - 2006-03-31 12:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-04-26 16:38 - 2006-03-31 12:39 - 00083664 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2013-04-26 16:38 - 2006-03-31 12:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-04-26 16:37 - 2006-02-03 08:43 - 03830992 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2013-04-26 16:37 - 2006-02-03 08:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-04-26 16:37 - 2006-02-03 08:42 - 00355536 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2013-04-26 16:37 - 2006-02-03 08:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-04-26 16:37 - 2006-02-03 08:41 - 00016592 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2013-04-26 16:37 - 2006-02-03 08:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-04-26 16:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-04-26 16:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-04-26 16:36 - 2013-04-26 20:57 - 00045249 ____A C:\Windows\DirectX.log
2013-04-26 16:36 - 2005-05-26 15:34 - 03767504 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2013-04-26 16:36 - 2005-05-26 15:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-04-26 16:36 - 2005-03-18 17:19 - 03823312 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2013-04-26 16:36 - 2005-03-18 17:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-04-26 16:36 - 2005-02-05 19:45 - 03544272 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2013-04-26 16:36 - 2005-02-05 19:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-04-26 16:32 - 2013-04-26 16:32 - 00000000 ____D C:\Program Files (x86)\PowerISO
2013-04-26 16:32 - 2010-04-12 16:55 - 00091568 ____A (PowerISO Computing, Inc.) C:\Windows\System32\Drivers\scdemu.sys
2013-04-26 16:29 - 2013-04-29 17:08 - 00002420 ____A C:\Windows\PFRO.log
2013-04-26 16:29 - 2013-04-26 16:29 - 00291384 ____A C:\Windows\Minidump\042613-14258-01.dmp
2013-04-26 16:25 - 2013-04-26 16:25 - 00000000 ____D C:\Users\erik\Downloads\PowerISO v4.7 + Serials [ChattChitto RG]
2013-04-26 16:21 - 2013-04-26 16:27 - 00000000 ____D C:\Users\erik\AppData\Roaming\uTorrent
2013-04-26 16:20 - 2013-04-26 16:20 - 01044560 ____A (BitTorrent Inc.) C:\Users\erik\Downloads\utorrent.exe
2013-04-26 16:09 - 2013-04-26 16:09 - 00000000 ____D C:\Users\Public\CyberLink
2013-04-26 16:09 - 2013-04-26 16:09 - 00000000 ____D C:\Users\erik\Downloads\Dark_Souls_Prepare_To_Die_Edition-FLT
2013-04-26 16:07 - 2013-04-27 07:47 - 543767392 ____A C:\Windows\MEMORY.DMP
2013-04-26 16:07 - 2013-04-26 16:07 - 00291424 ____A C:\Windows\Minidump\042613-14773-01.dmp
2013-04-26 14:40 - 2013-04-26 14:41 - 00000000 ____D C:\Users\erik\AppData\Local\{9CF7C8B2-C5A1-4CFA-A95F-A247B10BBDCB}
2013-04-25 23:39 - 2013-04-25 23:39 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-04-25 23:34 - 2013-04-25 23:35 - 00000000 ____D C:\ProgramData\Battle.net
2013-04-25 20:26 - 2013-04-25 20:28 - 00000000 ____D C:\Users\erik\AppData\Local\{11E7EB20-DCA9-4A0A-8BED-5EF44C8BFB15}
2013-04-25 19:23 - 2013-04-12 22:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-25 19:14 - 2013-04-25 19:14 - 00000000 ____D C:\Users\erik\AppData\Local\{517CE58F-E3A5-4488-94EA-1B8EEFABC6AF}
2013-04-23 17:37 - 2013-04-23 17:38 - 00000000 ____D C:\Users\erik\AppData\Local\{0AF46812-CC04-4B65-B973-9A7B61D7448A}
2013-04-22 17:37 - 2013-04-22 17:39 - 00000000 ____D C:\Users\erik\AppData\Local\{CE0F0C24-C7A5-499C-9E4F-61FBF877DED8}
2013-04-21 17:30 - 2013-05-09 22:42 - 00000000 ____D C:\Users\erik\AppData\Roaming\Skype
2013-04-21 17:30 - 2013-04-21 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-04-21 17:30 - 2013-04-21 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-04-21 17:30 - 2013-04-21 17:30 - 00000000 ____D C:\ProgramData\Skype
2013-04-21 12:36 - 2013-05-10 13:56 - 00008622 ____A C:\Windows\setupact.log
2013-04-21 12:36 - 2013-04-21 12:38 - 00000000 ____D C:\Users\erik\AppData\Local\{1C97D1B6-6489-4C8E-B378-62F293198813}
2013-04-21 12:36 - 2013-04-21 12:36 - 00000000 ____A C:\Windows\setuperr.log
2013-04-20 22:26 - 2013-04-20 22:26 - 00001366 ____A C:\Users\erik\Desktop\CCleaner.lnk
2013-04-20 22:22 - 2013-04-20 22:22 - 00000000 ____D C:\Program Files\CCleaner
2013-04-20 15:33 - 2013-04-20 15:33 - 00000000 ____D C:\Users\erik\AppData\Roaming\NVIDIA
2013-04-20 15:15 - 2013-04-20 15:17 - 00000000 ____D C:\Users\erik\AppData\Local\{0DB8738F-C9C6-40E3-B4A1-285140069856}
2013-04-20 14:52 - 2013-04-20 14:52 - 00000000 ____D C:\Users\erik\AppData\Local\{310B3C09-A8C8-4467-85C7-467326B801C7}
2013-04-20 14:47 - 2013-05-05 01:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-04-20 14:45 - 2013-04-20 14:45 - 00000000 ____D C:\Users\erik\AppData\Local\{14C1A918-BB7F-43DB-8DBB-F8AA159E4FD7}
2013-04-19 22:23 - 2013-04-19 22:23 - 00262144 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-04-19 22:23 - 2013-04-19 22:23 - 00086016 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-04-19 22:18 - 2005-12-05 18:09 - 03815120 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2013-04-19 22:18 - 2005-12-05 18:09 - 02323664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-04-19 22:17 - 2013-04-19 22:17 - 00000000 ____D C:\Windows\SysWOW64\Futuremark
2013-04-19 22:17 - 2007-09-07 14:55 - 00027672 ____A (EnTech Taiwan) C:\Windows\SysWOW64\Drivers\Entech.sys
2013-04-19 22:17 - 2007-09-07 14:55 - 00012744 ____A (EnTech Taiwan) C:\Windows\SysWOW64\Drivers\Entech64.sys
2013-04-19 22:17 - 2007-09-07 14:55 - 00006173 ____A C:\Windows\SysWOW64\Drivers\Entech.vxd
2013-04-19 22:17 - 2001-11-19 20:05 - 00003972 ____A C:\Windows\SysWOW64\Drivers\PciBus.sys
2013-04-19 13:32 - 2013-04-19 13:32 - 00000000 ____D C:\Users\erik\AppData\Local\{3F45875C-415E-4305-A4EA-630A13BF7179}
2013-04-18 16:53 - 2013-04-18 16:53 - 00000000 ____D C:\Users\erik\AppData\Local\{4218D189-5760-4303-834C-57F00A5B585C}
2013-04-17 18:22 - 2013-04-17 18:22 - 00000000 ____D C:\Users\erik\AppData\Local\{4DFE3B69-EECF-46BD-A754-6FC65C3496D6}
2013-04-16 16:56 - 2013-04-16 16:56 - 00000000 ____D C:\Users\erik\AppData\Local\{C3606676-C289-4C0B-BCF4-A9785E85C5E2}
2013-04-15 16:35 - 2013-04-15 16:35 - 00000000 ____D C:\Users\erik\AppData\Local\{C733DD3C-8AAD-459A-BB34-2312D4E1D764}
2013-04-14 22:22 - 2013-04-14 22:22 - 00000000 ____D C:\Users\erik\AppData\Local\{F763C8A7-7350-4FC9-B4EB-07B0CE32F41D}
2013-04-14 13:24 - 2013-04-14 13:24 - 00000000 ____D C:\Users\erik\AppData\Local\{F3C26083-7CEA-45F8-820F-853CCA634E8C}
2013-04-14 13:19 - 2013-04-14 13:19 - 00000000 ____D C:\Users\erik\AppData\Local\{867CB9E1-649B-43D6-BD64-91D304B11C96}
2013-04-14 13:17 - 2013-04-14 13:17 - 00000000 ____D C:\Users\erik\AppData\Local\{948A9A2A-73D7-41A9-8E73-4772472BD745}
2013-04-14 12:58 - 2013-04-14 12:58 - 00000000 ____D C:\Users\erik\AppData\Local\{F5A576B7-BB4C-4979-9E0E-AA41B66741CD}
2013-04-14 12:43 - 2013-04-14 12:43 - 00000000 ____D C:\Users\erik\AppData\Local\{CF7140F2-99CA-4A36-A9B6-921F1C511970}
2013-04-13 23:34 - 2013-04-13 23:34 - 00000000 ____D C:\Users\erik\AppData\Local\{55912F1D-CC0F-4D98-9D98-71E31195BF6F}
2013-04-13 11:33 - 2013-04-13 11:34 - 00000000 ____D C:\Users\erik\AppData\Local\{A4684F73-9A17-4CAE-AC78-DA034ACB04EA}
2013-04-13 11:03 - 2013-05-05 00:33 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-04-12 23:33 - 2013-04-12 23:33 - 00000000 ____D C:\Users\erik\AppData\Local\{66169839-8BBE-4814-B5F0-E40B12ACBC86}
2013-04-12 11:33 - 2013-04-12 11:33 - 00000000 ____D C:\Users\erik\AppData\Local\{2757CAE9-612C-4E91-9101-14CDBD8F3268}
2013-04-11 15:10 - 2013-04-11 15:10 - 00000798 ____A C:\Users\Public\Desktop\Speccy.lnk
2013-04-11 15:09 - 2013-04-11 15:10 - 00000000 ____D C:\Program Files\Speccy
2013-04-11 11:08 - 2013-04-11 11:08 - 00000000 ____D C:\Users\erik\AppData\Local\{AC924A6B-7B6B-4919-B12A-48C4906A65FF}
2013-04-11 10:56 - 2013-04-11 10:56 - 00000000 ____D C:\Users\erik\AppData\Local\{3FB9F1CE-FE5F-4C67-8A85-96DC32597FD9}
2013-04-10 22:04 - 2013-02-15 14:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-04-10 22:04 - 2013-02-15 14:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-10 22:04 - 2013-02-15 14:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-04-10 22:04 - 2013-02-15 12:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-04-10 22:04 - 2013-02-15 12:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-04-10 22:04 - 2013-02-15 11:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-04-10 22:00 - 2013-03-01 11:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-10 21:56 - 2013-03-19 14:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-10 21:56 - 2013-03-19 13:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-10 21:56 - 2013-03-19 13:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-04-10 21:56 - 2013-03-19 13:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-04-10 21:56 - 2013-03-19 12:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-04-10 21:56 - 2013-03-19 11:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-10 21:56 - 2013-01-24 14:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-04-10 14:13 - 2013-04-10 14:13 - 00000000 ____D C:\Users\erik\AppData\Roaming\xim
2013-04-10 13:23 - 2013-04-10 13:23 - 00000000 ____D C:\Users\erik\AppData\Local\{408DD458-B501-49BD-A556-886CDB2854A3}
2013-04-10 11:27 - 2013-04-10 11:27 - 00000000 ____D C:\Users\erik\AppData\Local\{9BCBED4E-4A02-4007-92E1-DDD5E16BE1D9}
2013-04-10 11:12 - 2013-04-10 11:12 - 00000000 ____D C:\Users\erik\AppData\Local\{5B5B02C5-8DBF-45D4-A141-2888A25A54F9}
2013-04-10 11:08 - 2013-04-10 11:08 - 00000000 ____D C:\Users\erik\AppData\Local\{32BB764F-7C32-470A-828D-4FA27B34DAF3}
 
==================== One Month Modified Files and Folders =======
 
2018-08-30 12:17 - 2010-04-02 19:28 - 00000000 ____D C:\Users\erik\AppData\Local\Google
2018-08-29 20:37 - 2018-08-29 20:36 - 09057936 ____A (Microsoft Corporation) C:\Users\erik\Downloads\MSNOIE8_ENSG_W64L.EXE
2014-08-28 18:46 - 2010-03-15 11:59 - 00000000 ____D C:\ProgramData\Recovery
2014-08-18 21:54 - 2014-08-18 21:54 - 00000000 ___HD C:\SYSTEM.SAV
2014-08-18 21:44 - 2009-01-22 14:30 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-02-03 09:08 - 2014-02-03 09:08 - 00000000 ____D C:\Users\erik\AppData\Local\{14B74581-14A6-4232-921E-FE360964A0AA}
2014-02-02 09:44 - 2014-02-02 09:43 - 00000000 ____D C:\Users\erik\AppData\Local\{07870DD6-F650-408A-BF76-7A7E45F1D2D4}
2014-02-02 09:43 - 2014-02-02 09:43 - 00000000 ____D C:\Users\erik\AppData\Local\{CF0AB0CD-143C-40A6-B43A-4C7A9E631AB2}
2013-05-10 14:01 - 2013-05-10 14:01 - 00000000 ____D C:\FRST
2013-05-10 14:01 - 2009-07-14 13:13 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-10 14:00 - 2013-05-10 14:00 - 01874958 ____A (Farbar) C:\Users\erik\Desktop\FRST64.exe
2013-05-10 13:58 - 2013-01-07 15:49 - 00000000 ____D C:\Users\erik\AppData\Roaming\GarenaPlus
2013-05-10 13:58 - 2013-01-07 15:46 - 00000000 ____D C:\ProgramData\GarenaMessenger
2013-05-10 13:57 - 2013-05-10 13:57 - 00000000 ____D C:\Users\erik\AppData\Local\{32353FB5-8ED1-4FD2-B5D0-0899D13B8A8D}
2013-05-10 13:57 - 2010-07-11 19:56 - 00000000 ____D C:\Users\erik\Tracing
2013-05-10 13:56 - 2013-04-21 12:36 - 00008622 ____A C:\Windows\setupact.log
2013-05-10 13:56 - 2010-04-02 19:28 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-10 13:56 - 2009-07-14 13:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-09 22:43 - 2010-04-02 19:28 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-09 22:43 - 2009-12-26 21:51 - 01396666 ____A C:\Windows\WindowsUpdate.log
2013-05-09 22:42 - 2013-04-21 17:30 - 00000000 ____D C:\Users\erik\AppData\Roaming\Skype
2013-05-09 22:34 - 2012-04-28 07:11 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-09 22:29 - 2018-08-30 12:16 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001UA.job
2013-05-09 20:27 - 2018-08-30 12:08 - 00007598 ____A C:\Users\erik\AppData\Local\Resmon.ResmonCfg
2013-05-09 18:11 - 2009-07-14 12:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-09 18:11 - 2009-07-14 12:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-09 17:20 - 2013-05-09 17:20 - 00000000 ____D C:\Users\erik\Desktop\Upload
2013-05-09 17:18 - 2013-05-09 17:17 - 00688992 ____R (Swearware) C:\Users\erik\Desktop\dds.com
2013-05-09 16:39 - 2013-05-09 16:39 - 00000000 ____D C:\Users\erik\AppData\Local\{3D5DB1A3-FBA3-4FB9-87E3-A8F6A219B65F}
2013-05-08 22:39 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-08 22:33 - 2010-03-14 20:05 - 00000000 ____D C:\Windows\Minidump
2013-05-08 22:33 - 2009-01-22 14:12 - 00301880 ____N C:\Windows\Minidump\050813-20794-01.dmp
2013-05-08 21:04 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2013-05-08 19:30 - 2013-05-08 19:30 - 00000000 ____D C:\ProgramData\Steam
2013-05-08 17:53 - 2013-05-08 17:53 - 00000000 ____D C:\Users\erik\AppData\Local\{861EFF92-1A13-464E-BF4F-52A093255B54}
2013-05-08 16:07 - 2013-05-08 16:07 - 00000000 ____D C:\Users\erik\AppData\Local\{75A50A46-1E76-421C-A772-178EC0BE6F19}
2013-05-07 17:08 - 2013-05-06 21:20 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-05-07 15:50 - 2013-05-07 15:50 - 00000000 ____D C:\Users\erik\AppData\Local\{19093881-5895-40F8-AF3B-D5442118A6E5}
2013-05-06 21:21 - 2013-05-06 21:21 - 00000000 ____D C:\Users\erik\AppData\Roaming\raidcall
2013-05-06 21:19 - 2013-05-06 21:19 - 05516016 ____A C:\Users\erik\Downloads\raidcall_v7.2.0.exe
2013-05-06 16:00 - 2013-05-06 16:00 - 00000000 ____D C:\Users\erik\AppData\Local\{DA066642-1156-48AD-89E7-18F91EBE5AC2}
2013-05-06 15:59 - 2009-01-23 06:10 - 00000000 ____D C:\Windows\Panther
2013-05-06 15:58 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-06 15:58 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-06 15:58 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-06 15:58 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-06 15:58 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-06 09:04 - 2013-05-06 08:59 - 00007985 ____A C:\Windows\IE10_main.log
2013-05-06 09:02 - 2013-05-06 09:02 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-06 09:02 - 2013-05-06 09:02 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-06 09:02 - 2013-05-06 09:02 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-06 09:02 - 2013-05-06 09:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-06 09:02 - 2013-05-06 09:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-06 09:02 - 2013-05-06 09:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-06 09:02 - 2013-05-06 09:02 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-06 09:02 - 2013-05-06 09:02 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-06 09:02 - 2013-05-06 09:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-06 09:02 - 2013-05-06 09:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-06 09:02 - 2013-05-06 09:02 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-06 09:02 - 2013-05-06 09:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-06 09:02 - 2013-05-06 09:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-06 09:00 - 2013-05-06 09:00 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-06 09:00 - 2013-05-06 09:00 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-06 08:59 - 2013-05-05 00:30 - 00764302 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-05 14:29 - 2018-08-30 12:16 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001Core.job
2013-05-05 12:00 - 2010-07-11 19:57 - 00000742 ____A C:\Users\erik\AppData\Roaming\wklnhst.dat
2013-05-05 12:00 - 2009-07-14 13:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-05-05 11:51 - 2013-05-05 10:15 - 00000457 ____A C:\Users\erik\Downloads\Boeing.txt
2013-05-05 10:07 - 2013-05-05 10:07 - 00000000 ____D C:\Users\erik\AppData\Local\{4D1782C5-81C2-4D90-8ADB-6F5195FBA38B}
2013-05-05 01:56 - 2013-05-05 00:32 - 00000000 ____D C:\Users\erik\AppData\Local\NVIDIA
2013-05-05 01:56 - 2013-01-07 15:47 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2013-05-05 01:55 - 2013-05-05 01:55 - 00001345 ____A C:\Users\Public\Desktop\GeForce Experience.lnk
2013-05-05 01:55 - 2013-05-05 01:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-05-05 01:54 - 2013-05-05 01:54 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-05-05 01:54 - 2013-05-05 01:51 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-05 01:54 - 2013-05-05 01:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-05 01:54 - 2013-04-20 14:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-05-05 01:50 - 2013-05-05 01:50 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-05 01:50 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\Help
2013-05-05 01:48 - 2013-05-05 01:48 - 00000000 ____D C:\NVIDIA
2013-05-05 01:30 - 2013-05-05 01:30 - 00000000 ____D C:\Users\erik\AppData\Local\{4B0B218D-1F78-4B66-B44A-EC9EAD232928}
2013-05-05 01:20 - 2013-05-05 01:20 - 00000000 ____D C:\Users\erik\AppData\Local\{89A26572-A7E3-4952-BA76-19CD00C9C4F8}
2013-05-05 01:19 - 2013-04-07 18:09 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForerik.job
2013-05-05 01:02 - 2013-05-03 16:15 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-05-05 00:34 - 2010-02-20 18:23 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-05-05 00:33 - 2013-04-13 11:03 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-05-05 00:32 - 2010-02-20 18:22 - 00000000 ____D C:\Users\erik\AppData\Roaming\HP Support Assistant
2013-05-05 00:32 - 2010-02-20 15:35 - 00000000 ____D C:\Users\erik\AppData\Roaming\HpUpdate
2013-05-05 00:29 - 2013-05-05 00:28 - 11268424 ____A (NVIDIA Corporation) C:\Users\erik\Downloads\GeForce_Experience_v1.1.exe
2013-05-05 00:22 - 2013-05-05 00:22 - 00000000 ____D C:\Users\erik\AppData\Local\{AE01698C-ED93-4FE0-9666-1D38AB952AA3}
2013-05-03 16:16 - 2013-05-03 16:15 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-05-03 16:15 - 2018-08-29 20:41 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-05-03 16:15 - 2013-05-03 16:15 - 00001084 ____A C:\Users\erik\Desktop\MSI Afterburner.lnk
2013-05-03 13:58 - 2013-05-03 13:58 - 00000000 ____D C:\Users\erik\AppData\Local\{211AE7A3-742C-4360-BBC5-94ACABCC2F66}
2013-05-02 23:29 - 2010-07-13 22:04 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-05-02 21:36 - 2010-07-08 23:41 - 00000000 ____D C:\ProgramData\Adobe
2013-05-02 21:35 - 2010-07-08 23:39 - 00000000 ____D C:\Users\erik\AppData\Local\Adobe
2013-05-02 21:35 - 2010-02-19 15:07 - 00000000 ____D C:\Users\erik\AppData\Roaming\Adobe
2013-05-02 20:57 - 2013-05-02 20:57 - 00001107 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\Users\erik\AppData\Roaming\Malwarebytes
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-02 20:57 - 2013-05-02 20:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-02 16:43 - 2013-05-02 16:43 - 00000000 ____D C:\Users\erik\AppData\Local\{20AB566A-C520-4417-B620-3F1FB599C99A}
2013-05-01 13:47 - 2013-05-01 13:46 - 00000000 ____D C:\Users\erik\AppData\Local\{228DA0DF-592C-4F44-B0C0-A7E421C00509}
2013-05-01 10:51 - 2013-05-01 10:51 - 00000000 ____D C:\Users\erik\AppData\Local\{6EA5BED9-F06B-45B3-86CB-C9EFF2391492}
2013-04-30 18:59 - 2013-04-30 18:59 - 00000000 ____D C:\Users\erik\AppData\Roaming\Garena
2013-04-30 18:59 - 2013-04-30 18:59 - 00000000 ____D C:\ProgramData\Garena
2013-04-30 17:19 - 2013-04-30 17:19 - 00000000 ____D C:\Users\erik\AppData\Local\{1789E808-773C-4F7F-BC9F-DC3DF96671BE}
2013-04-29 17:08 - 2013-04-26 16:29 - 00002420 ____A C:\Windows\PFRO.log
2013-04-29 09:20 - 2010-07-08 23:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-04-29 09:13 - 2013-04-29 09:12 - 00000000 ____D C:\Users\erik\AppData\Local\{3849E51D-1314-4615-9292-E175E9914590}
2013-04-28 19:07 - 2013-04-28 19:06 - 00000000 ____D C:\Users\erik\AppData\Local\{411022D7-6D3F-4441-83C6-0E82E16667C5}
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Windows\System32\SRSLabs
2013-04-28 01:41 - 2013-04-28 01:41 - 00000000 ____D C:\Program Files\Realtek
2013-04-28 01:40 - 2013-04-28 01:40 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-04-28 01:40 - 2009-01-22 14:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-04-28 01:32 - 2013-04-28 01:32 - 00001231 ____A C:\Users\Public\Desktop\Driver Sweeper.lnk
2013-04-28 01:32 - 2013-04-28 01:32 - 00000000 ____D C:\Program Files (x86)\Phyxion.net
2013-04-28 00:25 - 2013-04-28 00:24 - 00000000 ____D C:\Users\erik\AppData\Local\{E04D81F3-6A1C-4141-974E-859C0E19FDBE}
2013-04-27 12:00 - 2013-02-24 10:31 - 00000000 ____D C:\Users\erik\Downloads\SAVE
2013-04-27 11:04 - 2013-04-27 11:04 - 00001945 ____A C:\Windows\epplauncher.mif
2013-04-27 11:04 - 2013-04-27 11:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-04-27 11:04 - 2013-04-27 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-04-27 07:51 - 2012-04-28 07:11 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-04-27 07:51 - 2011-07-02 18:30 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-04-27 07:49 - 2013-04-27 07:48 - 00000000 ____D C:\Users\erik\AppData\Local\{C89C2112-3460-4CB9-A11F-871D40A783F6}
2013-04-27 07:47 - 2013-04-27 07:47 - 00291552 ____A C:\Windows\Minidump\042713-37518-01.dmp
2013-04-27 07:47 - 2013-04-26 16:07 - 543767392 ____A C:\Windows\MEMORY.DMP
2013-04-26 20:57 - 2013-04-26 16:36 - 00045249 ____A C:\Windows\DirectX.log
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\Users\erik\Documents\My Games
2013-04-26 20:56 - 2013-04-26 20:56 - 00000000 ____D C:\Users\erik\AppData\Local\FLT
2013-04-26 20:56 - 2013-04-26 20:44 - 00000000 ____D C:\Program Files (x86)\BioShock Infinite
2013-04-26 20:55 - 2013-04-26 20:55 - 00002233 ____A C:\Users\Public\Desktop\Launch BioShock Infinite.lnk
2013-04-26 20:55 - 2013-04-26 20:55 - 00002198 ____A C:\Users\Public\Desktop\Launch BioShock Infinite Benchmarking Utility.lnk
2013-04-26 17:00 - 2013-04-26 17:00 - 00001725 ____A C:\Users\erik\Desktop\DARKSOULS - Shortcut.lnk
2013-04-26 16:59 - 2013-04-26 16:59 - 00000000 ____D C:\Users\erik\Documents\NBGI
2013-04-26 16:59 - 2013-04-26 16:59 - 00000000 ____D C:\Users\erik\AppData\Local\NBGI
2013-04-26 16:54 - 2013-04-26 16:43 - 00000000 ____D C:\Users\erik\Downloads\BioShock_Infinite-FLT
2013-04-26 16:49 - 2013-04-26 16:49 - 00000000 ____D C:\Users\erik\Downloads\DSfix15-19-1-5
2013-04-26 16:46 - 2013-04-26 16:45 - 00000000 ____D C:\Users\erik\Downloads\DSfix12
2013-04-26 16:42 - 2013-04-26 16:42 - 00000000 ____D C:\Program Files (x86)\NAMCO BANDAI Games
2013-04-26 16:41 - 2013-04-26 16:41 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-04-26 16:41 - 2013-04-26 16:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-04-26 16:36 - 2012-04-28 07:16 - 00000000 ____D C:\Users\erik\AppData\Local\Microsoft Games
2013-04-26 16:32 - 2013-04-26 16:32 - 00000000 ____D C:\Program Files (x86)\PowerISO
2013-04-26 16:29 - 2013-04-26 16:29 - 00291384 ____A C:\Windows\Minidump\042613-14258-01.dmp
2013-04-26 16:27 - 2013-04-26 16:21 - 00000000 ____D C:\Users\erik\AppData\Roaming\uTorrent
2013-04-26 16:25 - 2013-04-26 16:25 - 00000000 ____D C:\Users\erik\Downloads\PowerISO v4.7 + Serials [ChattChitto RG]
2013-04-26 16:20 - 2013-04-26 16:20 - 01044560 ____A (BitTorrent Inc.) C:\Users\erik\Downloads\utorrent.exe
2013-04-26 16:19 - 2013-04-08 12:44 - 00000000 ____D C:\Users\erik\AppData\Roaming\vlc
2013-04-26 16:09 - 2013-04-26 16:09 - 00000000 ____D C:\Users\Public\CyberLink
2013-04-26 16:09 - 2013-04-26 16:09 - 00000000 ____D C:\Users\erik\Downloads\Dark_Souls_Prepare_To_Die_Edition-FLT
2013-04-26 16:07 - 2013-04-26 16:07 - 00291424 ____A C:\Windows\Minidump\042613-14773-01.dmp
2013-04-26 15:33 - 2010-02-19 15:00 - 00000000 ____D C:\users\erik
2013-04-26 14:41 - 2013-04-26 14:40 - 00000000 ____D C:\Users\erik\AppData\Local\{9CF7C8B2-C5A1-4CFA-A95F-A247B10BBDCB}
2013-04-25 23:39 - 2013-04-25 23:39 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-04-25 23:35 - 2013-04-25 23:34 - 00000000 ____D C:\ProgramData\Battle.net
2013-04-25 20:28 - 2013-04-25 20:26 - 00000000 ____D C:\Users\erik\AppData\Local\{11E7EB20-DCA9-4A0A-8BED-5EF44C8BFB15}
2013-04-25 19:14 - 2013-04-25 19:14 - 00000000 ____D C:\Users\erik\AppData\Local\{517CE58F-E3A5-4488-94EA-1B8EEFABC6AF}
2013-04-25 19:13 - 2009-07-14 13:08 - 00032654 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-04-23 17:38 - 2013-04-23 17:37 - 00000000 ____D C:\Users\erik\AppData\Local\{0AF46812-CC04-4B65-B973-9A7B61D7448A}
2013-04-22 20:03 - 2011-01-11 21:23 - 00000000 ____D C:\Users\erik\AppData\Local\Windows Live
2013-04-22 17:39 - 2013-04-22 17:37 - 00000000 ____D C:\Users\erik\AppData\Local\{CE0F0C24-C7A5-499C-9E4F-61FBF877DED8}
2013-04-21 17:30 - 2013-04-21 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-04-21 17:30 - 2013-04-21 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-04-21 17:30 - 2013-04-21 17:30 - 00000000 ____D C:\ProgramData\Skype
2013-04-21 12:38 - 2013-04-21 12:36 - 00000000 ____D C:\Users\erik\AppData\Local\{1C97D1B6-6489-4C8E-B378-62F293198813}
2013-04-21 12:36 - 2013-04-21 12:36 - 00000000 ____A C:\Windows\setuperr.log
2013-04-20 22:26 - 2013-04-20 22:26 - 00001366 ____A C:\Users\erik\Desktop\CCleaner.lnk
2013-04-20 22:23 - 2010-07-23 18:29 - 00000000 ____D C:\Users\erik\AppData\Local\CrashDumps
2013-04-20 22:22 - 2013-04-20 22:22 - 00000000 ____D C:\Program Files\CCleaner
2013-04-20 15:33 - 2013-04-20 15:33 - 00000000 ____D C:\Users\erik\AppData\Roaming\NVIDIA
2013-04-20 15:17 - 2013-04-20 15:15 - 00000000 ____D C:\Users\erik\AppData\Local\{0DB8738F-C9C6-40E3-B4A1-285140069856}
2013-04-20 14:52 - 2013-04-20 14:52 - 00000000 ____D C:\Users\erik\AppData\Local\{310B3C09-A8C8-4467-85C7-467326B801C7}
2013-04-20 14:45 - 2013-04-20 14:45 - 00000000 ____D C:\Users\erik\AppData\Local\{14C1A918-BB7F-43DB-8DBB-F8AA159E4FD7}
2013-04-19 22:23 - 2013-04-19 22:23 - 00262144 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-04-19 22:23 - 2013-04-19 22:23 - 00086016 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-04-19 22:17 - 2013-04-19 22:17 - 00000000 ____D C:\Windows\SysWOW64\Futuremark
2013-04-19 14:06 - 2010-02-19 15:07 - 00000000 ____D C:\Users\erik\AppData\Roaming\ATI
2013-04-19 14:06 - 2010-02-19 15:07 - 00000000 ____D C:\Users\erik\AppData\Local\ATI
2013-04-19 13:32 - 2013-04-19 13:32 - 00000000 ____D C:\Users\erik\AppData\Local\{3F45875C-415E-4305-A4EA-630A13BF7179}
2013-04-18 16:53 - 2013-04-18 16:53 - 00000000 ____D C:\Users\erik\AppData\Local\{4218D189-5760-4303-834C-57F00A5B585C}
2013-04-17 18:22 - 2013-04-17 18:22 - 00000000 ____D C:\Users\erik\AppData\Local\{4DFE3B69-EECF-46BD-A754-6FC65C3496D6}
2013-04-16 16:56 - 2013-04-16 16:56 - 00000000 ____D C:\Users\erik\AppData\Local\{C3606676-C289-4C0B-BCF4-A9785E85C5E2}
2013-04-15 16:35 - 2013-04-15 16:35 - 00000000 ____D C:\Users\erik\AppData\Local\{C733DD3C-8AAD-459A-BB34-2312D4E1D764}
2013-04-14 22:22 - 2013-04-14 22:22 - 00000000 ____D C:\Users\erik\AppData\Local\{F763C8A7-7350-4FC9-B4EB-07B0CE32F41D}
2013-04-14 13:24 - 2013-04-14 13:24 - 00000000 ____D C:\Users\erik\AppData\Local\{F3C26083-7CEA-45F8-820F-853CCA634E8C}
2013-04-14 13:19 - 2013-04-14 13:19 - 00000000 ____D C:\Users\erik\AppData\Local\{867CB9E1-649B-43D6-BD64-91D304B11C96}
2013-04-14 13:17 - 2013-04-14 13:17 - 00000000 ____D C:\Users\erik\AppData\Local\{948A9A2A-73D7-41A9-8E73-4772472BD745}
2013-04-14 12:58 - 2013-04-14 12:58 - 00000000 ____D C:\Users\erik\AppData\Local\{F5A576B7-BB4C-4979-9E0E-AA41B66741CD}
2013-04-14 12:43 - 2013-04-14 12:43 - 00000000 ____D C:\Users\erik\AppData\Local\{CF7140F2-99CA-4A36-A9B6-921F1C511970}
2013-04-13 23:34 - 2013-04-13 23:34 - 00000000 ____D C:\Users\erik\AppData\Local\{55912F1D-CC0F-4D98-9D98-71E31195BF6F}
2013-04-13 11:34 - 2013-04-13 11:33 - 00000000 ____D C:\Users\erik\AppData\Local\{A4684F73-9A17-4CAE-AC78-DA034ACB04EA}
2013-04-12 23:33 - 2013-04-12 23:33 - 00000000 ____D C:\Users\erik\AppData\Local\{66169839-8BBE-4814-B5F0-E40B12ACBC86}
2013-04-12 22:45 - 2013-04-25 19:23 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-12 11:33 - 2013-04-12 11:33 - 00000000 ____D C:\Users\erik\AppData\Local\{2757CAE9-612C-4E91-9101-14CDBD8F3268}
2013-04-11 16:37 - 2009-01-22 14:53 - 00000000 ____D C:\ProgramData\Norton
2013-04-11 16:36 - 2010-02-19 15:07 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-04-11 15:10 - 2013-04-11 15:10 - 00000798 ____A C:\Users\Public\Desktop\Speccy.lnk
2013-04-11 15:10 - 2013-04-11 15:09 - 00000000 ____D C:\Program Files\Speccy
2013-04-11 11:08 - 2013-04-11 11:08 - 00000000 ____D C:\Users\erik\AppData\Local\{AC924A6B-7B6B-4919-B12A-48C4906A65FF}
2013-04-11 10:56 - 2013-04-11 10:56 - 00000000 ____D C:\Users\erik\AppData\Local\{3FB9F1CE-FE5F-4C67-8A85-96DC32597FD9}
2013-04-11 10:55 - 2009-07-14 12:45 - 00330672 ____A C:\Windows\System32\FNTCACHE.DAT
2013-04-10 23:23 - 2010-03-22 07:46 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-04-10 20:26 - 2018-08-30 12:17 - 00002408 ____A C:\Users\erik\Desktop\Google Chrome.lnk
2013-04-10 14:13 - 2013-04-10 14:13 - 00000000 ____D C:\Users\erik\AppData\Roaming\xim
2013-04-10 13:23 - 2013-04-10 13:23 - 00000000 ____D C:\Users\erik\AppData\Local\{408DD458-B501-49BD-A556-886CDB2854A3}
2013-04-10 11:27 - 2013-04-10 11:27 - 00000000 ____D C:\Users\erik\AppData\Local\{9BCBED4E-4A02-4007-92E1-DDD5E16BE1D9}
2013-04-10 11:12 - 2013-04-10 11:12 - 00000000 ____D C:\Users\erik\AppData\Local\{5B5B02C5-8DBF-45D4-A141-2888A25A54F9}
2013-04-10 11:08 - 2013-04-10 11:08 - 00000000 ____D C:\Users\erik\AppData\Local\{32BB764F-7C32-470A-828D-4FA27B34DAF3}
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
Last Boot: 2013-05-05 16:46
 
==================== End Of Log ============================

 

Attached Files



#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 10 May 2013 - 10:18 AM

iastor.sys is a legitimate file, but it can become infected like any other file.

There are no indications in the log that anything is amiss, but out of caution, let's run the following:


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 10 May 2013 - 11:53 AM

Hi, here are the results but is this a deadly virus? Cause i want to continue playing this game.

 

 

C:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\xlive.dll a variant of Win32/Packed.VMProtect.AAN trojan
C:\Users\erik\Downloads\Dark_Souls_Prepare_To_Die_Edition-FLT\flt-dspd.iso a variant of Win32/Packed.VMProtect.AAN trojan


#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 10 May 2013 - 12:02 PM

It is indicating this is a stolen file

where did you obtain this from?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 10 May 2013 - 12:05 PM

Oh i had it downloaded from the web.

Edit: By the way this was not the game that caused the bsod i had this installed long ago.

Edited by deprived94, 10 May 2013 - 12:38 PM.


#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 10 May 2013 - 12:42 PM

Please run the following

Refer to the ComboFix User's Guide
  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 10 May 2013 - 09:45 PM

Yay. Thank you Catbyte i think that my problem has been solved. I left my computer over night and there were no bsod. Checked my boot up time and they were back to normal. Really thanks a lot



#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 11 May 2013 - 01:28 AM

your choice of course, but do you not wish to continue on to make certain there are no leftovers?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 11 May 2013 - 02:00 AM

Hmmm. I don't mind doing through the combofix but will it delete the files in that game folder? Because i'm still want to play the game.



#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 11 May 2013 - 08:17 AM

you could always obtain that game legally once we are done here,

is a game worth compromising your computer for?

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 11 May 2013 - 10:34 AM

Ok my apologies. Here's my log and i thank you for helping me so far.

 

 

ComboFix 13-05-11.01 - erik 11/05/2013  23:22:31.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.65.1033.18.6103.4093 [GMT 8:00]
Running from: c:\users\erik\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\erik\AppData\Roaming\mIRC\logs\status.log
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-11 to 2013-05-11  )))))))))))))))))))))))))))))))
.
.
2018-08-29 12:41 . 2013-05-03 08:15 -------- d--h--w- c:\windows\msdownld.tmp
2014-08-18 13:54 . 2014-08-18 13:54 -------- d-----w- C:\SYSTEM.SAV
2014-08-18 13:54 . 2013-04-07 10:02 -------- d---a-w- C:\swsetup
2013-05-11 15:28 . 2013-05-11 15:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-11 03:05 . 2013-05-11 03:05 -------- d-----w- c:\users\erik\AppData\Local\Unigraphics Solutions
2013-05-11 03:01 . 2013-05-11 03:01 1503 ----a-w- c:\windows\SysWow64\setacl.bat
2013-05-11 02:48 . 2013-05-11 02:48 -------- d-----w- c:\programdata\Macrovision
2013-05-11 02:48 . 2013-05-11 02:52 -------- d-----w- c:\program files (x86)\UGS
2013-05-10 18:15 . 2013-04-09 12:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B161893-F3F1-4010-9ABB-535FD6AF52F5}\mpengine.dll
2013-05-10 17:10 . 2013-04-09 12:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-10 15:23 . 2013-05-10 15:23 -------- d-----w- c:\program files (x86)\ESET
2013-05-10 06:01 . 2013-05-10 06:01 -------- d-----w- C:\FRST
2013-05-08 11:30 . 2013-05-08 11:30 -------- d-----w- c:\programdata\Steam
2013-05-06 13:21 . 2013-05-06 13:21 -------- d-----w- c:\users\erik\AppData\Roaming\raidcall
2013-05-06 13:20 . 2013-05-07 09:08 -------- d-----w- c:\program files (x86)\RaidCall
2013-05-06 01:00 . 2013-05-06 01:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-04 17:54 . 2013-05-04 17:54 -------- d-----w- c:\users\UpdatusUser
2013-05-04 17:51 . 2013-05-04 17:54 -------- d-----w- c:\programdata\NVIDIA
2013-05-04 17:50 . 2013-05-04 17:50 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-05-04 17:50 . 2013-03-15 04:16 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-04 17:50 . 2013-03-15 04:16 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-04 17:50 . 2013-03-15 04:16 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-04 17:50 . 2013-03-15 04:16 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-04 17:50 . 2013-03-15 04:16 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-04 17:50 . 2013-03-13 16:24 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-04 17:50 . 2013-05-04 17:55 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-05-04 17:48 . 2013-05-04 17:48 -------- d-----w- C:\NVIDIA
2013-05-04 17:40 . 2013-05-04 17:54 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-05-04 16:32 . 2013-05-04 17:56 -------- d-----w- c:\users\erik\AppData\Local\NVIDIA
2013-05-03 08:15 . 2013-05-10 15:21 -------- d-----w- c:\program files (x86)\MSI Afterburner
2013-05-02 12:57 . 2013-05-02 12:57 -------- d-----w- c:\users\erik\AppData\Roaming\Malwarebytes
2013-05-02 12:57 . 2013-05-02 12:57 -------- d-----w- c:\programdata\Malwarebytes
2013-05-02 12:57 . 2013-05-02 12:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-02 12:57 . 2013-04-04 06:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-30 10:59 . 2013-04-30 10:59 -------- d-----w- c:\users\erik\AppData\Roaming\Garena
2013-04-30 10:59 . 2013-04-30 10:59 -------- d-----w- c:\programdata\Garena
2013-04-29 01:20 . 2013-04-29 01:20 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-04-27 17:41 . 2013-04-27 17:41 -------- d-----w- c:\windows\system32\SRSLabs
2013-04-27 17:41 . 2013-04-27 17:41 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-04-27 17:41 . 2013-04-27 17:41 -------- d-----w- c:\program files\Realtek
2013-04-27 17:32 . 2013-04-27 17:32 -------- d-----w- c:\program files (x86)\Phyxion.net
2013-04-27 03:09 . 2013-04-27 03:09 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87386880-641A-425F-937C-CE5812317772}\gapaengine.dll
2013-04-27 03:04 . 2013-04-27 03:04 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-04-27 03:04 . 2013-04-27 03:04 -------- d-----w- c:\program files\Microsoft Security Client
2013-04-27 02:58 . 2013-04-27 02:58 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-04-26 12:56 . 2013-04-26 12:56 -------- d-----w- c:\users\erik\AppData\Local\FLT
2013-04-26 12:44 . 2013-04-26 12:56 -------- d-----w- c:\program files (x86)\BioShock Infinite
2013-04-26 08:59 . 2013-04-26 08:59 -------- d-----w- c:\users\erik\AppData\Local\NBGI
2013-04-26 08:57 . 2009-09-04 09:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-04-26 08:56 . 2013-04-26 08:56 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5630BCCF-8ADC-47A8-B146-68A9467587F8}\offreg.dll
2013-04-26 08:42 . 2013-04-26 08:42 -------- d-----w- c:\program files (x86)\NAMCO BANDAI Games
2013-04-26 08:42 . 2009-09-04 09:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2013-04-26 08:40 . 2007-01-24 07:27 393576 ----a-w- c:\windows\system32\xactengine2_6.dll
2013-04-26 08:40 . 2007-01-24 07:27 255848 ----a-w- c:\windows\SysWow64\xactengine2_6.dll
2013-04-26 08:40 . 2006-12-08 04:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2013-04-26 08:40 . 2006-12-08 04:00 390424 ----a-w- c:\windows\system32\xactengine2_5.dll
2013-04-26 08:40 . 2006-11-29 05:06 469264 ----a-w- c:\windows\system32\d3dx10.dll
2013-04-26 08:40 . 2006-11-29 05:06 440080 ----a-w- c:\windows\SysWow64\d3dx10.dll
2013-04-26 08:39 . 2007-03-05 04:42 15128 ----a-w- c:\windows\SysWow64\x3daudio1_1.dll
2013-04-26 08:39 . 2007-03-05 04:42 17688 ----a-w- c:\windows\system32\x3daudio1_1.dll
2013-04-26 08:39 . 2006-09-28 08:05 237848 ----a-w- c:\windows\SysWow64\xactengine2_4.dll
2013-04-26 08:39 . 2006-09-28 08:04 364824 ----a-w- c:\windows\system32\xactengine2_4.dll
2013-04-26 08:39 . 2006-09-28 08:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-04-26 08:39 . 2006-09-28 08:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-04-26 08:39 . 2006-07-28 01:30 363288 ----a-w- c:\windows\system32\xactengine2_3.dll
2013-04-26 08:39 . 2006-07-28 01:30 236824 ----a-w- c:\windows\SysWow64\xactengine2_3.dll
2013-04-26 08:39 . 2006-07-28 01:31 83736 ----a-w- c:\windows\system32\xinput1_2.dll
2013-04-26 08:39 . 2006-07-28 01:30 62744 ----a-w- c:\windows\SysWow64\xinput1_2.dll
2013-04-26 08:38 . 2006-05-30 23:22 354072 ----a-w- c:\windows\system32\xactengine2_2.dll
2013-04-26 08:38 . 2006-03-31 04:39 83664 ----a-w- c:\windows\system32\xinput1_1.dll
2013-04-26 08:38 . 2006-03-31 04:40 352464 ----a-w- c:\windows\system32\xactengine2_1.dll
2013-04-26 08:38 . 2006-03-31 04:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2013-04-26 08:37 . 2006-02-03 00:42 355536 ----a-w- c:\windows\system32\xactengine2_0.dll
2013-04-26 08:37 . 2006-02-03 00:41 16592 ----a-w- c:\windows\system32\x3daudio1_0.dll
2013-04-26 08:37 . 2006-02-03 00:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll
2013-04-26 08:37 . 2005-07-22 11:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2013-04-26 08:36 . 2005-05-26 07:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-04-26 08:36 . 2005-05-26 07:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2013-04-26 08:36 . 2005-03-18 09:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-04-26 08:36 . 2005-02-05 11:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-04-26 08:32 . 2010-04-12 08:55 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys
2013-04-26 08:32 . 2013-04-26 08:32 -------- d-----w- c:\program files (x86)\PowerISO
2013-04-26 08:21 . 2013-05-10 19:45 -------- d-----w- c:\users\erik\AppData\Roaming\uTorrent
2013-04-26 08:09 . 2013-04-26 08:09 -------- d-----w- c:\users\Public\CyberLink
2013-04-25 15:39 . 2013-04-27 02:59 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2013-04-25 15:39 . 2013-04-25 15:39 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-04-25 15:34 . 2013-04-25 15:35 -------- d-----w- c:\programdata\Battle.net
2013-04-25 11:23 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-23 10:01 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5630BCCF-8ADC-47A8-B146-68A9467587F8}\mpengine.dll
2013-04-21 09:30 . 2013-05-11 15:27 -------- d-----w- c:\users\erik\AppData\Roaming\Skype
2013-04-21 09:30 . 2013-04-21 09:30 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-21 09:30 . 2013-04-21 09:30 -------- d-----r- c:\program files (x86)\Skype
2013-04-21 09:30 . 2013-04-21 09:30 -------- d-----w- c:\programdata\Skype
2013-04-20 14:22 . 2013-04-20 14:22 -------- d-----w- c:\program files\CCleaner
2013-04-20 07:33 . 2013-04-20 07:33 -------- d-----w- c:\users\erik\AppData\Roaming\NVIDIA
2013-04-20 06:47 . 2013-05-04 17:54 -------- d-----w- c:\program files\NVIDIA Corporation
2013-04-19 14:23 . 2013-04-19 14:23 262144 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-04-19 14:23 . 2013-04-19 14:23 86016 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-04-19 14:18 . 2005-12-05 10:09 3815120 ----a-w- c:\windows\system32\d3dx9_28.dll
2013-04-19 14:17 . 2013-04-19 14:17 -------- d-----w- c:\windows\SysWow64\Futuremark
2013-04-19 14:17 . 2007-09-07 06:55 27672 ----a-w- c:\windows\SysWow64\drivers\Entech.sys
2013-04-19 14:17 . 2007-09-07 06:55 12744 ----a-w- c:\windows\SysWow64\drivers\Entech64.sys
2013-04-19 14:17 . 2001-11-19 12:05 3972 ----a-w- c:\windows\SysWow64\drivers\PciBus.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 15:29 . 2010-07-13 14:04 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-26 23:51 . 2012-04-27 23:11 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-26 23:51 . 2011-07-02 10:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-10 15:23 . 2010-03-21 23:46 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-02 13:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-04-02 13:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-19 06:04 . 2013-04-10 13:56 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 13:56 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 13:56 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 13:56 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 13:56 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 13:56 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-06 23:32 . 2013-04-08 04:22 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-01 03:36 . 2013-04-10 14:00 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-15 06:08 . 2013-04-10 14:04 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-02-15 06:06 . 2013-04-10 14:04 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-02-15 06:02 . 2013-04-10 14:04 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-02-15 04:37 . 2013-04-10 14:04 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-02-15 04:34 . 2013-04-10 14:04 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-02-15 03:25 . 2013-04-10 14:04 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-02-12 05:45 . 2013-04-03 13:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-04-03 13:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-04-03 13:05 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-04-03 13:05 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-04-03 13:05 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-04-03 13:05 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-04-02 12:48 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-05-09 9829680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-03 385024]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys [2010-04-08 59392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [2007-06-28 173056]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-19 50688]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-19 239176]
S2 UGS License Server (ugslmd);UGS License Server (ugslmd);c:\program files (x86)\UGS\UGSLicensing\lmgrd.exe [2009-07-07 1510152]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-05-19 702976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 23:51]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-02 11:28]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-02 11:28]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001Core.job
- c:\users\erik\AppData\Local\Google\Update\GoogleUpdate.exe [2018-08-30 01:48]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-781370092-831217984-403861513-1001UA.job
- c:\users\erik\AppData\Local\Google\Update\GoogleUpdate.exe [2018-08-30 01:48]
.
2013-05-11 c:\windows\Tasks\HPCeeScheduleForerik.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 14:15]
.
2012-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-14 610360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-03-24 976672]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-StereoLinksInstall - c:\program files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-781370092-831217984-403861513-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-781370092-831217984-403861513-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-11  23:30:25
ComboFix-quarantined-files.txt  2013-05-11 15:30
.
Pre-Run: 618,508,664,832 bytes free
Post-Run: 619,398,029,312 bytes free
.
- - End Of File - - 5B76EF93F486D4413AFE4FB368FEE8A6


#14 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:12:28 PM

Posted 11 May 2013 - 12:22 PM

Please run the following:


Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

NEXT


Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply
NEXT
  • Please open your MalwareBytes AntiMalware Program
  • Click the Update Tab and search for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT

Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#15 deprived94

deprived94
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:28 AM

Posted 11 May 2013 - 12:58 PM

Ok i will do the scans tomorrow. Heading to sleep now.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users