Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Phantom Keystrokes and Mouse Activity


  • This topic is locked This topic is locked
17 replies to this topic

#1 Delphinus

Delphinus

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 05 December 2013 - 04:38 PM

I am currently running Windows 8.1 Pro 64 bit. Several months ago, my computer began to behave in a very unusual manner. It seemed to have phantom keystrokes and mouse clicks/movement as the Windows start screen and or charms would pop up without me pressing anything or moving the mouse myself. If I had the cursor in a text box, random characters would type out as well sometimes. I formatted my SSD and reinstalled Windows 8 when 8.1 was released, in hopes of solving this and another issue where my libraries (particularly music) kept unsettling their locations and coming up empty.

 

I installed Windows 8 Pro from my install disk and updated to 8.1. This did fix my libraries issue, but the other problem has continued and gotten even more bizarre. Now I have twice witnessed the start screen come up without me doing anything to cause it to happen, and while I'm not even touching my keyboard, it began to type out words into the 'start search'. The second time, I recognized the words as being part of a line being typed out word for word, from a document for online roleplaying saved on my computer. This doesn't happen very often, and a reboot always makes the issue go away till the next time it rears it's ugly head. Often I can also just leave the computer alone and the behavior stops after a minute or so.

 

I have run scans with Kaspersky, Malwarebytes, and Malwarebytes Anti Rootkit, as well as TDSSKiller. All but the last one came out with no threats found. TDSSKiller found nothing with a regular scan, but when I enabled all the options, it found two suspicious loaded modules. 07750112 (HiddenService.Multi.Generic) and MBAMSwissArmy (HiddenService.Multi.Generic). I'm guessing the latter of the two is a false positive, but have no idea about the first. 

 

I can't post a log from DDS because it won't generate any logs under Windows 8.1.


Edited by Delphinus, 05 December 2013 - 04:43 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 AM

Posted 10 December 2013 - 04:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/516501 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 14 December 2013 - 06:23 PM

I still need help, but I still can't post a dds log as it won't run under windows 8.1. I do have my Windows 8.0 pro install DVD available. As stated above, I am currently running windows 8.1 Pro 64 bit.



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 16 December 2013 - 10:04 AM

Greetings Delphinus and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far and I apologize for the extended delay. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 17 December 2013 - 03:14 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2013 01
Ran by JFVan_000 (administrator) on JAMESDT on 17-12-2013 03:06:26
Running from F:\Downloads
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
(Curse) C:\Users\JFVan_000\AppData\Local\Apps\2.0\2ZKLGEC3.JC0\BC663MYC.ERA\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\RazerCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.3968\Battle.net.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\Program Files\WindowsApps\C49B256F.SlackerRadio_1.1.0.7_x64__w203ptv5wvzt2\SlackerWin8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\JFVan_000\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gammon Software Solutions) F:\Documents\MUSHclient\MUSHclient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cfosspeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
Startup: C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x14C2C091F2BECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 kona.kontera.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B5E4F1BE-AA07-4E11-AAE5-7666C61EE8B3}: [NameServer]199.45.32.40,129.250.48.6
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.smashbros.com/us/"
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail Offline) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (Google Calendar) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (A Journey through Middle-earth) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni\0.0.1.3_0
CHR Extension: (LastPass) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.16_0
CHR Extension: (Evernote Web) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0
CHR Extension: (Facebook Notifications) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0
CHR Extension: (Google Wallet) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (ScriptSafe) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.16_0
CHR Extension: (Dolphin Connect) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll\1.3_0
CHR Extension: (Evernote Web Clipper) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0.3_0
CHR Extension: (Gmail) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
==================== Services (Whitelisted) =================
 
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44064 2013-07-08] (ArcSoft, Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [75136 2013-12-15] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [604192 2013-03-19] ()
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2013-10-01] (Asmedia Technology)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-10-13] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [34984 2013-10-13] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-17 03:06 - 2013-12-17 03:06 - 00000000 ____D C:\FRST
2013-12-15 23:04 - 2013-12-15 23:10 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Ubisoft Game Launcher
2013-12-15 23:04 - 2013-12-15 23:04 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-15 23:04 - 2012-06-19 07:02 - 03123272 ____R C:\WINDOWS\SysWOW64\pbsvc.exe
2013-12-15 22:13 - 2013-12-15 23:04 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-10 23:51 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-10 23:51 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-10 23:51 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-10 23:51 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-10 23:51 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-10 23:51 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-10 23:51 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-10 23:51 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-10 23:51 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-10 23:51 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-10 23:51 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-10 23:51 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-10 23:51 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-10 23:51 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-10 23:51 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-10 23:51 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-10 23:51 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-10 23:51 - 2013-11-22 23:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-10 23:51 - 2013-11-22 23:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-10 23:51 - 2013-11-22 22:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-10 23:51 - 2013-11-22 22:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-10 23:51 - 2013-11-11 18:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 23:51 - 2013-11-11 18:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 23:51 - 2013-11-11 18:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-10 23:51 - 2013-11-11 18:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-10 23:51 - 2013-11-10 21:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-10 23:51 - 2013-11-09 06:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-10 23:51 - 2013-11-09 01:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-10 23:51 - 2013-11-09 00:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-10 23:51 - 2013-11-08 05:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-10 23:51 - 2013-11-08 02:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-10 23:51 - 2013-11-08 00:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-10 23:51 - 2013-11-07 23:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-10 23:51 - 2013-11-07 23:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-10 23:51 - 2013-11-07 23:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-10 23:51 - 2013-11-07 23:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-10 23:51 - 2013-11-07 23:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-10 23:51 - 2013-11-07 23:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-10 23:51 - 2013-11-07 23:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-10 23:51 - 2013-11-07 22:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-10 23:51 - 2013-11-07 22:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-10 23:51 - 2013-11-05 09:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-10 23:51 - 2013-11-05 09:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-10 23:51 - 2013-11-05 08:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-10 23:51 - 2013-11-05 08:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-10 23:51 - 2013-11-05 08:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-10 23:51 - 2013-11-04 12:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-10 23:51 - 2013-11-04 12:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-10 23:51 - 2013-11-04 08:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-10 23:51 - 2013-11-04 06:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-10 23:51 - 2013-11-04 05:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-10 23:51 - 2013-11-03 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-10 23:51 - 2013-11-03 20:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-10 23:51 - 2013-11-01 06:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-10 23:51 - 2013-11-01 01:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-10 23:51 - 2013-11-01 00:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-10 23:51 - 2013-10-30 19:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-10 23:51 - 2013-10-30 19:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-10 23:51 - 2013-10-30 19:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-10 23:51 - 2013-10-30 19:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-10 23:51 - 2013-10-30 19:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-10 23:51 - 2013-10-30 19:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-10 23:51 - 2013-10-25 20:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-10 23:51 - 2013-10-24 04:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-10 23:51 - 2013-10-24 04:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-10 23:51 - 2013-10-19 03:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-10 23:51 - 2013-10-19 02:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-10 23:51 - 2013-10-17 06:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-10 23:51 - 2013-10-17 05:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-10 23:51 - 2013-10-15 03:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-10 23:51 - 2013-10-15 03:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-10 23:51 - 2013-10-05 09:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-10 23:51 - 2013-10-05 09:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-10 23:51 - 2013-10-05 07:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-10 23:51 - 2013-10-05 07:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-10 23:50 - 2013-11-09 01:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-10 23:50 - 2013-11-09 01:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-10 23:50 - 2013-11-09 00:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-09 22:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-12-09 22:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-12-09 22:14 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2013-12-09 22:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-12-09 22:14 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2013-12-09 22:14 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2013-12-09 22:14 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-12-09 22:14 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-12-09 22:14 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-12-09 22:14 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-12-09 22:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2013-12-09 22:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2013-12-09 22:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-12-09 22:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2013-12-09 22:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-12-09 22:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2013-12-09 22:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-12-09 22:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2013-12-09 22:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-12-09 22:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2013-12-09 22:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-12-09 22:14 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2013-12-09 22:14 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-12-09 22:14 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2013-12-09 22:14 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-12-09 22:14 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2013-12-09 22:14 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-12-09 22:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2013-12-09 22:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-12-09 22:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2013-12-09 22:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-12-09 22:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2013-12-09 22:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-12-09 22:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-12-09 22:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-12-09 22:14 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2013-12-09 22:14 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-12-09 22:14 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-12-09 22:14 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2013-12-09 22:14 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2013-12-09 22:14 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-12-09 22:14 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-12-09 22:14 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2013-12-09 22:14 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-12-09 22:14 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2013-12-09 22:14 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-12-09 22:14 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2013-12-09 22:14 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-12-09 22:14 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2013-12-09 22:14 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-12-09 22:14 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2013-12-09 22:14 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-12-09 22:14 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2013-12-09 22:14 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-12-09 22:14 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2013-12-09 22:14 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-12-09 22:14 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2013-12-09 22:14 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-12-05 13:51 - 2013-12-05 13:51 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-04 23:57 - 2013-12-17 02:54 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-02 22:34 - 2013-12-03 01:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\TS3Client
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-25 22:08 - 2013-11-25 22:59 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Winamp
2013-11-25 22:08 - 2013-11-25 22:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-24 21:13 - 2013-11-24 21:14 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Mount&Blade Warband
2013-11-19 21:48 - 2013-11-19 22:36 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-11-19 21:48 - 2013-11-19 21:48 - 00001043 _____ C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\raidcall
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2013-11-18 13:16 - 2013-12-15 23:06 - 00034990 _____ C:\WINDOWS\DirectX.log
2013-11-18 13:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-11-18 13:16 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2013-11-18 13:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2013-11-18 13:16 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2013-11-18 13:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-18 11:52 - 2013-12-16 00:45 - 00000000 ____D C:\Program Files (x86)\Steam
 
==================== One Month Modified Files and Folders =======
 
2013-12-17 03:07 - 2013-10-03 22:55 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\uTorrent
2013-12-17 03:06 - 2013-12-17 03:06 - 00000000 ____D C:\FRST
2013-12-17 03:06 - 2013-10-02 08:51 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-17 03:06 - 2013-10-01 20:23 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Battle.net
2013-12-17 03:05 - 2013-10-02 13:17 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Deployment
2013-12-17 03:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-17 02:54 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\MediaMonkey
2013-12-17 02:54 - 2013-11-05 22:42 - 00004986 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JAMESDT-JFVan_000 JamesDT
2013-12-17 02:00 - 2013-10-03 01:10 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Adobe
2013-12-16 20:13 - 2013-10-05 12:00 - 01647034 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-16 19:50 - 2013-10-30 18:31 - 00001456 _____ C:\Users\JFVan_000\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-12-16 12:11 - 2013-10-01 17:09 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2894699632-548563910-773313861-1001
2013-12-16 12:06 - 2013-10-02 08:51 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-16 07:24 - 2013-10-01 17:41 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-16 07:20 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-16 00:45 - 2013-11-18 11:52 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-15 23:46 - 2013-10-03 23:51 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\vlc
2013-12-15 23:10 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Ubisoft Game Launcher
2013-12-15 23:06 - 2013-11-18 13:16 - 00034990 _____ C:\WINDOWS\DirectX.log
2013-12-15 23:04 - 2013-12-15 23:04 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-15 23:04 - 2013-12-15 22:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-15 23:04 - 2013-10-01 17:31 - 00000000 ____D C:\Users\JFVan_000
2013-12-12 17:11 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-12 17:06 - 2013-10-01 17:03 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Packages
2013-12-12 08:38 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-12 07:57 - 2013-10-01 17:33 - 00000000 __RDO C:\Users\JFVan_000\SkyDrive
2013-12-11 19:13 - 2013-10-03 00:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-11 18:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-10 23:54 - 2013-10-05 12:06 - 02136144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-10 23:53 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-10 23:52 - 2013-11-12 20:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-10 23:51 - 2013-11-12 20:33 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-10 07:01 - 2013-10-02 11:07 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-05 13:51 - 2013-12-05 13:51 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-05 12:52 - 2013-11-05 18:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-05 12:52 - 2013-11-05 18:34 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-05 01:14 - 2013-10-07 21:08 - 00010319 _____ C:\WINDOWS\setupact.log
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-04 22:41 - 2013-10-11 12:53 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\DVD Catalyst 4
2013-12-04 17:01 - 2013-10-01 20:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-03 21:08 - 2013-10-01 22:19 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-03 19:05 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-03 19:05 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 01:04 - 2013-12-02 22:34 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\TS3Client
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-28 12:01 - 2013-10-02 08:51 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-28 12:01 - 2013-10-02 08:51 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-26 23:22 - 2013-10-11 08:00 - 00003142 _____ C:\WINDOWS\PFRO.log
2013-11-26 06:54 - 2013-12-10 23:51 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 05:11 - 2013-12-10 23:51 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 04:41 - 2013-12-10 23:51 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 03:57 - 2013-12-10 23:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 03:38 - 2013-12-10 23:51 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 03:35 - 2013-12-10 23:51 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 03:16 - 2013-12-10 23:51 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 03:02 - 2013-12-10 23:51 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 02:48 - 2013-12-10 23:51 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 02:32 - 2013-12-10 23:51 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 02:26 - 2013-12-10 23:51 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 02:07 - 2013-12-10 23:51 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 01:40 - 2013-12-10 23:51 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 01:34 - 2013-12-10 23:51 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 01:34 - 2013-12-10 23:51 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 01:33 - 2013-12-10 23:51 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 01:27 - 2013-12-10 23:51 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 22:59 - 2013-11-25 22:08 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Winamp
2013-11-25 22:09 - 2013-11-25 22:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-24 21:14 - 2013-11-24 21:13 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Mount&Blade Warband
2013-11-22 23:34 - 2013-12-10 23:51 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-22 23:13 - 2013-12-10 23:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-11-22 22:32 - 2013-12-10 23:51 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-22 22:10 - 2013-12-10 23:51 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-11-19 22:36 - 2013-11-19 21:48 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-11-19 21:57 - 2013-10-01 18:23 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-19 21:48 - 2013-11-19 21:48 - 00001043 _____ C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\raidcall
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2013-11-19 05:30 - 2013-10-01 20:24 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 13:15 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
 
Some content of TEMP:
====================
C:\Users\JFVan_000\AppData\Local\Temp\java-installer.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-08 03:25
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2013 01
Ran by JFVan_000 at 2013-12-17 03:08:28
Running from F:\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.2.30303)
Adobe Photoshop Elements 11 (x32 Version: 11.0)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
ArcSoft TotalMedia Theatre 6 (x32 Version: 6.0.1.123)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.16.2.0)
Assassin's Creed IV Black Flag (x32)
Battle.net (x32)
Borderlands 2 (x32)
BurnAware Free 6.7 (x32)
Carbonite (x32 Version: 5.5.0 build 3621  (Oct-10-2013))
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589)
CCC Help Czech (x32 Version: 2013.0830.1943.33589)
CCC Help Danish (x32 Version: 2013.0830.1943.33589)
CCC Help Dutch (x32 Version: 2013.0830.1943.33589)
CCC Help English (x32 Version: 2013.0830.1943.33589)
CCC Help Finnish (x32 Version: 2013.0830.1943.33589)
CCC Help French (x32 Version: 2013.0830.1943.33589)
CCC Help German (x32 Version: 2013.0830.1943.33589)
CCC Help Greek (x32 Version: 2013.0830.1943.33589)
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589)
CCC Help Italian (x32 Version: 2013.0830.1943.33589)
CCC Help Japanese (x32 Version: 2013.0830.1943.33589)
CCC Help Korean (x32 Version: 2013.0830.1943.33589)
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589)
CCC Help Polish (x32 Version: 2013.0830.1943.33589)
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589)
CCC Help Russian (x32 Version: 2013.0830.1943.33589)
CCC Help Spanish (x32 Version: 2013.0830.1943.33589)
CCC Help Swedish (x32 Version: 2013.0830.1943.33589)
CCC Help Thai (x32 Version: 2013.0830.1943.33589)
CCC Help Turkish (x32 Version: 2013.0830.1943.33589)
ccc-utility64 (Version: 2013.0830.1944.33589)
CDBurnerXP (x32 Version: 4.5.2.4291)
Curse Client (HKCU Version: 5.1.1.792)
Diablo III (x32)
DVD Catalyst 4 v4.4.3.1 (x32 Version: v4.4.3.1)
Elements 11 Organizer (x32 Version: 11.0)
Google Chrome (x32 Version: 31.0.1650.63)
Google Update Helper (x32 Version: 1.3.22.3)
Intel® Rapid Storage Technology (x32 Version: 11.7.0.1013)
LastPass (uninstall only) (x32)
Mac Blu-ray Player (x32 Version: 2.8.10.1365)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaCoder x64 0.8.26.5566 (Version: 0.8.26.5566)
MediaMonkey 4.0 (x32 Version: 4.0)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1011)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
mIRC (x32 Version: 7.32)
Mount and Blade Warband - Demo (x32)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011)
PCSX2 - Playstation 2 Emulator (x32)
Primal Carnage (x32)
PSE11 STI Installer (x32 Version: 11.0)
PunkBuster Services (x32 Version: 0.991)
RaidCall (x32 Version: 7.3.0-1.0.10926.49)
Razer Core (x32 Version: 1.0.1.46)
Razer Synapse 2.0 (x32 Version: 1.15.4)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Risk of Rain (x32)
Samsung Magician (x32 Version: 4.2.1)
Should I Remove It (HKCU Version: 1.0.4)
Should I Remove It (x32 Version: 1.0.4)
Starbound (x32)
Steam (x32)
TeamSpeak 3 Client (x32 Version: 3.0.13)
The Elder Scrolls V: Skyrim (x32)
The Walking Dead (x32)
Tomb Raider (x32)
Uplay (x32 Version: 4.0)
VLC media player 2.1.0 (x32 Version: 2.1.0)
Wacom Tablet (Version: 6.3.6-3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Winamp (x32 Version: 5.66 )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980)
Windows Media Encoder 9 Series (x32)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
World of Warcraft (x32)
XFast LAN v6.61 (Version: 6.61)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2013-08-22 08:25 - 2013-10-05 11:23 - 00000850 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 kona.kontera.com
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {044C0ECB-D77C-4D85-A7C5-01275585901D} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {059889C4-0976-4641-ABC8-E20B6547254E} - System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-2894699632-548563910-773313861-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0CDA7F67-716F-4559-B04D-B637BE0C0E28} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {0F9634F4-A3D1-4306-A28B-9C947862AE8C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-11] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {44EB54DA-99BF-4C0E-A921-321FFAE82D09} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {471B598F-7F3D-40D1-8F0D-7B2C3FC037B0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5460F976-64C8-4E5B-BDFD-CD473722B746} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-JFVanAs@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A693A6E9-FB8C-46CA-932B-88DC7684BE1C} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {AFC322CC-CAED-46DD-853A-EB9386651373} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-02] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8939746-F0D0-4471-A1C4-F818D48C0092} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-02] (Google Inc.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBDF5F67-C618-4BA1-AEE4-BC1F66AFDD02} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-10] (Microsoft Corporation)
Task: {E5336EB1-E0F8-4247-883F-6C2C6F6CE024} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EA9623C2-7909-4B4E-9245-CCB009DA8260} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JAMESDT-JFVan_000 JamesDT => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-12-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-13 21:17 - 2013-11-13 21:17 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-01 20:01 - 2013-06-05 21:09 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-10-02 13:18 - 2013-10-02 13:18 - 00014848 _____ () C:\Users\JFVan_000\AppData\Local\Apps\2.0\2ZKLGEC3.JC0\BC663MYC.ERA\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-10-02 13:18 - 2013-10-02 13:18 - 00035840 _____ () C:\Users\JFVan_000\AppData\Local\Apps\2.0\2ZKLGEC3.JC0\BC663MYC.ERA\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-10-02 13:18 - 2013-10-02 13:18 - 00099840 _____ () C:\Users\JFVan_000\AppData\Local\Apps\2.0\2ZKLGEC3.JC0\BC663MYC.ERA\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2013-08-22 02:19 - 2013-08-22 01:54 - 00792064 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.Xaml.winmd
2013-10-20 23:21 - 2013-10-20 23:21 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\600862031eb4d4cfdc6f4d2025a7990e\Windows.ApplicationModel.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\4c323000d6c8d1d462abb0968333c937\Windows.Storage.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\432868bf54b081b16eaf68729020b30a\Windows.Foundation.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\0ff25bd7c20be35c2e915bb82db13b72\Windows.UI.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\45eee6d0ec199bb4a183edf3d8f2370f\Windows.Networking.ni.dll
2013-08-22 02:19 - 2013-08-22 01:54 - 00121344 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Media.winmd
2013-10-20 23:21 - 2013-10-20 23:21 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\e8f8737bea4f0df4b88bbc4bf24fa2a8\Windows.System.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\aaa76dfc70840ddd1028b4e1783ec5aa\Windows.Devices.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\4e1b0dc15d072d992e08612cd74a34db\Windows.Data.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\e06f4482547bc7feaa453c9e02585f52\Windows.Graphics.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\4f00f54318cefa03d2a77a61e842ffca\Windows.Security.ni.dll
2013-10-20 23:21 - 2013-10-20 23:21 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\e0e7493cf161f0e0899caa7eb5e0e259\Windows.Globalization.ni.dll
2013-10-20 10:14 - 2013-10-20 10:14 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\19a867cd2b799b42f121cd45df10aefb\PSIClient.ni.dll
2013-11-13 21:17 - 2013-11-13 21:17 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-12-11 00:10 - 2013-12-11 00:10 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
2013-12-03 21:05 - 2013-12-03 21:05 - 26118656 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3968\libcef.dll
2013-12-03 21:05 - 2013-12-03 21:05 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3968\libglesv2.dll
2013-12-03 21:05 - 2013-12-03 21:05 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.3968\libegl.dll
2013-11-18 11:54 - 2013-11-06 16:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-11-18 11:54 - 2013-12-11 14:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-11-18 11:54 - 2013-11-06 16:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-11-18 11:54 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-11-18 11:54 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-11-18 11:54 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-11-18 11:54 - 2013-12-11 14:40 - 00121256 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2013-11-18 11:54 - 2013-06-14 18:49 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2013-11-18 11:54 - 2013-06-14 18:49 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2013-12-05 12:07 - 2013-12-03 21:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 12:07 - 2013-12-03 21:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 12:07 - 2013-12-03 21:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 12:07 - 2013-12-03 21:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 12:07 - 2013-12-03 21:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 12:07 - 2013-12-03 21:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
2013-10-10 08:03 - 2013-12-15 23:08 - 26054456 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2012-12-13 17:21 - 2010-10-03 17:04 - 00199310 _____ () F:\Documents\MUSHclient\lua5.1.dll
2012-12-13 17:21 - 2009-01-25 22:17 - 00483328 _____ () F:\Documents\MUSHclient\locale\EN.dll
2013-11-13 21:15 - 2013-11-13 21:15 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-11 00:09 - 2013-12-11 00:09 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-11-13 21:15 - 2013-11-13 21:16 - 01027240 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\JFVan_000\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07750112.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\07750112.sys => ""="Driver"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/15/2013 11:05:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (12/15/2013 03:41:56 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (12/13/2013 00:14:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Faulting module name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Exception code: 0x40000015
Fault offset: 0x00601b82
Faulting process id: 0x349c
Faulting application start time: 0xstarbound.exe0
Faulting application path: starbound.exe1
Faulting module path: starbound.exe2
Report Id: starbound.exe3
Faulting package full name: starbound.exe4
Faulting package-relative application ID: starbound.exe5
 
Error: (12/12/2013 09:57:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Faulting module name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Exception code: 0x40000015
Fault offset: 0x00601bef
Faulting process id: 0x38b4
Faulting application start time: 0xstarbound.exe0
Faulting application path: starbound.exe1
Faulting module path: starbound.exe2
Report Id: starbound.exe3
Faulting package full name: starbound.exe4
Faulting package-relative application ID: starbound.exe5
 
Error: (12/12/2013 02:50:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Faulting module name: starbound.exe, version: 0.9.0.0, time stamp: 0x52a8e055
Exception code: 0x40000015
Fault offset: 0x00601b82
Faulting process id: 0x4130
Faulting application start time: 0xstarbound.exe0
Faulting application path: starbound.exe1
Faulting module path: starbound.exe2
Report Id: starbound.exe3
Faulting package full name: starbound.exe4
Faulting package-relative application ID: starbound.exe5
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (12/12/2013 08:58:01 AM) (Source: PerfNet) (User: )
Description: 
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
 
 
System errors:
=============
Error: (12/16/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/15/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/14/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/13/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/12/2013 07:04:00 PM) (Source: DCOM) (User: JAMESDT)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JamesDTJFVan_000S-1-5-21-2894699632-548563910-773313861-1001LocalHost (Using LRPC)C49B256F.SlackerRadio_1.1.0.7_x64__w203ptv5wvzt2S-1-15-2-3685482403-2002377742-453062577-552673082-3418983161-501635856-916713407
 
Error: (12/12/2013 07:04:00 PM) (Source: DCOM) (User: JAMESDT)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JamesDTJFVan_000S-1-5-21-2894699632-548563910-773313861-1001LocalHost (Using LRPC)C49B256F.SlackerRadio_1.1.0.7_x64__w203ptv5wvzt2S-1-15-2-3685482403-2002377742-453062577-552673082-3418983161-501635856-916713407
 
Error: (12/12/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (12/11/2013 09:23:56 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (12/11/2013 09:23:56 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (12/11/2013 07:00:59 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (12/15/2013 11:05:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (12/15/2013 03:41:56 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
Error: (12/13/2013 00:14:45 AM) (Source: Application Error)(User: )
Description: starbound.exe0.9.0.052a8e055starbound.exe0.9.0.052a8e0554000001500601b82349c01cef7af3b583a1aE:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exeE:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe7a1b3106-63b5-11e3-be89-bc5ff484a8e6
 
Error: (12/12/2013 09:57:26 PM) (Source: Application Error)(User: )
Description: starbound.exe0.9.0.052a8e055starbound.exe0.9.0.052a8e0554000001500601bef38b401cef7ada18fc4e2E:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exeE:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe4b5bd35a-63a2-11e3-be89-bc5ff484a8e6
 
Error: (12/12/2013 02:50:43 PM) (Source: Application Error)(User: )
Description: starbound.exe0.9.0.052a8e055starbound.exe0.9.0.052a8e0554000001500601b82413001cef77013d7e07bE:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exeE:\Program Files (x86)\SteamLibrary\steamapps\common\Starbound\win32\starbound.exeaee7c417-6366-11e3-be89-bc5ff484a8e6
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (12/12/2013 08:58:01 AM) (Source: PerfNet)(User: )
Description: 
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib)(User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib)(User: )
Description: LsaC:\Windows\System32\Secur32.dll8
 
Error: (12/12/2013 08:58:01 AM) (Source: Perflib)(User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-12-12 14:55:23.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-12 14:55:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.399
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.295
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.256
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.239
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.192
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2013-12-11 20:45:04.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 47%
Total physical RAM: 16337.32 MB
Available physical RAM: 8643.57 MB
Total Pagefile: 18769.32 MB
Available Pagefile: 7536.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.37 GB) (Free:96.08 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:317.64 GB) NTFS
Drive f: () (Fixed) (Total:931.51 GB) (Free:102.94 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2422F7E1)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 233 GB) (Disk ID: EA73E0EE)
 
Partition: GPT Partition Type
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 01671E34)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 17 December 2013 - 09:50 AM

Greetings and welcome.

Do you recognize this IP address belonging to NTT America?

129.250.48.6

Please consider and do this.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Virustotal Online Virus Scanner

--------------------
  • Please go to Virustotal
  • Select Choose File
  • Navigate to the following file (if multiple files then one at a time), double click on it so the file name is populated, then click Scan it!
  • IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.

F:\Documents\MUSHclient\MUSHclient.exe

  • Once completed, highlight the information in the address bar and copy then paste the link in your reply
virustotal.jpg

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Virustotal link

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 17 December 2013 - 06:23 PM

I don't recognize that IP address, I have uninstalled utorrent, and below is the url for the Virustotal scan

https://www.virustotal.com/en/file/aebd7c95636eea8b804b748f02572e4cb6311c3672c0fb847c4231cdd35489c2/analysis/1387321749/

 

 



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 17 December 2013 - 06:48 PM

We are going to clean up that entry.

Do you have other computers attached to the wireless network you are on when you experience these issues? If so, are those computers working properly? Do you have Verizon internet?

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
Tcpip\..\Interfaces\{B5E4F1BE-AA07-4E11-AAE5-7666C61EE8B3}: [NameServer]199.45.32.40,129.250.48.6
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Rerun a full FRST scan and post the results
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Answer to questions
  • Fixlog
  • FRST log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 17 December 2013 - 07:10 PM

There is one other desktop running Windows 7 on the network which is generally on all the time but it is working properly. I do have Verizon FIOS internet. My computer has been running fine for the last several days but the trouble is that the issue I am having does not happen regularly. Sometimes weeks go by without anything odd happening, and then suddenly it happens again. It's part of what has me so baffled with it. Logs posted below:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2013 02
Ran by JFVan_000 at 2013-12-17 18:55:08 Run:1
Running from F:\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Tcpip\..\Interfaces\{B5E4F1BE-AA07-4E11-AAE5-7666C61EE8B3}: [NameServer]199.45.32.40,129.250.48.6
*****************
 
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B5E4F1BE-AA07-4E11-AAE5-7666C61EE8B3}\\NameServer => Value deleted successfully.
 
==== End of Fixlog ====
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2013 02
Ran by JFVan_000 (administrator) on JAMESDT on 17-12-2013 18:57:50
Running from F:\Desktop
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(ArcSoft Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe
(Curse) C:\Users\JFVan_000\AppData\Local\Apps\2.0\2ZKLGEC3.JC0\BC663MYC.ERA\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\RazerCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cfosspeed.exe [1441152 2011-10-19] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
Startup: C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x14C2C091F2BECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 kona.kontera.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.smashbros.com/us/"
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail Offline) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (Google Calendar) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (A Journey through Middle-earth) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni\0.0.1.3_0
CHR Extension: (LastPass) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.16_0
CHR Extension: (Evernote Web) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0
CHR Extension: (Facebook Notifications) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0
CHR Extension: (Google Wallet) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (ScriptSafe) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf\1.0.6.16_0
CHR Extension: (Dolphin Connect) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll\1.3_0
CHR Extension: (Evernote Web Clipper) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0.3_0
CHR Extension: (Gmail) - C:\Users\JFVan_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
==================== Services (Whitelisted) =================
 
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44064 2013-07-08] (ArcSoft, Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [75136 2013-12-15] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [604192 2013-03-19] ()
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2013-10-01] (Asmedia Technology)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-10-13] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [34984 2013-10-13] (Razer Inc)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-17 03:06 - 2013-12-17 18:54 - 00000000 ____D C:\FRST
2013-12-15 23:04 - 2013-12-15 23:10 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Ubisoft Game Launcher
2013-12-15 23:04 - 2013-12-15 23:04 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-15 23:04 - 2012-06-19 07:02 - 03123272 ____R C:\WINDOWS\SysWOW64\pbsvc.exe
2013-12-15 22:13 - 2013-12-15 23:04 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-10 23:51 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-10 23:51 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-10 23:51 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-10 23:51 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-10 23:51 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-10 23:51 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-10 23:51 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-10 23:51 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-10 23:51 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-10 23:51 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-10 23:51 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-10 23:51 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-10 23:51 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-10 23:51 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-10 23:51 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-10 23:51 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-10 23:51 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-10 23:51 - 2013-11-22 23:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-10 23:51 - 2013-11-22 23:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-10 23:51 - 2013-11-22 22:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-10 23:51 - 2013-11-22 22:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-10 23:51 - 2013-11-11 18:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 23:51 - 2013-11-11 18:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 23:51 - 2013-11-11 18:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-10 23:51 - 2013-11-11 18:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-10 23:51 - 2013-11-10 21:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-10 23:51 - 2013-11-09 06:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-10 23:51 - 2013-11-09 01:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-10 23:51 - 2013-11-09 00:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-10 23:51 - 2013-11-08 05:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-10 23:51 - 2013-11-08 02:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-10 23:51 - 2013-11-08 00:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-10 23:51 - 2013-11-07 23:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-10 23:51 - 2013-11-07 23:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-10 23:51 - 2013-11-07 23:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-10 23:51 - 2013-11-07 23:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-10 23:51 - 2013-11-07 23:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-10 23:51 - 2013-11-07 23:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-10 23:51 - 2013-11-07 23:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-10 23:51 - 2013-11-07 22:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-10 23:51 - 2013-11-07 22:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-10 23:51 - 2013-11-05 09:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-10 23:51 - 2013-11-05 09:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-10 23:51 - 2013-11-05 08:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-10 23:51 - 2013-11-05 08:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-10 23:51 - 2013-11-05 08:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-10 23:51 - 2013-11-04 12:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-10 23:51 - 2013-11-04 12:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-10 23:51 - 2013-11-04 08:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-10 23:51 - 2013-11-04 06:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-10 23:51 - 2013-11-04 05:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-10 23:51 - 2013-11-03 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-10 23:51 - 2013-11-03 20:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-10 23:51 - 2013-11-01 06:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-10 23:51 - 2013-11-01 01:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-10 23:51 - 2013-11-01 00:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-10 23:51 - 2013-10-30 19:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-10 23:51 - 2013-10-30 19:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-10 23:51 - 2013-10-30 19:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-10 23:51 - 2013-10-30 19:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-10 23:51 - 2013-10-30 19:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-10 23:51 - 2013-10-30 19:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-10 23:51 - 2013-10-25 20:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-10 23:51 - 2013-10-24 04:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-10 23:51 - 2013-10-24 04:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-10 23:51 - 2013-10-19 03:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-10 23:51 - 2013-10-19 02:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-10 23:51 - 2013-10-17 06:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-10 23:51 - 2013-10-17 05:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-10 23:51 - 2013-10-15 03:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-10 23:51 - 2013-10-15 03:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-10 23:51 - 2013-10-05 09:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-10 23:51 - 2013-10-05 09:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-10 23:51 - 2013-10-05 07:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-10 23:51 - 2013-10-05 07:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-10 23:50 - 2013-11-09 01:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-10 23:50 - 2013-11-09 01:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-10 23:50 - 2013-11-09 00:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-09 22:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-12-09 22:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-12-09 22:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2013-12-09 22:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2013-12-09 22:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2013-12-09 22:14 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2013-12-09 22:14 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2013-12-09 22:14 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2013-12-09 22:14 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2013-12-09 22:14 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2013-12-09 22:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-12-09 22:14 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2013-12-09 22:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-12-09 22:14 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-12-09 22:14 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2013-12-09 22:14 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2013-12-09 22:14 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-12-09 22:14 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-12-09 22:14 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-12-09 22:14 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-12-09 22:14 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2013-12-09 22:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-12-09 22:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-12-09 22:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2013-12-09 22:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2013-12-09 22:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2013-12-09 22:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-12-09 22:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2013-12-09 22:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-12-09 22:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2013-12-09 22:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-12-09 22:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2013-12-09 22:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2013-12-09 22:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-12-09 22:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2013-12-09 22:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-12-09 22:14 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2013-12-09 22:14 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2013-12-09 22:14 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-12-09 22:14 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2013-12-09 22:14 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2013-12-09 22:14 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-12-09 22:14 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2013-12-09 22:14 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-12-09 22:14 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2013-12-09 22:14 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2013-12-09 22:14 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-12-09 22:14 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2013-12-09 22:14 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-12-09 22:14 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2013-12-09 22:14 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-12-09 22:14 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-12-09 22:14 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2013-12-09 22:14 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-12-09 22:14 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-12-09 22:14 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2013-12-09 22:14 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-12-09 22:14 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-12-09 22:14 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-12-09 22:14 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2013-12-09 22:14 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2013-12-09 22:14 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-12-09 22:14 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2013-12-09 22:14 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-12-09 22:14 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2013-12-09 22:14 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-12-09 22:14 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2013-12-09 22:14 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-12-09 22:14 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2013-12-09 22:14 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-12-09 22:14 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2013-12-09 22:14 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-12-09 22:14 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2013-12-09 22:14 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-12-09 22:14 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2013-12-09 22:14 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-12-09 22:14 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2013-12-09 22:14 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-12-09 22:14 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2013-12-09 22:14 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-12-05 13:51 - 2013-12-05 13:51 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-04 23:57 - 2013-12-17 02:54 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-02 22:34 - 2013-12-03 01:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\TS3Client
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-25 22:08 - 2013-11-25 22:59 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Winamp
2013-11-25 22:08 - 2013-11-25 22:09 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-24 21:13 - 2013-11-24 21:14 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Mount&Blade Warband
2013-11-19 21:48 - 2013-11-19 22:36 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-11-19 21:48 - 2013-11-19 21:48 - 00001043 _____ C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\raidcall
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2013-11-18 13:16 - 2013-12-15 23:06 - 00034990 _____ C:\WINDOWS\DirectX.log
2013-11-18 13:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2013-11-18 13:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-11-18 13:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-11-18 13:16 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2013-11-18 13:16 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2013-11-18 13:16 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2013-11-18 13:16 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-18 11:52 - 2013-12-16 00:45 - 00000000 ____D C:\Program Files (x86)\Steam
 
==================== One Month Modified Files and Folders =======
 
2013-12-17 18:54 - 2013-12-17 03:06 - 00000000 ____D C:\FRST
2013-12-17 18:13 - 2013-10-01 17:09 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2894699632-548563910-773313861-1001
2013-12-17 18:06 - 2013-10-02 08:51 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-17 18:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-17 17:59 - 2013-10-03 22:55 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\uTorrent
2013-12-17 12:18 - 2013-10-02 13:17 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Deployment
2013-12-17 12:06 - 2013-10-02 08:51 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-17 10:03 - 2013-10-05 12:00 - 01695055 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-17 09:47 - 2013-11-05 22:42 - 00004986 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for JAMESDT-JFVan_000 JamesDT
2013-12-17 08:05 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-17 07:18 - 2013-10-01 17:33 - 00000000 __RDO C:\Users\JFVan_000\SkyDrive
2013-12-17 03:16 - 2013-10-01 20:23 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Battle.net
2013-12-17 02:54 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\MediaMonkey
2013-12-17 02:00 - 2013-10-03 01:10 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Adobe
2013-12-16 19:50 - 2013-10-30 18:31 - 00001456 _____ C:\Users\JFVan_000\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-12-16 07:24 - 2013-10-01 17:41 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-16 07:20 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-16 00:45 - 2013-11-18 11:52 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-15 23:46 - 2013-10-03 23:51 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\vlc
2013-12-15 23:10 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Ubisoft Game Launcher
2013-12-15 23:06 - 2013-11-18 13:16 - 00034990 _____ C:\WINDOWS\DirectX.log
2013-12-15 23:04 - 2013-12-15 23:04 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00075136 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-15 23:04 - 2013-12-15 23:04 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-15 23:04 - 2013-12-15 22:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-15 23:04 - 2013-10-01 17:31 - 00000000 ____D C:\Users\JFVan_000
2013-12-12 17:06 - 2013-10-01 17:03 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\Packages
2013-12-12 08:38 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 19:13 - 2013-10-03 00:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-11 18:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-10 23:54 - 2013-10-05 12:06 - 02136144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-10 23:53 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-10 23:53 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-10 23:52 - 2013-11-12 20:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-10 23:51 - 2013-11-12 20:33 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-10 07:01 - 2013-10-02 11:07 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-05 13:51 - 2013-12-05 13:51 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-05 12:52 - 2013-11-05 18:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-05 12:52 - 2013-11-05 18:34 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-05 01:14 - 2013-10-07 21:08 - 00010319 _____ C:\WINDOWS\setupact.log
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Users\JFVan_000\AppData\Local\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-04 23:57 - 2013-12-04 23:57 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-04 22:41 - 2013-10-11 12:53 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\DVD Catalyst 4
2013-12-04 17:01 - 2013-10-01 20:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-03 21:08 - 2013-10-01 22:19 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-03 19:05 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-03 19:05 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-03 01:04 - 2013-12-02 22:34 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\TS3Client
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-11-28 12:01 - 2013-10-02 08:51 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-28 12:01 - 2013-10-02 08:51 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-26 23:22 - 2013-10-11 08:00 - 00003142 _____ C:\WINDOWS\PFRO.log
2013-11-26 06:54 - 2013-12-10 23:51 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 05:11 - 2013-12-10 23:51 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 04:41 - 2013-12-10 23:51 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 03:57 - 2013-12-10 23:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 03:38 - 2013-12-10 23:51 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 03:35 - 2013-12-10 23:51 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 03:16 - 2013-12-10 23:51 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 03:02 - 2013-12-10 23:51 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 02:48 - 2013-12-10 23:51 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 02:32 - 2013-12-10 23:51 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 02:26 - 2013-12-10 23:51 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 02:07 - 2013-12-10 23:51 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 01:40 - 2013-12-10 23:51 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 01:34 - 2013-12-10 23:51 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 01:34 - 2013-12-10 23:51 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 01:33 - 2013-12-10 23:51 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 01:27 - 2013-12-10 23:51 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 22:59 - 2013-11-25 22:08 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Winamp
2013-11-25 22:09 - 2013-11-25 22:08 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-24 21:14 - 2013-11-24 21:13 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Mount&Blade Warband
2013-11-22 23:34 - 2013-12-10 23:51 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-22 23:13 - 2013-12-10 23:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-11-22 22:32 - 2013-12-10 23:51 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-22 22:10 - 2013-12-10 23:51 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-11-19 22:36 - 2013-11-19 21:48 - 00000000 ____D C:\Program Files (x86)\RaidCall
2013-11-19 21:57 - 2013-10-01 18:23 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-19 21:48 - 2013-11-19 21:48 - 00001043 _____ C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\raidcall
2013-11-19 21:48 - 2013-11-19 21:48 - 00000000 ____D C:\Users\JFVan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
2013-11-19 05:30 - 2013-10-01 20:24 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 13:15 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
 
Some content of TEMP:
====================
C:\Users\JFVan_000\AppData\Local\Temp\java-installer.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-17 09:10
 
==================== End Of Log ============================

 



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 17 December 2013 - 07:23 PM

Can you tell me if you have reset your modem/router?

Please run this.

===================================================

Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Reset modem/router?
  • Did TFC run properly?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 18 December 2013 - 07:13 AM

I have done quick router reboots/soft resets within the past few weeks, but today I fully reset my router to defaults and changed the username and password. TFC seemed to run properly.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 18 December 2013 - 09:58 AM

Please let me know if resetting helps at all. A hard reboot is really what is needed to address any potential compromise.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 20 December 2013 - 08:24 PM

Greetings,

How are we doing?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Delphinus

Delphinus
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryland
  • Local time:08:38 AM

Posted 20 December 2013 - 10:48 PM

So far so good. But I have had long periods where nothing strange happened, only for the issue to suddenly show up again. I know you can't really keep my thread open indefinitely, but if the problem comes up again, I suppose I could send you a message and we could go from there?



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 AM

Posted 20 December 2013 - 10:53 PM

I wouldn't be too surprised if this resolves your issue.  There is nothing else I can think of that hasn't already been covered.  I will leave the topic open until tomorrow just to give it a bit more time.  If it surfaces again after the topic is closed you can certainly send me a Personal Message.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users