Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DCOM and Plug and Play terminate, cause reoboot


  • This topic is locked This topic is locked
59 replies to this topic

#1 LasagnaTheories

LasagnaTheories

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 08:08 PM

Hello! I was directed here after posting in the Am I infected forum. DDS log at the bottom
 
Here is my original post

 
Over the past couple weeks I've been trying to figure out what's wrong and have even reformatted my computer to a different hard drive trying to fix it. Then it came back today. It's been maybe a week since reformat.
 
I've received several error messages:
Windows must now restart because the DCOM server process launcher service terminated unexpectedly
Windows must now restart because the Plug and Play service terminated unexpectedly
 
symptoms include computer slowing down and svchost.exe (hosting Plug and Plan and DCOM) climbs stealing in memory use form 10k when it starts to over 3,000k when it tries to restart my computer after closing either DCOM or Plug and Play
 
I'm Running Windows 7 Ultimate 64 bit
12gb RAM
 
Help me out guys! I can't do anything for more than 3 or 4 hours until this pops up
 
If it helps, here's the Rkill log:

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
 
Program started at: 01/06/2014 06:57:56 PM in x64 mode.
Windows Version: Windows 7 Ultimate 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\PC\Desktop\rkill\rkill-01-06-2014-06-58-00.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * C:\Windows\System32\rpcss.dll : 510,464 : 07/13/2009 07:41 PM : e2653bd02019ced856a18e3d0316a8a4 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll : 509,440 : 07/13/2009 07:41 PM : 7266972e86890e2b30c0c322e906b027 [Pos Repl]
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 01/06/2014 06:58:09 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

 
 
 
 
 
DDS.log

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7600.16385
Run by PC at 19:05:46 on 2014-01-06
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.12184.8667 [GMT -6:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antispyware *Enabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify] "C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
uRun: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Spotify Web Helper] "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9B258F56-1AEB-4CFA-82FC-ED8F552571A2} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2012-10-10 705552]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2012-7-6 93160]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2010-1-19 103944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-1-1 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 DisplayFusionService;DisplayFusionService;C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2014-1-1 1375600]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2014-1-1 161560]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-2 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-2 15129376]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2014-1-1 363800]
R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-5-28 67904]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2012-11-2 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2012-10-10 587024]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2013-4-15 410008]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2013-4-15 102808]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-1-1 32344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-2 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-1 565352]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
S3 bdsandbox;bdsandbox;C:\Windows\System32\drivers\bdsandbox.sys [2011-11-17 79952]
S3 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2012-4-2 75384]
S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
.
=============== Created Last 30 ================
.
2014-01-05 05:54:12 -------- d-----w- C:\Users\PC\AppData\Roaming\OBS
2014-01-05 05:54:10 -------- d-----w- C:\Program Files\OBS
2014-01-05 05:54:09 -------- d-----w- C:\Program Files (x86)\OBS
2014-01-05 04:17:26 -------- d-----w- C:\Fraps
2014-01-03 15:37:12 -------- d-----w- C:\Program Files\AutoHotkey
2014-01-03 05:00:19 -------- d-----w- C:\Users\PC\AppData\Local\FalloutNV
2014-01-03 02:27:57 -------- d-----w- C:\Users\PC\AppData\Local\NVIDIA Corporation
2014-01-03 02:27:40 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-01-03 02:27:40 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-01-03 02:26:46 -------- d-----w- C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2014-01-02 23:04:59 -------- d-----w- C:\Users\PC\AppData\Local\Black_Tree_Gaming
2014-01-02 22:53:19 -------- d-----w- C:\Users\PC\AppData\Local\Realmware
2014-01-02 22:52:49 -------- d-----w- C:\Users\PC\AppData\Roaming\Realmware
2014-01-02 22:46:10 -------- d-----w- C:\Users\PC\AppData\Local\ESN
2014-01-02 22:43:50 -------- d-----w- C:\Users\PC\AppData\Roaming\NVIDIA
2014-01-02 22:40:04 -------- d-----w- C:\Users\PC\AppData\Local\Logitech
2014-01-02 22:39:32 -------- d-----w- C:\Program Files\Logitech Gaming Software
2014-01-02 22:39:02 -------- d-----w- C:\Users\PC\AppData\Roaming\Logishrd
2014-01-02 22:37:37 -------- d-----w- C:\Users\PC\AppData\Local\NVIDIA
2014-01-02 22:36:16 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-01-02 22:36:16 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-02 22:33:52 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-01-02 22:33:37 -------- d-----w- C:\NVIDIA
2014-01-02 01:19:57 -------- d-----w- C:\Users\PC\AppData\Local\Game Dev Tycoon - Steam
2014-01-01 22:04:30 -------- d-----w- C:\Users\PC\AppData\Local\DayZ
2014-01-01 21:48:52 -------- d-----w- C:\ProgramData\Steam
2014-01-01 21:48:52 -------- d-----w- C:\ProgramData\Orbit
2014-01-01 21:22:58 -------- d--h--w- C:\ProgramData\Common Files
2014-01-01 21:22:43 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2014-01-01 21:22:41 -------- d-----w- C:\Users\PC\AppData\Roaming\DAEMON Tools Pro
2014-01-01 21:22:40 -------- d-----w- C:\Users\PC\AppData\Roaming\OpenCandy
2014-01-01 21:22:40 -------- d-----w- C:\Program Files\DAEMON Tools Pro
2014-01-01 21:21:46 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2014-01-01 21:17:09 -------- d-----w- C:\Users\PC\AppData\Local\Warframe
2014-01-01 21:06:51 -------- d-----w- C:\Users\PC\AppData\Local\Skyrim
2014-01-01 20:58:26 -------- d-----w- C:\Users\PC\AppData\Roaming\DisplayFusion
2014-01-01 20:58:24 -------- d-----w- C:\ProgramData\Binary Fortress Software
2014-01-01 20:58:21 -------- d-----w- C:\Program Files (x86)\DisplayFusion
2014-01-01 20:53:32 -------- d-----w- C:\Users\PC\AppData\Roaming\Screaming Bee
2014-01-01 20:53:32 -------- d-----w- C:\Program Files (x86)\Common Files\Screaming Bee
2014-01-01 20:52:26 -------- d-----w- C:\ProgramData\Screaming Bee
2014-01-01 20:52:26 -------- d-----w- C:\Program Files (x86)\Screaming Bee
2014-01-01 20:39:03 -------- d-----w- C:\Users\PC\AppData\Roaming\3909
2014-01-01 11:30:16 -------- d-----w- C:\Windows\Panther
2014-01-01 11:04:02 -------- d-----w- C:\Users\PC\AppData\Roaming\Malwarebytes
2014-01-01 11:03:56 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-01 11:03:56 -------- d-----w- C:\ProgramData\Malwarebytes
2014-01-01 11:03:56 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 11:03:41 -------- d-----w- C:\Users\PC\AppData\Local\Programs
2014-01-01 11:02:33 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2014-01-01 11:02:32 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2014-01-01 11:02:06 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-01-01 11:02:06 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-01-01 11:02:01 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-01-01 10:49:02 -------- d-----w- C:\Program Files\Unlocker
2014-01-01 10:43:36 -------- d-----w- C:\Users\PC\AppData\Roaming\deluge
2014-01-01 10:32:00 -------- d-----w- C:\Users\PC\AppData\Roaming\Origin
2014-01-01 10:31:59 -------- d-----w- C:\Users\PC\AppData\Local\Origin
2014-01-01 10:25:05 -------- d-----w- C:\ProgramData\Origin
2014-01-01 10:25:05 -------- d-----w- C:\ProgramData\Electronic Arts
2014-01-01 10:20:06 305015 ----a-w- C:\ProgramData\1388571085.bdinstall.bin
2014-01-01 10:19:50 -------- d-----w- C:\ProgramData\BDLogging
2014-01-01 10:19:42 -------- d-----w- C:\Users\PC\AppData\Roaming\Bitdefender
2014-01-01 10:12:00 442088 ----a-w- C:\Windows\System32\drivers\bdfsfltr.sys
2014-01-01 10:12:00 329800 ----a-w- C:\Windows\System32\drivers\trufos.sys
2014-01-01 10:11:31 -------- d-----w- C:\Users\PC\AppData\Local\Spotify
2014-01-01 10:02:09 -------- d-----w- C:\Users\PC\AppData\Local\ATI
2014-01-01 10:02:03 0 ----a-w- C:\Windows\ativpsrm.bin
2014-01-01 10:00:37 -------- d-----w- C:\Users\PC\AppData\Roaming\Spotify
2014-01-01 10:00:28 -------- d-----r- C:\Program Files (x86)\Skype
2014-01-01 09:57:59 -------- d-----w- C:\Windows\System32\appmgmt
2014-01-01 09:57:30 302820 ----a-w- C:\ProgramData\1388570037.bdinstall.bin
2014-01-01 09:57:28 -------- d-----w- C:\Program Files\Bitdefender
2014-01-01 09:54:20 0 ----a-w- C:\Windows\System32\BDSandBoxUISkin32.dll
2014-01-01 09:54:20 0 ----a-w- C:\Windows\System32\BDSandBoxUISkin.dll
2014-01-01 09:54:20 0 ----a-w- C:\Windows\System32\BDSandBoxUH.dll
2014-01-01 09:54:20 -------- d-----w- C:\ProgramData\Bitdefender
2014-01-01 09:54:01 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{32ACAB0E-EBAF-421A-AB4C-6632C4647231}\mpengine.dll
2014-01-01 09:53:58 267936 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-01 09:53:57 -------- d-----w- C:\Users\PC\AppData\Roaming\QuickScan
2014-01-01 09:52:49 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2014-01-01 09:52:47 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2014-01-01 09:46:43 -------- d-----w- C:\Program Files (x86)\VideoLAN
2014-01-01 09:46:04 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-01-01 09:42:59 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2014-01-01 09:41:59 -------- d-----w- C:\ProgramData\Package Cache
2014-01-01 09:41:56 -------- d-----w- C:\Program Files\ATI
2014-01-01 09:40:40 -------- d-----w- C:\Program Files\ATI Technologies
2014-01-01 09:40:10 -------- d-----w- C:\AMD
2014-01-01 09:39:45 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-01-01 09:38:11 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-01-01 09:38:11 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-01-01 09:38:11 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-01-01 09:38:08 -------- d-----w- C:\Program Files (x86)\Realtek
2014-01-01 09:37:10 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-01-01 09:36:28 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2014-01-01 09:35:34 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2014-01-01 09:35:34 -------- d-----w- C:\Intel
2014-01-01 09:34:45 8192 ----a-w- C:\Windows\System32\drivers\rt2870.bin
2014-01-01 09:34:41 -------- d-----w- C:\Users\PC\AppData\Local\NETGEAR
2014-01-01 09:34:41 -------- d-----w- C:\ProgramData\NETGEAR
2014-01-01 09:34:36 -------- d-sh--w- C:\Windows\Installer
2014-01-01 09:34:36 -------- d-----w- C:\Windows\Downloaded Installations
2014-01-01 09:32:53 -------- d-sh--w- C:\Recovery
.
==================== Find3M  ====================
.
2013-12-06 22:49:18 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-12-06 22:44:26 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-12-06 22:07:36 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-12-06 22:07:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-12-06 22:04:10 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-12-06 22:03:46 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-12-06 22:03:00 115512 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-12-06 22:02:38 98496 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-12-06 22:01:52 1318552 ----a-w- C:\Windows\System32\aticfx64.dll
2013-12-06 22:01:04 1100216 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-12-06 22:00:16 9753752 ----a-w- C:\Windows\System32\atidxx64.dll
2013-12-06 21:59:50 8406024 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-12-06 21:59:00 8287008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-12-06 21:58:10 6630232 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-12-06 21:57:20 8927704 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-12-06 21:56:54 7751920 ----a-w- C:\Windows\System32\atiumd64.dll
2013-12-06 21:52:14 13207552 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-12-06 21:38:52 230912 ----a-w- C:\Windows\System32\clinfo.exe
2013-12-06 21:38:40 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2013-12-06 21:38:40 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2013-12-06 21:38:38 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2013-12-06 21:38:38 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2013-12-06 21:38:34 99840 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-12-06 21:38:28 83968 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-12-06 21:38:22 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-12-06 21:38:18 73728 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-12-06 21:37:58 29382144 ----a-w- C:\Windows\System32\amdocl64.dll
2013-12-06 21:35:36 24860160 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-12-06 21:33:28 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-12-06 21:33:24 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-12-06 21:26:44 129536 ----a-w- C:\Windows\System32\coinst_13.251.dll
2013-12-06 21:16:40 26352128 ----a-w- C:\Windows\System32\atio6axx.dll
2013-12-06 21:13:02 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-12-06 21:12:52 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-12-06 21:12:50 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-12-06 21:12:42 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-12-06 21:12:40 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-12-06 21:12:26 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-12-06 21:09:18 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-12-06 20:58:50 22157824 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-12-06 20:53:18 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-12-06 20:53:10 31232 ----a-w- C:\Windows\System32\atimuixx.dll
2013-12-06 20:53:04 588288 ----a-w- C:\Windows\System32\atieclxx.exe
2013-12-06 20:52:10 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-12-06 20:50:36 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-12-06 20:22:42 1144320 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-12-06 20:22:28 825344 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-12-06 20:22:12 74752 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-12-06 20:22:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-12-06 20:22:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-12-06 20:22:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-12-06 20:21:54 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-12-06 20:21:44 626176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2013-12-06 20:18:12 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-11 15:02:02 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-11 15:02:02 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-11 15:01:59 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-11 15:01:59 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-11 15:01:59 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-11 15:01:58 3467927 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-11-11 14:59:28 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 19:05:56.07 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume4
Install Date: 1/1/2014 3:33:06 AM
System Uptime: 1/6/2014 6:56:24 PM (1 hours ago)
.
Motherboard: ASRock | | Z68 Extreme3 Gen3
Processor: Intel® Core™ i7-3770K CPU @ 3.50GHz | CPUSocket | 3501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 22.568 GiB free.
D: is FIXED (NTFS) - 139 GiB total, 69.39 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 3.882 GiB free.
F: is FIXED (NTFS) - 931 GiB total, 463.983 GiB free.
G: is CDROM ()
H: is Removable
J: is FIXED (NTFS) - 1863 GiB total, 1605.119 GiB free.
K: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_0162&SUBSYS_01621849&REV_09\3&11583659&0&10
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_0162&SUBSYS_01621849&REV_09\3&11583659&0&10
Service:
.
Class GUID:
Description: WD SES Device USB Device
Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_1007\575831314141335637303232&1
Manufacturer:
Name: WD SES Device USB Device
PNP Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_1007\575831314141335637303232&1
Service:
.
Class GUID:
Description:
Device ID: ACPI\INT33A0\0
Manufacturer:
Name:
PNP Device ID: ACPI\INT33A0\0
Service:
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Generic Bluetooth Radio
Device ID: USB\VID_0A12&PID_0001\8&29B65555&0&1
Manufacturer: Cambridge Silicon Radio Ltd.
Name: Generic Bluetooth Radio
PNP Device ID: USB\VID_0A12&PID_0001\8&29B65555&0&1
Service: BTHUSB
.
==== System Restore Points ===================
.
RP15: 1/1/2014 2:52:21 PM - Installed MorphVOX Pro
RP16: 1/1/2014 3:06:13 PM - Installed DirectX
RP17: 1/1/2014 3:17:31 PM - Installed DirectX
RP18: 1/1/2014 3:21:22 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP19: 1/1/2014 3:21:29 PM - Installed DirectX
RP20: 1/1/2014 3:22:43 PM - Device Driver Package Install: DT Soft Ltd System devices
RP21: 1/1/2014 3:44:51 PM - Installed DirectX
RP22: 1/1/2014 4:03:52 PM - Installed DirectX
RP23: 1/2/2014 8:27:58 PM - Installed DirectX
RP24: 1/2/2014 10:59:45 PM - Installed DirectX
.
==== Installed Programs ======================
.
7-Zip 9.22beta
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Wireless Display v3.0
AutoHotkey 1.1.13.01
Battlefield 4™
Battlelog Web Plugins
BF4 Settings Editor
Bitdefender Total Security 2012
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
DAEMON Tools Pro
DisplayFusion 5.1.1
ESN Sonar
FileZilla Client 3.7.3
Fraps
GeForce Experience NvStream Client Components
Google Chrome
Google Update Helper
Intel® Management Engine Components
Intel® Trusted Connect Service Client
Logitech Gaming Software
Logitech Gaming Software 8.51
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4.5
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
MorphVOX Pro
NETGEAR WNDA4100
Nexus Mod Manager
NVIDIA 3D Vision Controller Driver 331.82
NVIDIA 3D Vision Driver 331.82
NVIDIA Control Panel 331.82
NVIDIA GeForce Experience 1.8.1
NVIDIA Graphics Driver 331.82
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Open Broadcaster Software
Origin
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
SHIELD Streaming
Skype™ 6.11
Spotify
Steam
The Elder Scrolls V: Skyrim
Unlocker 1.9.2
Uplay
VLC media player 2.1.2
WinRAR 4.00 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
1/6/2014 6:56:46 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
1/6/2014 6:56:42 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
1/6/2014 6:56:42 PM, Error: BTHUSB [5] - The Bluetooth driver expected an HCI event with a certain size but did not receive it.
1/6/2014 6:33:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.
1/6/2014 6:33:20 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/6/2014 6:33:20 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/6/2014 4:42:32 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
1/4/2014 9:28:18 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff800032b3063, 0xfffff8800c93d060, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010414-11138-01.
1/1/2014 7:41:06 AM, Error: volsnap [36] - The shadow copies of volume F: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/1/2014 3:48:35 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
1/1/2014 3:48:35 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 06 January 2014 - 08:46 PM.
Posted Attach log


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 06 January 2014 - 08:40 PM

Greetings LasagnaTheories and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 06 January 2014 - 08:55 PM

Greetings,

Thanks for letting me review your information. Please do this for me.

===================================================

Blitzblank

--------------------

Blitzblank is a powerful tool and care must be taken to follow the steps carefully. Please note the warning you will receive when the program is launched.
  • Download Blitzblank and save it to your Desktop <<< Important
  • Double click the icon
  • Click OK on the warning screen
  • Click the Script tab
  • Copy and paste the following inside the script window
CopyFile:
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll C:\Windows\System32\rpcss.dll
  • Click Execute Now
  • Click OK on the warning window
  • Click OK on the System reboot window
  • You will see a black screen with writing on it indicating the actions being taken
  • Locate C:\blitzblank.txt and copy and paste the contents of that document in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Blitzblank log
  • How is your computer running?

Edited by Oh My, 06 January 2014 - 09:14 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 09:12 PM

My names Aaron, hi!

I get an error when I try and execute

 

Syntax error in line 2, Invalid file path

 

edit: On my current installation erdnt doesn't exist. I tried it with just the other (System32) pathfile and rpcss.dll doesnt exit either.

 

Computer is running at a speed no different than before, but at the moment, svchost.exe is taking up about 800k memory. It was at 150 when I restarted my computer.


Edited by LasagnaTheories, 06 January 2014 - 09:17 PM.


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 06 January 2014 - 09:15 PM

Sorry about that. I modified the script. Please try it again as modified.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 09:21 PM

More info: I had the problem a few weeks ago, my computer would "randomly" restart but I would never see it happen, usually during the night as I leave it on. It wasn't bad at first, then it was terminated the processes after an hour, then 30 minutes, etc. Then I reformatted to a different drive. Then about a week late a new graphics card (AMD to NVidia). And then my computer started going through the "it's not so bad" to "it's restarting every couple hours"

BlitzBlank 1.0.0.32
 
File/Registry Modification Engine native application
CopyFileOnReboot: sourceFile = "\??\c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll", destinationFile = "\??\c:\windows\system32\rpcss.dll"


Edited by LasagnaTheories, 06 January 2014 - 09:24 PM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 06 January 2014 - 09:31 PM

Thanks, please run this for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure Addition.txt is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Farbar logs

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 09:34 PM

Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by PC at 2014-01-06 20:32:54
Running from F:\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Bitdefender Antivirus (Enabled - Up to date) {98CD50CE-5097-4098-9669-6C401FB3969C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {23ACB12A-76AD-4F16-ACD9-57326434DC21}
FW: Bitdefender Firewall (Enabled) {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
 
==================== Installed Programs ======================
 
7-Zip 9.22beta (x32 Version:  - )
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AutoHotkey 1.1.13.01 (Version: 1.1.13.01 - Lexikos)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
BF4 Settings Editor (Version: 1.1 - Realmware)
Bitdefender Total Security 2012 (Version: 15.0.41 - Bitdefender)
Bitdefender Total Security 2012 (Version: 15.0.41 - Bitdefender) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Pro (x32 Version: 5.2.0.0348 - DT Soft Ltd)
DisplayFusion 5.1.1 (x32 Version: 5.1.1.0 - Binary Fortress Software)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.7.3 (HKCU Version: 3.7.3 - Tim Kosse)
Fraps (x32 Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Intel® Management Engine Components (x32 Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.605.1 - Intel Corporation)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MorphVOX Pro (x32 Version: 4.4.7 - Screaming Bee)
NETGEAR WNDA4100 (x32 Version: 1.2.0.2 - NETGEAR) Hidden
Nexus Mod Manager (Version: 0.46.0 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Open Broadcaster Software (x32 Version:  - )
Origin (x32 Version: 9.3.11.2762 - Electronic Arts, Inc.)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (x32 Version:  - Valve Corporation)
The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)
Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb)
Uplay (x32 Version: 4.2 - Ubisoft)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WinRAR 4.00 (64-bit) (Version: 4.00.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
01-01-2014 20:52:21 Installed MorphVOX Pro
01-01-2014 21:06:13 Installed DirectX
01-01-2014 21:17:31 Installed DirectX
01-01-2014 21:21:22 Installed Microsoft Visual C++ 2005 Redistributable
01-01-2014 21:21:29 Installed DirectX
01-01-2014 21:22:43 Device Driver Package Install: DT Soft Ltd System devices
01-01-2014 21:44:51 Installed DirectX
01-01-2014 22:03:52 Installed DirectX
03-01-2014 02:27:58 Installed DirectX
03-01-2014 04:59:45 Installed DirectX
 
==================== Hosts content: ==========================
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1FF963B0-A253-4030-9809-E5951ADD7D88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {87D5CBE4-B86A-4710-BEA8-BF1D70F4C4BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-14 23:08 - 2011-10-14 23:08 - 00262832 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\txmlutil.dll
2012-01-23 19:18 - 2012-01-23 19:18 - 00144912 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\connector.dll
2012-01-23 19:17 - 2012-01-23 19:17 - 00184016 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\framework.dll
2012-04-27 15:08 - 2012-04-27 15:08 - 00098816 _____ () C:\Program Files\Bitdefender\Bitdefender 2012\bdmetrics.dll
2014-01-02 20:27 - 2013-12-09 20:15 - 00093984 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-01-02 20:27 - 2013-12-09 20:15 - 00874784 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-01-01 15:23 - 2014-01-01 04:45 - 00107520 _____ () C:\Program Files\DAEMON Tools Pro\BRD.dll
2014-01-01 04:07 - 2013-12-03 20:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2014-01-01 04:07 - 2013-12-03 20:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2014-01-01 04:07 - 2013-12-03 20:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2014-01-01 04:07 - 2013-12-03 20:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2014-01-01 04:07 - 2013-12-03 20:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2014-01-01 04:11 - 2014-01-01 04:11 - 36967424 _____ () C:\Users\PC\AppData\Roaming\Spotify\Data\libcef.dll
2014-01-01 04:11 - 2014-01-01 04:11 - 00887808 _____ () C:\Users\PC\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-01-01 04:11 - 2014-01-01 04:11 - 00109568 _____ () C:\Users\PC\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-01 03:36 - 2012-02-07 17:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-01-01 04:06 - 2013-11-06 15:48 - 00691200 _____ () F:\Steam\SDL2.dll
2014-01-01 04:06 - 2013-12-11 13:40 - 01135016 _____ () F:\Steam\bin\chromehtml.DLL
2014-01-01 04:06 - 2013-11-06 15:48 - 20625832 _____ () F:\Steam\bin\libcef.dll
2014-01-01 04:06 - 2013-06-14 17:49 - 01100800 _____ () F:\Steam\bin\avcodec-53.dll
2014-01-01 04:06 - 2013-06-14 17:49 - 00124416 _____ () F:\Steam\bin\avutil-51.dll
2014-01-01 04:06 - 2013-06-14 17:49 - 00192000 _____ () F:\Steam\bin\avformat-53.dll
2013-05-02 15:37 - 2013-05-02 15:37 - 01241952 _____ () C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\OggVorbis.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\PC\Desktop\BlitzBlank.exe:BDU
AlternateDataStreams: C:\Users\PC\Downloads\OriginThinSetup.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Video Controller
Description: Video Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Generic Bluetooth Radio
Description: Generic Bluetooth Radio
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Cambridge Silicon Radio Ltd.
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/06/2014 06:57:02 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (01/06/2014 06:57:02 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (01/06/2014 06:33:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 8.0.7600.16385, time stamp: 0x4a5bdfcd
Exception code: 0xc0000005
Fault offset: 0x00000000005be91f
Faulting process id: 0x3b0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (01/06/2014 04:41:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 8.0.7600.16385, time stamp: 0x4a5bdfcd
Exception code: 0xc0000005
Fault offset: 0x00000000005be91f
Faulting process id: 0x3b4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (01/06/2014 08:32:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000012c2e97
Faulting process id: 0x3b0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (01/04/2014 09:53:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: mshtml.dll, version: 8.0.7600.16385, time stamp: 0x4a5bdfcd
Exception code: 0xc0000005
Fault offset: 0x00000000001648b0
Faulting process id: 0x3c8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (01/04/2014 09:29:31 PM) (Source: Application Hang) (User: )
Description: The program rust.exe version 4.3.1.28294 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a88
 
Start Time: 01cf09c64e3b32b4
 
Termination Time: 12
 
Application Path: F:\Steam\steamapps\common\rust\rust.exe
 
Report Id: 9582e570-75b9-11e3-b459-bc5ff436d333
 
Error: (01/03/2014 07:39:00 AM) (Source: Application Error) (User: )
Description: Faulting application name: rust.exe, version: 4.3.1.28294, time stamp: 0x52938f4b
Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdb3b
Exception code: 0xc0000005
Fault offset: 0x00022272
Faulting process id: 0x2290
Faulting application start time: 0xrust.exe0
Faulting application path: rust.exe1
Faulting module path: rust.exe2
Report Id: rust.exe3
 
Error: (01/02/2014 10:57:02 PM) (Source: NVIDIA OpenGL Driver) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.com/page/support.html for more information.
 
Error: (01/01/2014 04:45:49 PM) (Source: Application Hang) (User: )
Description: The program DayZ.exe version 0.30.113.925 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2e4
 
Start Time: 01cf074326501179
 
Termination Time: 23
 
Application Path: F:\Steam\steamapps\common\DayZ\DayZ.exe
 
Report Id: 6e00247c-7336-11e3-a979-bc5ff436d333
 
 
System errors:
=============
Error: (01/06/2014 08:20:19 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (01/06/2014 06:56:46 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (01/06/2014 06:56:42 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (01/06/2014 06:56:42 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
Error: (01/06/2014 06:56:38 PM) (Source: BTHUSB) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.
 
Error: (01/06/2014 06:33:20 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: 
%%1190
 
Error: (01/06/2014 06:33:20 PM) (Source: Service Control Manager) (User: )
Description: The Plug and Play service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
 
Error: (01/06/2014 06:33:20 PM) (Source: Service Control Manager) (User: )
Description: The DCOM Server Process Launcher service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
 
Error: (01/06/2014 05:35:45 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
 
Error: (01/06/2014 05:35:41 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
 
Microsoft Office Sessions:
=========================
Error: (01/06/2014 06:57:02 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (01/06/2014 06:57:02 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (01/06/2014 06:33:20 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll8.0.7600.163854a5bdfcdc000000500000000005be91f3b001cf0b37ff887fb4C:\Windows\system32\svchost.exeC:\Windows\System32\mshtml.dll4e4a6f9c-7733-11e3-96dc-bc5ff436d333
 
Error: (01/06/2014 04:41:40 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll8.0.7600.163854a5bdfcdc000000500000000005be91f3b401cf0aec9ffdfd8aC:\Windows\system32\svchost.exeC:\Windows\System32\mshtml.dllb4b6dfbf-7723-11e3-8312-bc5ff436d333
 
Error: (01/06/2014 08:32:40 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1unknown0.0.0.000000000c000000500000000012c2e973b001cf09ca0f5cf67bC:\Windows\system32\svchost.exeunknown6525605b-76df-11e3-85bd-bc5ff436d333
 
Error: (01/04/2014 09:53:37 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1mshtml.dll8.0.7600.163854a5bdfcdc000000500000000001648b03c801cf09c62ab77bcaC:\Windows\system32\svchost.exeC:\Windows\System32\mshtml.dllf414e29b-75bc-11e3-b459-bc5ff436d333
 
Error: (01/04/2014 09:29:31 PM) (Source: Application Hang)(User: )
Description: rust.exe4.3.1.282941a8801cf09c64e3b32b412F:\Steam\steamapps\common\rust\rust.exe9582e570-75b9-11e3-b459-bc5ff436d333
 
Error: (01/03/2014 07:39:00 AM) (Source: Application Error)(User: )
Description: rust.exe4.3.1.2829452938f4bntdll.dll6.1.7600.163854a5bdb3bc000000500022272229001cf08891a4786dbF:\Steam\steamapps\common\rust\rust.exeC:\Windows\SysWOW64\ntdll.dll663a83a7-747c-11e3-b444-bc5ff436d333
 
Error: (01/02/2014 10:57:02 PM) (Source: NVIDIA OpenGL Driver)(User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.com/page/support.html for more information.
 
Error: (01/01/2014 04:45:49 PM) (Source: Application Hang)(User: )
Description: DayZ.exe0.30.113.9252e401cf07432650117923F:\Steam\steamapps\common\DayZ\DayZ.exe6e00247c-7336-11e3-a979-bc5ff436d333
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-01-06 20:28:06.453
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 20:20:38.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 19:16:34.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 18:56:40.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 17:35:39.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 14:01:26.443
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 13:49:55.048
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 13:38:29.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 13:14:57.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-06 11:26:50.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00220_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 30%
Total physical RAM: 12183.92 MB
Available physical RAM: 8427.79 MB
Total Pagefile: 24365.99 MB
Available Pagefile: 19716.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: (System) (Fixed) (Total:119.24 GB) (Free:22.5 GB) NTFS
Drive d: (Music) (Fixed) (Total:139.4 GB) (Free:69.39 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:9.64 GB) (Free:3.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (1TB HDD) (Fixed) (Total:931.41 GB) (Free:463.98 GB) NTFS
Drive j: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1605.12 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119 GB) (Disk ID: EE77EA22)
Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 149 GB) (Disk ID: C6C1DB2D)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=139 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D6B779F9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: A3E74471)
Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014


Ran by PC (administrator) on PC-PC on 06-01-2014 20:32:25
Running from F:\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\spotify.exe
() C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) F:\Steam\Steam.exe
(Screaming Bee) C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [BDAgent] - C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe [1091200 2012-11-21] (Bitdefender)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\PC\AppData\Roaming\Spotify\spotify.exe [5951488 2014-01-01] (Spotify Ltd)
HKCU\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7952224 2013-11-27] (Binary Fortress Software)
HKCU\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-01] (Spotify Ltd)
MountPoints2: {bf8f3b58-72cb-11e3-a979-bc5ff436d333} - K:\setup.exe
 
==================== Internet (Whitelisted) ====================
 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://google.com/", "
CHR Extension: (Entanglement Web App) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0
CHR Extension: (From Dust) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (CIRC) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebigdkelppomhhjaaianniiifjbgocn\0.6.4_0
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0
CHR Extension: (Mibbit webchat) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi\1.12_0
CHR Extension: (Kainy) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilinehkhipjmalgcldfelaghohhngpak\1.70_0
CHR Extension: (Adblock for Pirate Bay) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd\1.38_0
CHR Extension: (Lord of Ultima) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0
CHR Extension: (CouchPotato) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jochingjncojldfclaicaomboafaiong\0.9.8_0
CHR Extension: (Reddit Enhancement Suite) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0
CHR Extension: (Poppit) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Facebook Notifications) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Hover Zoom) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.29_0
CHR Extension: (Cookie Crumbs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaijpecdpibgpadcelaadjkchdmgobe\0.1_0
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
 
==================== Services (Whitelisted) =================
 
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2014-01-01] ()
S3 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [75384 2012-04-02] (Bitdefender)
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-10-14] (BitDefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2012-05-28] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1957912 2012-11-21] (Bitdefender)
 
==================== Drivers (Whitelisted) ====================
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-10-10] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-10-10] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2012-07-06] (BitDefender LLC)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2011-08-16] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2011-11-17] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-01-01] (DT Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-10-27] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-06 20:32 - 2014-01-06 20:32 - 00000000 ____D C:\FRST
2014-01-06 20:20 - 2014-01-06 20:20 - 00000592 _____ C:\blitzblank.log
2014-01-06 20:10 - 2014-01-06 20:10 - 01153912 _____ (Emsi Software GmbH) C:\Users\PC\Desktop\BlitzBlank.exe
2014-01-06 19:06 - 2014-01-06 19:06 - 00007812 _____ C:\Users\PC\Desktop\attach.txt
2014-01-06 19:06 - 2014-01-06 19:05 - 00022497 _____ C:\Users\PC\Desktop\dds.txt
2014-01-06 18:58 - 2014-01-06 18:58 - 00000000 ____D C:\Users\PC\Desktop\rkill
2014-01-06 18:57 - 2014-01-06 18:58 - 00003890 _____ C:\Users\PC\Desktop\Rkill.txt
2014-01-06 08:36 - 2014-01-06 08:36 - 00000385 _____ C:\Users\PC\AppData\Roaminguser_gensett.xml
2014-01-04 23:54 - 2014-01-04 23:54 - 00000945 _____ C:\Users\PC\Desktop\Open Broadcaster Software.lnk
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\OBS
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Program Files\OBS
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Program Files (x86)\OBS
2014-01-04 22:17 - 2014-01-04 22:17 - 00000568 _____ C:\Users\Public\Desktop\Fraps.lnk
2014-01-04 22:17 - 2014-01-04 22:17 - 00000000 ____D C:\Fraps
2014-01-04 21:28 - 2014-01-04 21:28 - 00434048 _____ C:\Windows\Minidump\010414-11138-01.dmp
2014-01-04 21:28 - 2014-01-04 21:28 - 00000000 ____D C:\Windows\Minidump
2014-01-04 14:07 - 2014-01-04 14:07 - 00037376 _____ C:\Windows\system32\zqmoz.nmw
2014-01-04 07:38 - 2014-01-04 07:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-04 07:38 - 2014-01-04 07:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-04 07:16 - 2014-01-06 18:56 - 00000376 _____ C:\Users\PC\AppData\Roamingprivacy.xml
2014-01-04 07:16 - 2014-01-04 16:10 - 00000088 _____ C:\Windows\system32\ubxnhrp.smt
2014-01-04 07:16 - 2014-01-04 14:07 - 00000099 _____ C:\Windows\system32\ygckbx.rwy
2014-01-04 07:16 - 2014-01-04 07:16 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2014-01-04 07:16 - 2014-01-04 07:16 - 00000064 _____ C:\Windows\system32\tgdflsg.dkd
2014-01-04 07:00 - 2014-01-04 07:00 - 00219314 ____S C:\Windows\system32\qtwxc.bun
2014-01-03 16:08 - 2014-01-03 16:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\FileZilla
2014-01-03 16:08 - 2014-01-03 16:08 - 00002042 _____ C:\Users\PC\Desktop\FileZilla Client.lnk
2014-01-03 16:08 - 2014-01-03 16:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-01-03 16:08 - 2014-01-03 16:08 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2014-01-03 09:37 - 2014-01-03 09:37 - 00000000 ____D C:\Program Files\AutoHotkey
2014-01-02 23:00 - 2014-01-02 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\FalloutNV
2014-01-02 20:27 - 2014-01-02 20:28 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2014-01-02 20:27 - 2013-12-05 02:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-02 20:27 - 2013-12-05 02:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-02 20:26 - 2014-01-02 20:30 - 00000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2014-01-02 20:26 - 2014-01-02 20:26 - 00000887 _____ C:\Users\PC\Desktop\Uplay.lnk
2014-01-02 20:26 - 2014-01-02 20:26 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-02 17:04 - 2014-01-02 17:04 - 00000783 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-01-02 17:04 - 2014-01-02 17:04 - 00000000 ____D C:\Users\PC\Documents\Nexus Mod Manager
2014-01-02 17:04 - 2014-01-02 17:04 - 00000000 ____D C:\Users\PC\AppData\Local\Black_Tree_Gaming
2014-01-02 16:53 - 2014-01-02 16:53 - 00001021 _____ C:\Users\Public\Desktop\BF4 Settings Editor.lnk
2014-01-02 16:53 - 2014-01-02 16:53 - 00000000 ____D C:\Users\PC\AppData\Local\Realmware
2014-01-02 16:52 - 2014-01-02 16:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Realmware
2014-01-02 16:47 - 2014-01-02 16:48 - 00000000 ____D C:\Users\PC\Documents\Battlefield 4
2014-01-02 16:46 - 2014-01-02 16:46 - 00000000 ____D C:\Users\PC\AppData\Local\ESN
2014-01-02 16:43 - 2014-01-02 20:26 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\Leadertech
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\Users\PC\AppData\Local\Logitech
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\ProgramData\LogiShrd
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Logitech
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Logishrd
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2014-01-02 16:37 - 2014-01-02 20:28 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2014-01-02 16:36 - 2014-01-02 16:36 - 00001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-02 16:36 - 2013-12-09 20:13 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-02 16:36 - 2013-12-09 20:13 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-02 16:35 - 2014-01-06 20:20 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-02 16:35 - 2014-01-02 16:35 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-02 16:34 - 2014-01-02 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-02 16:34 - 2014-01-02 20:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-02 16:34 - 2013-12-05 02:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-02 16:34 - 2013-11-14 05:55 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-02 16:34 - 2013-11-14 05:55 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-02 16:34 - 2013-11-14 05:55 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2014-01-02 16:34 - 2013-11-11 09:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-01-02 16:34 - 2013-11-11 09:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-01-02 16:34 - 2013-11-11 09:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin
2014-01-02 16:34 - 2013-11-11 09:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-01-02 16:34 - 2013-11-11 09:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-01-02 16:34 - 2013-11-11 09:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-01-02 16:33 - 2014-01-02 20:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-02 16:33 - 2014-01-02 16:33 - 00000000 ____D C:\NVIDIA
2014-01-01 19:19 - 2014-01-01 20:20 - 00000000 ____D C:\Users\PC\AppData\Local\Game Dev Tycoon - Steam
2014-01-01 18:36 - 2014-01-01 18:36 - 00000719 _____ C:\Users\PC\Desktop\lookatad - Shortcut.lnk
2014-01-01 16:39 - 2014-01-01 16:39 - 00012621 _____ C:\ProgramData\mptmqteo.hmi
2014-01-01 16:04 - 2014-01-03 00:21 - 00000000 ____D C:\Users\PC\AppData\Local\DayZ
2014-01-01 16:04 - 2014-01-01 16:04 - 00000000 ____D C:\Users\PC\Documents\DayZ
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\Users\PC\Documents\Assassin's Creed IV Black Flag
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\ProgramData\Steam
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\ProgramData\Orbit
2014-01-01 15:23 - 2014-01-01 15:23 - 00001731 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2014-01-01 15:22 - 2014-01-01 15:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Pro
2014-01-01 15:22 - 2014-01-01 15:23 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2014-01-01 15:22 - 2014-01-01 15:22 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-01 15:22 - 2014-01-01 15:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenCandy
2014-01-01 15:21 - 2014-01-01 15:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\PC\Documents\Square Enix
2014-01-01 15:17 - 2014-01-02 20:27 - 00000000 ____D C:\Users\PC\AppData\Local\Warframe
2014-01-01 15:06 - 2014-01-01 15:08 - 00000000 ____D C:\Users\PC\AppData\Local\Skyrim
2014-01-01 15:03 - 2014-01-01 15:03 - 00000697 _____ C:\Users\PC\AppData\Local\recently-used.xbel
2014-01-01 14:58 - 2014-01-01 15:00 - 00000000 ____D C:\Users\PC\Documents\DisplayFusion Backups
2014-01-01 14:58 - 2014-01-01 15:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\DisplayFusion
2014-01-01 14:58 - 2014-01-01 15:00 - 00000000 ____D C:\Program Files (x86)\DisplayFusion
2014-01-01 14:58 - 2014-01-01 14:58 - 00000000 ____D C:\ProgramData\Binary Fortress Software
2014-01-01 14:57 - 2014-01-05 21:56 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2014-01-01 14:53 - 2014-01-01 14:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\Screaming Bee
2014-01-01 14:52 - 2014-01-01 14:53 - 00000000 ____D C:\ProgramData\Screaming Bee
2014-01-01 14:52 - 2014-01-01 14:52 - 00002246 _____ C:\Users\PC\Desktop\MorphVOX Pro.lnk
2014-01-01 14:52 - 2014-01-01 14:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-01-01 14:52 - 2014-01-01 14:52 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2014-01-01 14:39 - 2014-01-01 14:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\3909
2014-01-01 14:35 - 2014-01-02 23:00 - 00000000 ____D C:\Users\PC\Documents\my games
2014-01-01 14:35 - 2014-01-01 14:35 - 00003060 _____ C:\Windows\System32\Tasks\{7B4A1105-180F-43A0-8620-F0F71B34B9FB}
2014-01-01 05:32 - 2014-01-01 05:32 - 00001313 _____ C:\Windows\TSSysprep.log
2014-01-01 05:31 - 2014-01-01 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-01 05:30 - 2014-01-01 03:33 - 00000000 ____D C:\Windows\Panther
2014-01-01 05:04 - 2014-01-01 05:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2014-01-01 05:03 - 2014-01-01 05:03 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-01 05:03 - 2014-01-01 05:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 05:03 - 2014-01-01 05:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 05:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 05:02 - 2014-01-04 07:16 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2014-01-01 05:02 - 2014-01-01 05:02 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-01 05:02 - 2014-01-01 05:02 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-01 05:02 - 2014-01-01 05:02 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-01 05:02 - 2014-01-01 05:02 - 00000882 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2014-01-01 05:02 - 2014-01-01 05:02 - 00000866 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-01-01 05:01 - 2014-01-02 23:00 - 00079851 _____ C:\Windows\DirectX.log
2014-01-01 05:01 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-01-01 05:01 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-01-01 05:01 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-01-01 05:01 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-01-01 05:01 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-01-01 05:01 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-01-01 05:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-01-01 05:01 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-01-01 05:01 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-01-01 05:01 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-01-01 05:01 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-01-01 05:01 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-01-01 05:01 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-01-01 05:01 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-01-01 05:01 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-01-01 05:01 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-01-01 05:01 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-01-01 05:01 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-01-01 05:01 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-01-01 05:01 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-01-01 05:01 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-01-01 05:01 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-01-01 05:01 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-01 05:01 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-01-01 05:01 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-01-01 05:01 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-01-01 05:01 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-01-01 05:01 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-01-01 05:01 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-01-01 05:01 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-01-01 05:01 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-01-01 05:01 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-01-01 05:01 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-01-01 05:01 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-01-01 05:01 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-01-01 05:01 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-01-01 05:01 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-01-01 05:01 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-01-01 05:01 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-01-01 05:01 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-01-01 05:01 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-01-01 05:01 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-01-01 05:01 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-01-01 05:01 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-01-01 05:01 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-01-01 05:01 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-01-01 05:01 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-01-01 05:01 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-01-01 05:01 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-01-01 05:01 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-01-01 05:01 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-01-01 05:01 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-01-01 05:01 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-01-01 05:01 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-01-01 05:01 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-01-01 05:01 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-01-01 05:01 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-01-01 05:01 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-01-01 05:01 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-01-01 05:01 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-01-01 05:01 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-01-01 05:01 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-01-01 05:01 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-01-01 05:01 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-01-01 05:01 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-01-01 05:01 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-01-01 05:01 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-01-01 05:01 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-01-01 05:01 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-01-01 05:01 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-01-01 05:01 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-01-01 05:01 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-01-01 05:01 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-01-01 05:01 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-01-01 05:01 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-01-01 05:01 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-01-01 05:01 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-01-01 05:01 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-01-01 05:01 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-01-01 05:01 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-01-01 05:01 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-01-01 05:01 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-01-01 05:01 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-01-01 05:01 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-01-01 05:01 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-01-01 05:01 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-01-01 05:01 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-01-01 05:01 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-01-01 05:01 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-01-01 05:01 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-01-01 05:01 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-01-01 05:01 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-01-01 05:01 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-01-01 05:01 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-01-01 05:01 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-01-01 05:01 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-01-01 05:01 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-01-01 05:01 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-01-01 05:01 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-01-01 05:01 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-01-01 05:01 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-01-01 05:01 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-01-01 05:01 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-01-01 05:01 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-01-01 05:01 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-01-01 05:01 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-01-01 05:01 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-01-01 05:01 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-01-01 05:01 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-01-01 05:01 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-01-01 05:01 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-01-01 05:01 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-01-01 05:01 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-01-01 05:01 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-01-01 05:01 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-01-01 05:00 - 2014-01-01 05:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2014-01-01 05:00 - 2014-01-01 05:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-01 04:59 - 2014-01-01 05:00 - 00000000 ____D C:\Program Files\WinRAR
2014-01-01 04:49 - 2014-01-01 04:49 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-01-01 04:49 - 2014-01-01 04:49 - 00000000 ____D C:\Program Files\Unlocker
2014-01-01 04:43 - 2014-01-01 14:42 - 00000000 ____D C:\Users\PC\AppData\Roaming\deluge
2014-01-01 04:43 - 2014-01-01 04:44 - 00000000 ____D C:\Users\PC\Downloads\DAEMON Tools Pro Advanced v5.2.0. 0348 Including Crack [h33t][iahq76]
2014-01-01 04:32 - 2014-01-01 04:58 - 00000000 ____D C:\Users\PC\AppData\Roaming\Origin
2014-01-01 04:31 - 2014-01-01 05:03 - 00000000 ____D C:\Users\PC\AppData\Local\Origin
2014-01-01 04:27 - 2014-01-01 04:27 - 01138397 _____ C:\Users\PC\Downloads\7z922.exe
2014-01-01 04:27 - 2014-01-01 04:27 - 00591837 _____ C:\Users\PC\Downloads\rtorrent-0.9.2.tar.gz
2014-01-01 04:25 - 2014-01-02 16:47 - 00000000 ____D C:\ProgramData\Origin
2014-01-01 04:25 - 2014-01-02 16:47 - 00000000 ____D C:\ProgramData\Electronic Arts
2014-01-01 04:25 - 2014-01-01 04:40 - 00000000 ____D C:\Users\PC\Desktop\Battlefield 4
2014-01-01 04:25 - 2014-01-01 04:25 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2014-01-01 04:24 - 2014-01-01 04:24 - 16952720 _____ (Electronic Arts, Inc.) C:\Users\PC\Downloads\OriginThinSetup.exe
2014-01-01 04:20 - 2014-01-01 04:20 - 00305015 _____ C:\ProgramData\1388571085.bdinstall.bin
2014-01-01 04:19 - 2014-01-01 04:19 - 00002102 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk
2014-01-01 04:19 - 2014-01-01 04:19 - 00000684 ____H C:\bdr-cf01
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____D C:\Users\PC\AppData\Roaming\Bitdefender
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____D C:\ProgramData\BDLogging
2014-01-01 04:14 - 2014-01-01 04:19 - 00253404 ____H C:\bdr-ld01
2014-01-01 04:14 - 2014-01-01 04:19 - 00009216 ____H C:\bdr-ld01.mbr
2014-01-01 04:14 - 2012-10-31 14:05 - 37133166 ____H C:\bdr-im01.gz
2014-01-01 04:14 - 2012-08-15 14:28 - 02510608 ____H C:\bdr-bz01
2014-01-01 04:12 - 2013-12-17 13:46 - 3360583680 _____ C:\Users\PC\Desktop\rld-ac4bf.iso
2014-01-01 04:12 - 2011-10-27 14:07 - 00329800 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-01-01 04:12 - 2011-08-16 13:59 - 00442088 _____ (BitDefender) C:\Windows\system32\Drivers\bdfsfltr.sys
2014-01-01 04:11 - 2014-01-04 21:56 - 00000000 ____D C:\Users\PC\AppData\Local\Spotify
2014-01-01 04:11 - 2014-01-01 04:11 - 00001795 _____ C:\Users\PC\Desktop\Spotify.lnk
2014-01-01 04:11 - 2014-01-01 04:11 - 00001781 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-01 04:09 - 2014-01-01 04:09 - 01191834 _____ C:\Users\PC\Downloads\ProcessExplorer.zip
2014-01-01 04:08 - 2014-01-01 04:08 - 00865696 _____ C:\Users\PC\Downloads\bitdefender_tsecurity20120112180628.exe
2014-01-01 04:07 - 2014-01-01 04:07 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-01 04:04 - 2014-01-06 20:20 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-01 04:04 - 2014-01-06 20:15 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-01 04:04 - 2014-01-01 04:10 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-01 04:04 - 2014-01-01 04:10 - 00003634 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-01 04:02 - 2014-01-04 07:16 - 00010016 _____ C:\Windows\PFRO.log
2014-01-01 04:02 - 2014-01-01 04:02 - 00057560 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\Users\PC\AppData\Roaming\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\Users\PC\AppData\Local\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\ProgramData\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 _____ C:\Windows\ativpsrm.bin
2014-01-01 04:00 - 2014-01-06 20:26 - 00000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2014-01-01 04:00 - 2014-01-01 04:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-01 03:57 - 2014-01-01 04:14 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-01 03:57 - 2014-01-01 03:57 - 00302820 _____ C:\ProgramData\1388570037.bdinstall.bin
2014-01-01 03:57 - 2014-01-01 03:57 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-01 03:54 - 2014-01-01 04:19 - 00000000 ____D C:\ProgramData\Bitdefender
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUISkin32.dll
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUISkin.dll
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUH.dll
2014-01-01 03:53 - 2014-01-01 03:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\QuickScan
2014-01-01 03:53 - 2013-11-26 12:25 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-01 03:52 - 2014-01-01 04:12 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2014-01-01 03:50 - 2014-01-01 03:52 - 07168896 _____ C:\Users\PC\Downloads\bitdefender_tsecurity.exe
2014-01-01 03:46 - 2014-01-01 03:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2014-01-01 03:45 - 2014-01-06 20:31 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2014-01-01 03:45 - 2014-01-01 04:00 - 00000000 ____D C:\ProgramData\Skype
2014-01-01 03:43 - 2014-01-01 04:07 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2014-01-01 03:43 - 2014-01-01 04:07 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\ProgramData\AMD
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files\Realtek
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-01 03:43 - 2011-06-14 19:38 - 02899176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-01 03:43 - 2011-06-13 19:04 - 01560680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-01 03:43 - 2011-06-10 14:53 - 00625752 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2014-01-01 03:43 - 2011-06-10 14:53 - 00561240 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2014-01-01 03:43 - 2011-06-07 17:09 - 02405992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-01 03:43 - 2011-06-03 14:11 - 01805928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-01 03:43 - 2011-06-02 17:03 - 00092264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-01-01 03:43 - 2011-05-31 10:09 - 03114088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-01 03:43 - 2011-05-27 17:58 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-01-01 03:43 - 2011-05-23 17:12 - 01245288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-01 03:43 - 2011-05-05 15:24 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-01 03:43 - 2011-04-18 18:50 - 02601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-01-01 03:43 - 2010-12-23 19:06 - 00876120 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-01-01 03:43 - 2010-12-23 19:06 - 00738392 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-01 03:43 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-01 03:43 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-01 03:43 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-01 03:43 - 2010-10-15 19:20 - 02261764 _____ C:\Windows\system32\Drivers\rtvienna.dat
2014-01-01 03:43 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-01 03:43 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-01 03:43 - 2010-07-02 19:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-01-01 03:43 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-01 03:43 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-01 03:43 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-01 03:43 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-01 03:43 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-01 03:43 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-01-01 03:43 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-01 03:42 - 2014-01-01 03:42 - 00757660 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files\AMD
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2014-01-01 03:42 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-01-01 03:42 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-01-01 03:42 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-01-01 03:42 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-01-01 03:41 - 2014-01-01 05:02 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-01 03:41 - 2014-01-01 03:41 - 00000000 ____D C:\Program Files\ATI
2014-01-01 03:40 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files\ATI Technologies
2014-01-01 03:40 - 2014-01-01 03:40 - 00000000 ____D C:\AMD
2014-01-01 03:39 - 2014-01-01 03:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-01-01 03:39 - 2010-12-23 11:09 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-01-01 03:38 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2014-01-01 03:38 - 2011-08-23 21:57 - 00565352 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-01 03:38 - 2011-08-23 21:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-01 03:38 - 2011-08-23 21:57 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2014-01-01 03:37 - 2014-01-01 03:37 - 00000000 ____D C:\ProgramData\Intel
2014-01-01 03:37 - 2012-02-07 17:40 - 00015128 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-01-01 03:36 - 2014-01-01 03:37 - 00000000 ____D C:\Program Files\Intel
2014-01-01 03:35 - 2014-01-06 20:19 - 00793452 _____ C:\Windows\WindowsUpdate.log
2014-01-01 03:35 - 2014-01-01 03:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-01 03:35 - 2014-01-01 03:39 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-01 03:35 - 2014-01-01 03:35 - 00001304 _____ C:\Windows\system32\RaCoInst.log
2014-01-01 03:35 - 2014-01-01 03:35 - 00000000 ____D C:\Users\PC\AppData\Roaming\InstallShield
2014-01-01 03:35 - 2014-01-01 03:35 - 00000000 ____D C:\Intel
2014-01-01 03:35 - 2011-11-10 01:04 - 00060184 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\Windows\Downloaded Installations
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\Users\PC\AppData\Local\NETGEAR
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\ProgramData\NETGEAR
2014-01-01 03:34 - 2012-04-30 17:24 - 00008192 _____ C:\Windows\system32\Drivers\rt2870.bin
2014-01-01 03:33 - 2014-01-01 03:33 - 00001447 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-01 03:33 - 2014-01-01 03:33 - 00001413 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-01 03:33 - 2014-01-01 03:33 - 00000020 ___SH C:\Users\PC\ntuser.ini
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ____D C:\Users\PC
2014-01-01 03:33 - 2009-07-13 22:54 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-01 03:33 - 2009-07-13 22:49 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-01 03:32 - 2014-01-01 03:32 - 00000000 __SHD C:\Recovery
 
==================== One Month Modified Files and Folders =======
 
2014-01-06 20:32 - 2014-01-06 20:32 - 00000000 ____D C:\FRST
2014-01-06 20:31 - 2014-01-01 03:45 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2014-01-06 20:26 - 2014-01-01 04:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2014-01-06 20:25 - 2009-07-13 23:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 20:25 - 2009-07-13 22:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 20:25 - 2009-07-13 22:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 20:20 - 2014-01-06 20:20 - 00000592 _____ C:\blitzblank.log
2014-01-06 20:20 - 2014-01-02 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-06 20:20 - 2014-01-01 04:04 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 20:20 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 20:20 - 2009-07-13 22:51 - 00025959 _____ C:\Windows\setupact.log
2014-01-06 20:20 - 2009-07-13 18:00 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-01-06 20:19 - 2014-01-01 03:35 - 00793452 _____ C:\Windows\WindowsUpdate.log
2014-01-06 20:15 - 2014-01-01 04:04 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 20:10 - 2014-01-06 20:10 - 01153912 _____ (Emsi Software GmbH) C:\Users\PC\Desktop\BlitzBlank.exe
2014-01-06 19:06 - 2014-01-06 19:06 - 00007812 _____ C:\Users\PC\Desktop\attach.txt
2014-01-06 19:05 - 2014-01-06 19:06 - 00022497 _____ C:\Users\PC\Desktop\dds.txt
2014-01-06 18:58 - 2014-01-06 18:58 - 00000000 ____D C:\Users\PC\Desktop\rkill
2014-01-06 18:58 - 2014-01-06 18:57 - 00003890 _____ C:\Users\PC\Desktop\Rkill.txt
2014-01-06 18:56 - 2014-01-04 07:16 - 00000376 _____ C:\Users\PC\AppData\Roamingprivacy.xml
2014-01-06 08:36 - 2014-01-06 08:36 - 00000385 _____ C:\Users\PC\AppData\Roaminguser_gensett.xml
2014-01-05 21:56 - 2014-01-01 14:57 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc
2014-01-04 23:54 - 2014-01-04 23:54 - 00000945 _____ C:\Users\PC\Desktop\Open Broadcaster Software.lnk
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\OBS
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Program Files\OBS
2014-01-04 23:54 - 2014-01-04 23:54 - 00000000 ____D C:\Program Files (x86)\OBS
2014-01-04 22:17 - 2014-01-04 22:17 - 00000568 _____ C:\Users\Public\Desktop\Fraps.lnk
2014-01-04 22:17 - 2014-01-04 22:17 - 00000000 ____D C:\Fraps
2014-01-04 21:56 - 2014-01-01 04:11 - 00000000 ____D C:\Users\PC\AppData\Local\Spotify
2014-01-04 21:28 - 2014-01-04 21:28 - 00434048 _____ C:\Windows\Minidump\010414-11138-01.dmp
2014-01-04 21:28 - 2014-01-04 21:28 - 00000000 ____D C:\Windows\Minidump
2014-01-04 16:10 - 2014-01-04 07:16 - 00000088 _____ C:\Windows\system32\ubxnhrp.smt
2014-01-04 14:07 - 2014-01-04 14:07 - 00037376 _____ C:\Windows\system32\zqmoz.nmw
2014-01-04 14:07 - 2014-01-04 07:16 - 00000099 _____ C:\Windows\system32\ygckbx.rwy
2014-01-04 07:38 - 2014-01-04 07:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-04 07:38 - 2014-01-04 07:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-04 07:16 - 2014-01-04 07:16 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2014-01-04 07:16 - 2014-01-04 07:16 - 00000064 _____ C:\Windows\system32\tgdflsg.dkd
2014-01-04 07:16 - 2014-01-01 05:02 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2014-01-04 07:16 - 2014-01-01 04:02 - 00010016 _____ C:\Windows\PFRO.log
2014-01-04 07:00 - 2014-01-04 07:00 - 00219314 ____S C:\Windows\system32\qtwxc.bun
2014-01-03 16:13 - 2014-01-03 16:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\FileZilla
2014-01-03 16:08 - 2014-01-03 16:08 - 00002042 _____ C:\Users\PC\Desktop\FileZilla Client.lnk
2014-01-03 16:08 - 2014-01-03 16:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-01-03 16:08 - 2014-01-03 16:08 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2014-01-03 09:37 - 2014-01-03 09:37 - 00000000 ____D C:\Program Files\AutoHotkey
2014-01-03 09:37 - 2009-07-14 01:46 - 00000000 ____D C:\Windows\ShellNew
2014-01-03 00:21 - 2014-01-01 16:04 - 00000000 ____D C:\Users\PC\AppData\Local\DayZ
2014-01-02 23:00 - 2014-01-02 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\FalloutNV
2014-01-02 23:00 - 2014-01-01 14:35 - 00000000 ____D C:\Users\PC\Documents\my games
2014-01-02 23:00 - 2014-01-01 05:01 - 00079851 _____ C:\Windows\DirectX.log
2014-01-02 20:30 - 2014-01-02 20:26 - 00000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher
2014-01-02 20:28 - 2014-01-02 20:27 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2014-01-02 20:28 - 2014-01-02 16:37 - 00000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2014-01-02 20:28 - 2014-01-02 16:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-02 20:27 - 2014-01-02 16:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-02 20:27 - 2014-01-02 16:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-02 20:27 - 2014-01-01 15:17 - 00000000 ____D C:\Users\PC\AppData\Local\Warframe
2014-01-02 20:26 - 2014-01-02 20:26 - 00000887 _____ C:\Users\PC\Desktop\Uplay.lnk
2014-01-02 20:26 - 2014-01-02 20:26 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-02 20:26 - 2014-01-02 16:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2014-01-02 17:04 - 2014-01-02 17:04 - 00000783 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-01-02 17:04 - 2014-01-02 17:04 - 00000000 ____D C:\Users\PC\Documents\Nexus Mod Manager
2014-01-02 17:04 - 2014-01-02 17:04 - 00000000 ____D C:\Users\PC\AppData\Local\Black_Tree_Gaming
2014-01-02 16:53 - 2014-01-02 16:53 - 00001021 _____ C:\Users\Public\Desktop\BF4 Settings Editor.lnk
2014-01-02 16:53 - 2014-01-02 16:53 - 00000000 ____D C:\Users\PC\AppData\Local\Realmware
2014-01-02 16:52 - 2014-01-02 16:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Realmware
2014-01-02 16:48 - 2014-01-02 16:47 - 00000000 ____D C:\Users\PC\Documents\Battlefield 4
2014-01-02 16:47 - 2014-01-01 04:25 - 00000000 ____D C:\ProgramData\Origin
2014-01-02 16:47 - 2014-01-01 04:25 - 00000000 ____D C:\ProgramData\Electronic Arts
2014-01-02 16:46 - 2014-01-02 16:46 - 00000000 ____D C:\Users\PC\AppData\Local\ESN
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\Leadertech
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\Users\PC\AppData\Local\Logitech
2014-01-02 16:40 - 2014-01-02 16:40 - 00000000 ____D C:\ProgramData\LogiShrd
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Logitech
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Logishrd
2014-01-02 16:39 - 2014-01-02 16:39 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2014-01-02 16:36 - 2014-01-02 16:36 - 00001357 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-02 16:35 - 2014-01-02 16:35 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-02 16:34 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Help
2014-01-02 16:33 - 2014-01-02 16:33 - 00000000 ____D C:\NVIDIA
2014-01-01 20:20 - 2014-01-01 19:19 - 00000000 ____D C:\Users\PC\AppData\Local\Game Dev Tycoon - Steam
2014-01-01 18:36 - 2014-01-01 18:36 - 00000719 _____ C:\Users\PC\Desktop\lookatad - Shortcut.lnk
2014-01-01 16:39 - 2014-01-01 16:39 - 00012621 _____ C:\ProgramData\mptmqteo.hmi
2014-01-01 16:04 - 2014-01-01 16:04 - 00000000 ____D C:\Users\PC\Documents\DayZ
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\Users\PC\Documents\Assassin's Creed IV Black Flag
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\ProgramData\Steam
2014-01-01 15:48 - 2014-01-01 15:48 - 00000000 ____D C:\ProgramData\Orbit
2014-01-01 15:36 - 2014-01-01 15:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\DAEMON Tools Pro
2014-01-01 15:36 - 2014-01-01 15:21 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2014-01-01 15:23 - 2014-01-01 15:23 - 00001731 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2014-01-01 15:23 - 2014-01-01 15:22 - 00000000 ____D C:\Program Files\DAEMON Tools Pro
2014-01-01 15:22 - 2014-01-01 15:22 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-01-01 15:22 - 2014-01-01 15:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\OpenCandy
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\PC\Documents\Square Enix
2014-01-01 15:08 - 2014-01-01 15:06 - 00000000 ____D C:\Users\PC\AppData\Local\Skyrim
2014-01-01 15:03 - 2014-01-01 15:03 - 00000697 _____ C:\Users\PC\AppData\Local\recently-used.xbel
2014-01-01 15:00 - 2014-01-01 14:58 - 00000000 ____D C:\Users\PC\Documents\DisplayFusion Backups
2014-01-01 15:00 - 2014-01-01 14:58 - 00000000 ____D C:\Users\PC\AppData\Roaming\DisplayFusion
2014-01-01 15:00 - 2014-01-01 14:58 - 00000000 ____D C:\Program Files (x86)\DisplayFusion
2014-01-01 14:58 - 2014-01-01 14:58 - 00000000 ____D C:\ProgramData\Binary Fortress Software
2014-01-01 14:53 - 2014-01-01 14:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\Screaming Bee
2014-01-01 14:53 - 2014-01-01 14:52 - 00000000 ____D C:\ProgramData\Screaming Bee
2014-01-01 14:52 - 2014-01-01 14:52 - 00002246 _____ C:\Users\PC\Desktop\MorphVOX Pro.lnk
2014-01-01 14:52 - 2014-01-01 14:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-01-01 14:52 - 2014-01-01 14:52 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2014-01-01 14:42 - 2014-01-01 04:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\deluge
2014-01-01 14:39 - 2014-01-01 14:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\3909
2014-01-01 14:35 - 2014-01-01 14:35 - 00003060 _____ C:\Windows\System32\Tasks\{7B4A1105-180F-43A0-8620-F0F71B34B9FB}
2014-01-01 05:33 - 2009-07-13 22:45 - 00274320 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-01 05:33 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2014-01-01 05:32 - 2014-01-01 05:32 - 00001313 _____ C:\Windows\TSSysprep.log
2014-01-01 05:32 - 2009-07-13 22:46 - 00001774 _____ C:\Windows\DtcInstall.log
2014-01-01 05:32 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\sysprep
2014-01-01 05:31 - 2014-01-01 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-01 05:30 - 2009-07-14 01:46 - 00000000 ____D C:\Windows\CSC
2014-01-01 05:30 - 2009-07-13 23:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2014-01-01 05:30 - 2009-07-13 23:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2014-01-01 05:04 - 2014-01-01 05:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2014-01-01 05:03 - 2014-01-01 05:03 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-01 05:03 - 2014-01-01 05:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 05:03 - 2014-01-01 05:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 05:03 - 2014-01-01 04:31 - 00000000 ____D C:\Users\PC\AppData\Local\Origin
2014-01-01 05:02 - 2014-01-01 05:02 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-01 05:02 - 2014-01-01 05:02 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-01 05:02 - 2014-01-01 05:02 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-01 05:02 - 2014-01-01 05:02 - 00000882 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2014-01-01 05:02 - 2014-01-01 05:02 - 00000866 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-01-01 05:02 - 2014-01-01 03:41 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-01 05:00 - 2014-01-01 05:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2014-01-01 05:00 - 2014-01-01 05:00 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-01 05:00 - 2014-01-01 04:59 - 00000000 ____D C:\Program Files\WinRAR
2014-01-01 04:58 - 2014-01-01 04:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Origin
2014-01-01 04:49 - 2014-01-01 04:49 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-01-01 04:49 - 2014-01-01 04:49 - 00000000 ____D C:\Program Files\Unlocker
2014-01-01 04:44 - 2014-01-01 04:43 - 00000000 ____D C:\Users\PC\Downloads\DAEMON Tools Pro Advanced v5.2.0. 0348 Including Crack [h33t][iahq76]
2014-01-01 04:40 - 2014-01-01 04:25 - 00000000 ____D C:\Users\PC\Desktop\Battlefield 4
2014-01-01 04:27 - 2014-01-01 04:27 - 01138397 _____ C:\Users\PC\Downloads\7z922.exe
2014-01-01 04:27 - 2014-01-01 04:27 - 00591837 _____ C:\Users\PC\Downloads\rtorrent-0.9.2.tar.gz
2014-01-01 04:25 - 2014-01-01 04:25 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2014-01-01 04:24 - 2014-01-01 04:24 - 16952720 _____ (Electronic Arts, Inc.) C:\Users\PC\Downloads\OriginThinSetup.exe
2014-01-01 04:20 - 2014-01-01 04:20 - 00305015 _____ C:\ProgramData\1388571085.bdinstall.bin
2014-01-01 04:19 - 2014-01-01 04:19 - 00002102 _____ C:\Users\Public\Desktop\Bitdefender Total Security 2012.lnk
2014-01-01 04:19 - 2014-01-01 04:19 - 00000684 ____H C:\bdr-cf01
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____D C:\Users\PC\AppData\Roaming\Bitdefender
2014-01-01 04:19 - 2014-01-01 04:19 - 00000000 ____D C:\ProgramData\BDLogging
2014-01-01 04:19 - 2014-01-01 04:14 - 00253404 ____H C:\bdr-ld01
2014-01-01 04:19 - 2014-01-01 04:14 - 00009216 ____H C:\bdr-ld01.mbr
2014-01-01 04:19 - 2014-01-01 03:54 - 00000000 ____D C:\ProgramData\Bitdefender
2014-01-01 04:14 - 2014-01-01 03:57 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-01 04:14 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-01 04:12 - 2014-01-01 03:52 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2014-01-01 04:11 - 2014-01-01 04:11 - 00001795 _____ C:\Users\PC\Desktop\Spotify.lnk
2014-01-01 04:11 - 2014-01-01 04:11 - 00001781 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-01 04:10 - 2014-01-01 04:04 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-01 04:10 - 2014-01-01 04:04 - 00003634 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-01 04:09 - 2014-01-01 04:09 - 01191834 _____ C:\Users\PC\Downloads\ProcessExplorer.zip
2014-01-01 04:08 - 2014-01-01 04:08 - 00865696 _____ C:\Users\PC\Downloads\bitdefender_tsecurity20120112180628.exe
2014-01-01 04:07 - 2014-01-01 04:07 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-01 04:07 - 2014-01-01 03:43 - 00000000 ____D C:\Users\PC\AppData\Local\Google
2014-01-01 04:07 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-01 04:02 - 2014-01-01 04:02 - 00057560 _____ C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\Users\PC\AppData\Roaming\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\Users\PC\AppData\Local\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 ____D C:\ProgramData\ATI
2014-01-01 04:02 - 2014-01-01 04:02 - 00000000 _____ C:\Windows\ativpsrm.bin
2014-01-01 04:00 - 2014-01-01 04:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-01 04:00 - 2014-01-01 03:45 - 00000000 ____D C:\ProgramData\Skype
2014-01-01 03:57 - 2014-01-01 03:57 - 00302820 _____ C:\ProgramData\1388570037.bdinstall.bin
2014-01-01 03:57 - 2014-01-01 03:57 - 00000000 ____D C:\Windows\system32\appmgmt
2014-01-01 03:57 - 2014-01-01 03:46 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUISkin32.dll
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUISkin.dll
2014-01-01 03:54 - 2014-01-01 03:54 - 00000000 _____ C:\Windows\system32\BDSandBoxUH.dll
2014-01-01 03:53 - 2014-01-01 03:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\QuickScan
2014-01-01 03:52 - 2014-01-01 03:50 - 07168896 _____ C:\Users\PC\Downloads\bitdefender_tsecurity.exe
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\ProgramData\AMD
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files\Realtek
2014-01-01 03:43 - 2014-01-01 03:43 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-01 03:43 - 2014-01-01 03:38 - 00000000 ____D C:\Program Files (x86)\Realtek
2014-01-01 03:43 - 2014-01-01 03:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-01 03:42 - 2014-01-01 03:42 - 00757660 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files\AMD
2014-01-01 03:42 - 2014-01-01 03:42 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2014-01-01 03:42 - 2014-01-01 03:40 - 00000000 ____D C:\Program Files\ATI Technologies
2014-01-01 03:41 - 2014-01-01 03:41 - 00000000 ____D C:\Program Files\ATI
2014-01-01 03:40 - 2014-01-01 03:40 - 00000000 ____D C:\AMD
2014-01-01 03:39 - 2014-01-01 03:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-01-01 03:39 - 2014-01-01 03:35 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-01 03:37 - 2014-01-01 03:37 - 00000000 ____D C:\ProgramData\Intel
2014-01-01 03:37 - 2014-01-01 03:36 - 00000000 ____D C:\Program Files\Intel
2014-01-01 03:36 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-01 03:35 - 2014-01-01 03:35 - 00001304 _____ C:\Windows\system32\RaCoInst.log
2014-01-01 03:35 - 2014-01-01 03:35 - 00000000 ____D C:\Users\PC\AppData\Roaming\InstallShield
2014-01-01 03:35 - 2014-01-01 03:35 - 00000000 ____D C:\Intel
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\Windows\Downloaded Installations
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\Users\PC\AppData\Local\NETGEAR
2014-01-01 03:34 - 2014-01-01 03:34 - 00000000 ____D C:\ProgramData\NETGEAR
2014-01-01 03:34 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\system32\restore
2014-01-01 03:33 - 2014-01-01 05:30 - 00000000 ____D C:\Windows\Panther
2014-01-01 03:33 - 2014-01-01 03:33 - 00001447 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-01 03:33 - 2014-01-01 03:33 - 00001413 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-01 03:33 - 2014-01-01 03:33 - 00000020 ___SH C:\Users\PC\ntuser.ini
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ____D C:\Users\PC\AppData\Local\VirtualStore
2014-01-01 03:33 - 2014-01-01 03:33 - 00000000 ____D C:\Users\PC
2014-01-01 03:33 - 2009-07-13 22:45 - 00000000 ____D C:\Windows\Setup
2014-01-01 03:32 - 2014-01-01 03:32 - 00000000 __SHD C:\Recovery
2013-12-17 13:46 - 2014-01-01 04:12 - 3360583680 _____ C:\Users\PC\Desktop\rld-ac4bf.iso
2013-12-09 20:13 - 2014-01-02 16:36 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-12-09 20:13 - 2014-01-02 16:36 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
 
Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\UNINSTALL.EXE
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-01 07:10
 
==================== End Of Log ============================

Edited by Oh My, 06 January 2014 - 10:09 PM.


#9 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 09:58 PM

Update: I've run my normal programs and SVCHost.exe was using 150k when I started. It's been about 30 minutes and it's only increased to 158k.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 06 January 2014 - 10:50 PM

Greetings,

I have a few things for you to run but I must first provide the following caution.

===================================================

CRACKING SOFTWARE WARNING

--------------------
 

Post by quietman7, on 02 October 2009 - 05:16 AM, said:


A Keygen is a program which is used to illegally bypass copy protection on games and commercial software by generating a random serial number, or "cd key", that matches the software it is intended to be used with.

A Cracking tool is used to copy commercial software illegally by breaking the various copy-protection and registration techniques being used.

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Quote
Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

Quote
...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

Quote
...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

Quote
...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

Some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.


===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Clean and close programs if necessary
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
AlternateDataStreams: C:\Users\PC\Desktop\BlitzBlank.exe:BDU
AlternateDataStreams: C:\Users\PC\Downloads\OriginThinSetup.exe:BDU
2014-01-04 14:07 - 2014-01-04 14:07 - 00037376 _____ C:\Windows\system32\zqmoz.nmw
2014-01-04 07:16 - 2014-01-06 18:56 - 00000376 _____ C:\Users\PC\AppData\Roamingprivacy.xml
2014-01-04 07:16 - 2014-01-04 16:10 - 00000088 _____ C:\Windows\system32\ubxnhrp.smt
2014-01-04 07:16 - 2014-01-04 14:07 - 00000099 _____ C:\Windows\system32\ygckbx.rwy
2014-01-04 07:16 - 2014-01-04 07:16 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2014-01-04 07:16 - 2014-01-04 07:16 - 00000064 _____ C:\Windows\system32\tgdflsg.dkd
2014-01-04 07:00 - 2014-01-04 07:00 - 00219314 ____S C:\Windows\system32\qtwxc.bun
2014-01-01 16:39 - 2014-01-01 16:39 - 00012621 _____ C:\ProgramData\mptmqteo.hmi
C:\Users\PC\AppData\Local\Temp\UNINSTALL.EXE
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Farbar log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 06 January 2014 - 11:29 PM

Here is the first. I will post the other 2 shortly.
 

# AdwCleaner v3.016 - Report created 06/01/2014 at 22:25:23
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate  (64 bits)
# Username : PC - PC-PC
# Running from : F:\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\Users\PC\AppData\Roaming\OpenCandy
File Deleted : C:\Users\PC\AppData\Local\Temp\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1605 octets] - [06/01/2014 22:23:36]
AdwCleaner[S0].txt - [1538 octets] - [06/01/2014 22:25:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1598 octets] ##########


Edited by LasagnaTheories, 07 January 2014 - 12:43 AM.


#12 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 07 January 2014 - 12:43 AM

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Ultimate x64
Ran by PC on Mon 01/06/2014 at 22:40:51.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/06/2014 at 22:42:04.35
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-01-2014

Ran by PC at 2014-01-06 23:40:10 Run:1
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AlternateDataStreams: C:\Users\PC\Desktop\BlitzBlank.exe:BDU
AlternateDataStreams: C:\Users\PC\Downloads\OriginThinSetup.exe:BDU
2014-01-04 14:07 - 2014-01-04 14:07 - 00037376 _____ C:\Windows\system32\zqmoz.nmw
2014-01-04 07:16 - 2014-01-06 18:56 - 00000376 _____ C:\Users\PC\AppData\Roamingprivacy.xml
2014-01-04 07:16 - 2014-01-04 16:10 - 00000088 _____ C:\Windows\system32\ubxnhrp.smt
2014-01-04 07:16 - 2014-01-04 14:07 - 00000099 _____ C:\Windows\system32\ygckbx.rwy
2014-01-04 07:16 - 2014-01-04 07:16 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2014-01-04 07:16 - 2014-01-04 07:16 - 00000064 _____ C:\Windows\system32\tgdflsg.dkd
2014-01-04 07:00 - 2014-01-04 07:00 - 00219314 ____S C:\Windows\system32\qtwxc.bun
2014-01-01 16:39 - 2014-01-01 16:39 - 00012621 _____ C:\ProgramData\mptmqteo.hmi
C:\Users\PC\AppData\Local\Temp\UNINSTALL.EXE
*****************
 
C:\Users\PC\Desktop\BlitzBlank.exe => ":BDU" ADS removed successfully.
C:\Users\PC\Downloads\OriginThinSetup.exe => ":BDU" ADS removed successfully.
C:\Windows\system32\zqmoz.nmw => Moved successfully.
C:\Users\PC\AppData\Roamingprivacy.xml => Moved successfully.
C:\Windows\system32\ubxnhrp.smt => Moved successfully.
C:\Windows\system32\ygckbx.rwy => Moved successfully.
C:\Windows\system32\user_gensett.xml => Moved successfully.
C:\Windows\system32\tgdflsg.dkd => Moved successfully.
Could not move "C:\Windows\system32\qtwxc.bun" => Scheduled to move on reboot.
C:\ProgramData\mptmqteo.hmi => Moved successfully.
"C:\Users\PC\AppData\Local\Temp\UNINSTALL.EXE" => File/Directory not found.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-06 23:42:18)<=
 
C:\Windows\system32\qtwxc.bun => Is moved successfully.
 
==== End of Fixlog ====


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 07 January 2014 - 09:05 AM

FRST did a good job deleting things. How is your computer running?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,057 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:56 PM

Posted 11 January 2014 - 05:21 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 LasagnaTheories

LasagnaTheories
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 11 January 2014 - 06:24 PM

Sorry about not replying! SVCHost.exe is no longer infected and causing problems. Although a new problem has appeared. It's happened twice, and I have no idea why. I was running a large amount of programs. Spotify, 10 maybe Chrome tabs, Skype, steam, morphvox, and a steam game, and my computer shut down without warning. Unexpected shutdown, no windows screen or error, just on to off. It was under similar circumstances that this happened again.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users