Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I ran a Generic35.CHFH exe now I don't know what to do.


  • This topic is locked This topic is locked
19 replies to this topic

#1 Deadman3000

Deadman3000

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 16 March 2014 - 09:28 AM

Mod Edit: Moved to Virus, Trojan, Spyware, and Malware Removal Logs
~~boopme


I stupidly ran an exe disguised as a folder and AVG was temporarily disabled at the time. When the folder did not open I realized my mistake. Scanning it with AVG showed it was Generic35.CHFH. Unfortunately I can't find out much information on this through Googling.
 
I immediately performed a virus scan with AVG, Malwarebytes, Spybot S&D and currently slowly scanning with Trend Micro Housecall. AVG found some remnants of something (Like temp/.exe) and removed them. Malwarebytes found nothing. Spybot found some stuff that did not seem related and I am stilll scanning with Housecall which is at 61% and nothing found. I also did a rootkit scan with Spybot and could find nothing that seemed overly suspicious. However I have lost confidence in my system now. I have a True Image backup and am thinking of doing a restore to this mornings backup prior to the infection.
 
Here are a couple of pastes of HijackThis logs. I don't know how to get anymore detailed than these. Please advise. Has anyone even heard of Generic35.CHFH?
 
Big thanks in advance.
 
EDIT: Housecall found nothing. I also uninstalled AVG and installed Kaspersky 2014 trial and it found nothing either. Do you think I am safe?
 
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:59:15, on 16/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\SVP\SVPMgr.exe
C:\Program Files (x86)\CallStation\CStation.exe
C:\Program Files (x86)\CallStation\CStation.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Users\DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\SABnzbd\SABnzbd.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
I:\Software\Shareware\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [LiveUpdate 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKCU\..\Run: [SVPMgr] "C:\Program Files (x86)\SVP\SVPMgr.exe"
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [CallStation] C:\Program Files (x86)\CallStation\CStation.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3640305961-1857829111-264128548-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3640305961-1857829111-264128548-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: Samsung Magician.lnk = C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
O4 - Startup: taskmgr.exe.lnk = C:\Windows\System32\taskmgr.exe
O4 - Global Startup: Killer Network Manager.lnk = ?
O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O4 - Global Startup: UltraMon.lnk = ?
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Seagate Drive Settings Service (FreeAgentGoFlex Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IP Watchdog (IpWatchDog) - ikriv.com - C:\IpWatchDog_1.2\IpWatchDog.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.0.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® Extreme Tuning Utility Service (XTU3SERVICE) - Intel® Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 18269 bytes
 
 
---
 
StartupList report, 16/03/2014, 14:06:03
StartupList version: 1.52.2
Started from : I:\Software\Shareware\HijackThis.EXE
Detected: Windows 7 SP1 (WinNT 6.00.3505)
Detected: Internet Explorer v11.0 (11.00.9600.16518)
* Using default options
==================================================

Running processes:

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\SVP\SVPMgr.exe
C:\Program Files (x86)\CallStation\CStation.exe
C:\Program Files (x86)\CallStation\CStation.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Users\DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\SABnzbd\SABnzbd.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
I:\Software\Shareware\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
Dropbox.lnk = DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe
Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
Samsung Magician.lnk = C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
taskmgr.exe.lnk = C:\Windows\System32\taskmgr.exe

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Killer Network Manager.lnk = ?
Logo Calibration Loader.lnk = C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
ProfileReminder.lnk = C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
UltraMon.lnk = ?

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

WD Quick View = C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
vProt = "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
USB3MON = "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
UpdReg = C:\Windows\UpdReg.EXE
TrueImageMonitor.exe = "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
Sound Blaster Cinema = "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
SAOB Monitor = C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PWRISOVM.EXE = C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
LWS = C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
Fast Boot = C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
CommandCenter = C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
AVG_UI = "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
LiveUpdate 5 = C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
Super-Charger = C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

SVPMgr = "C:\Program Files (x86)\SVP\SVPMgr.exe"
SandboxieControl = "C:\Program Files\Sandboxie\SbieCtrl.exe"
Eraser = C:\Program Files\Eraser\Eraser.exe -hide
CallStation = C:\Program Files (x86)\CallStation\CStation.exe

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\Windows\SysWOW64\appinit_dll.dll

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
(no name) - C:\Program Files (x86)\Java\jre7\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll - {95B7759C-8C7F-4BF1-B163-73684A933233}
(no name) - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
(no name) - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll - {AF949550-9094-4807-95EC-D1C317803333}
URLRedirectionBHO - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL - {B4F3A835-0E21-4959-BA22-42B3008E02FF}
(no name) - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Adobe Flash Player Updater.job
AutoKMS.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Program Files (x86)\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: *Registry key not found*

--------------------------------------------------
End of report, 8,936 bytes
Report generated in 0.032 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only


Edited by boopme, 16 March 2014 - 07:47 PM.


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 19 March 2014 - 07:52 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

HijackThis doesn't handle your version of the operating well. In your case I need to see a DDS Log.
You should remove HijackThis using the Add/Remove Programs list. Use the DDS tool from now on.

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 26 March 2014 - 05:12 AM

AdwCleaner log before clean. Now shows nothing after cleam but will repeat after a reboot and paste here again if anything is found.
 
---
# AdwCleaner v3.022 - Report created 26/03/2014 at 09:39:29
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : DeadMan - ODDBALL
# Running from : I:\Software\Shareware\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Windows\SysWOW64\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\DeadMan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1398 octets] - [26/03/2014 09:39:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1458 octets] ##########
 
---
 
 
JunkWare Removal Tool Log
---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by DeadMan on 26/03/2014 at  9:53:14.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/03/2014 at  9:56:03.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Edited by Deadman3000, 26 March 2014 - 05:30 AM.


#4 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 26 March 2014 - 05:31 AM

Farbar Recover Scan Tool FRST.txt
---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by DeadMan (administrator) on ODDBALL on 26-03-2014 09:57:30
Running from C:\Users\DeadMan\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\AMD\amdacpusrsvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\system32\RAPID\SamsungRapidSvc.exe
(tzuk) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 13\SpeedCommander.exe
() I:\Software\Shareware\adwcleaner.exe
(Mozilla Corporation) C:\Program Files\Cyberfox\Cyberfox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SamsungRapidApp] - C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [40576 2013-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5545328 2014-02-28] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5551288 2011-09-22] (Acronis)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [SAOB Monitor] - C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2537096 2011-09-22] (Acronis)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2014-03-21] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Fast Boot] - C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Run: [SVPMgr] - C:\Program Files (x86)\SVP\SVPMgr.exe [942080 2013-07-15] ()
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [570600 2010-02-03] (tzuk)
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [463248 2009-12-16] (The Eraser Project)
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Run: [CallStation] - C:\Program Files (x86)\CallStation\CStation.exe [1781760 2012-05-23] (Impulse Technology)
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Policies\Explorer: [DisableThumbnailCache] 1
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\MountPoints2: {3486ac26-a930-11e3-8936-10feed02af2e} - P:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3640305961-1857829111-264128548-1000\...\MountPoints2: {781dab1a-b412-11e3-ab8a-448a5b2b8452} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
Startup: C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe.lnk
ShortcutTarget: taskmgr.exe.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CEA33302C33CF01
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  No File
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) =================

R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-03-12] ()
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [356128 2014-03-21] (Kaspersky Lab ZAO)
S4 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S4 Diskeeper; I:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe [2721656 2012-07-27] (Condusiv Technologies)
S4 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
S4 Futuremark SystemInfo Service; I:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
S4 gupdate1cf413c86d8be1e; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-03-16] (Google Inc.)
S4 gupdatem1cf413c872c0e48; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-03-16] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S4 IpWatchDog; C:\IpWatchDog_1.2\IpWatchDog.exe [18432 2012-07-30] (ikriv.com)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
S4 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [94440 2010-02-03] (tzuk)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-02-28] (Western Digital Technologies, Inc.)
S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [271728 2014-02-28] (Western Digital Technologies, Inc.)
S4 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [273632 2014-03-12] (Advanced Micro Devices)
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [82232 2013-11-25] (Asmedia Technology)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R0 DKDFM; C:\Windows\System32\drivers\DKDFM.sys [40752 2012-04-05] (Condusiv Technologies)
S3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [52048 2012-06-18] (Condusiv Technologies)
R0 DKTLFSMF; C:\Windows\System32\drivers\DKTLFSMF.sys [106832 2012-07-09] (Condusiv Technologies)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-03-21] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-05-02] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2014-03-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-03-21] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-03-21] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-03-21] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2014-03-21] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-05-02] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [53552 2013-04-30] (Novation DMS Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [134760 2010-02-03] (tzuk)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-21] (TP-LINK TECHNOLOGIES CO., LTD)
S3 igfx; system32\DRIVERS\igdkmd64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-26 09:57 - 2014-03-26 09:57 - 02157056 _____ (Farbar) C:\Users\DeadMan\Desktop\FRST64.exe
2014-03-26 09:57 - 2014-03-26 09:57 - 00016799 _____ () C:\Users\DeadMan\Desktop\FRST.txt
2014-03-26 09:57 - 2014-03-26 09:57 - 00000000 ____D () C:\FRST
2014-03-26 09:56 - 2014-03-26 09:56 - 00000623 _____ () C:\Users\DeadMan\Desktop\JRT.txt
2014-03-26 09:53 - 2014-03-26 09:53 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 09:52 - 2014-03-26 09:52 - 01038974 _____ (Thisisu) C:\Users\DeadMan\Desktop\JRT.exe
2014-03-26 09:39 - 2014-03-26 09:51 - 00000000 ____D () C:\AdwCleaner
2014-03-26 03:52 - 2014-03-26 03:52 - 00001153 _____ () C:\Users\DeadMan\Desktop\Duplicate Cleaner Free.lnk
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\DigitalVolcano
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-03-25 16:33 - 2014-03-25 16:41 - 00003660 _____ () C:\Windows\System32\Tasks\HG612 Stats Program
2014-03-25 16:22 - 2013-04-30 10:52 - 00021808 _____ (Novation DMS Ltd.) C:\Windows\system32\nvnusbaudio_coinst.dll
2014-03-25 11:42 - 2014-03-25 11:42 - 00000000 ____D () C:\Windows\Minidump
2014-03-24 23:16 - 2014-03-24 23:16 - 00000000 ____D () C:\ProgramData\ClubSanDisk
2014-03-24 21:48 - 2014-03-24 21:48 - 00000000 ____D () C:\Users\DeadMan\Intel
2014-03-24 21:48 - 2014-03-24 21:48 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Intel Corporation
2014-03-24 13:44 - 2014-03-26 04:01 - 03437001 _____ () C:\Windows\setupact.log
2014-03-24 13:44 - 2014-03-24 13:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 13:14 - 2014-03-26 01:29 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-24 13:14 - 2014-03-24 13:14 - 00001032 _____ () C:\Users\DeadMan\Desktop\SpeedFan.lnk
2014-03-24 13:14 - 2014-03-24 13:14 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-03-24 13:14 - 2014-03-24 13:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-03-23 19:33 - 2013-12-20 16:38 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-03-23 17:39 - 2013-12-20 16:38 - 00790512 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-03-23 17:39 - 2013-12-20 16:38 - 00369648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-03-23 17:39 - 2013-12-20 16:38 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-03-23 16:18 - 2014-03-23 16:28 - 00002503 _____ () C:\Users\Public\Desktop\Serato DJ .lnk
2014-03-23 15:55 - 2014-03-23 16:18 - 00000000 ____D () C:\Program Files (x86)\Serato
2014-03-23 15:55 - 2014-03-23 15:55 - 00001021 _____ () C:\Users\DeadMan\Desktop\ITCH.lnk
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkV7
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkNS7
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkNS6
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serato
2014-03-22 19:08 - 2014-03-22 19:08 - 00002085 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IDMComp
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-22 19:03 - 2014-03-22 19:04 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Notepad++
2014-03-22 19:03 - 2014-03-22 19:03 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-22 19:03 - 2014-03-22 19:03 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-03-22 18:41 - 2014-03-22 18:42 - 00001047 _____ () C:\Users\DeadMan\Desktop\dpclat.exe.lnk
2014-03-22 17:16 - 2014-03-22 17:16 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-03-21 16:12 - 2014-03-21 16:12 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-03-21 16:12 - 2014-03-21 16:12 - 00000000 ____D () C:\Program Files\Realtek
2014-03-21 16:12 - 2013-12-10 20:20 - 03771352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-03-21 16:12 - 2013-12-10 10:17 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-03-21 16:12 - 2013-12-09 16:15 - 01998104 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2014-03-21 16:12 - 2013-12-09 16:15 - 01727256 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2014-03-21 16:12 - 2013-12-06 17:29 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-03-21 16:12 - 2013-12-05 20:21 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-03-21 16:12 - 2013-12-04 16:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-03-21 16:12 - 2013-11-26 17:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-03-21 16:12 - 2013-11-25 15:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-03-21 16:12 - 2013-11-25 15:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-03-21 16:12 - 2013-11-14 15:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-03-21 16:12 - 2013-11-13 18:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-03-21 16:12 - 2013-11-13 18:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-03-21 16:12 - 2013-11-13 18:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-03-21 16:12 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-03-21 16:12 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-03-21 16:12 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-03-21 16:12 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-03-21 16:12 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-03-21 16:12 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-03-21 16:12 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-03-21 16:12 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-03-21 16:12 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-03-21 16:12 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-03-21 16:12 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-03-21 16:12 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-03-21 16:12 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-03-21 16:12 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-03-21 16:12 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-03-21 16:09 - 2014-03-21 16:09 - 00002088 _____ () C:\Users\Public\Desktop\Super-Charger.lnk
2014-03-21 16:09 - 2014-03-21 16:09 - 00000000 ___HD () C:\SuperChargerProfile
2014-03-21 16:09 - 2014-03-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-03-21 16:04 - 2014-03-21 16:08 - 00002032 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
2014-03-21 16:03 - 2014-03-21 16:03 - 00001154 _____ () C:\Users\Public\Desktop\Fast Boot.lnk
2014-03-21 15:46 - 2014-03-21 15:46 - 01826929 _____ () C:\Users\DeadMan\Desktop\FixDotNet20140321154651819.cab
2014-03-21 15:28 - 2014-03-21 15:32 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-21 15:28 - 2014-03-21 15:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-21 15:28 - 2013-05-02 17:11 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-21 15:28 - 2013-05-02 17:11 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2014-03-21 15:23 - 2014-03-26 09:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-21 15:22 - 2014-03-21 15:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-21 15:19 - 2014-03-21 15:19 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-20 16:29 - 2014-03-26 09:21 - 00474780 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 15:51 - 2014-03-20 15:51 - 00000000 ____D () C:\Program Files\LatencyMon
2014-03-20 15:51 - 2013-10-21 12:26 - 00025504 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2014-03-20 00:07 - 2014-03-20 00:07 - 14090240 _____ () C:\kernel.etl
2014-03-20 00:07 - 2014-03-20 00:07 - 00000000 ____D () C:\SymCache
2014-03-19 16:05 - 2014-03-19 16:05 - 00000000 ____D () C:\Windows\SysWOW64\ShellExt
2014-03-19 16:05 - 2014-03-19 16:05 - 00000000 ____D () C:\Windows\system32\ShellExt
2014-03-19 15:38 - 2014-03-19 15:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 15:22 - 2014-03-19 16:10 - 00000921 _____ () C:\Windows\QSFVExit.bat
2014-03-19 14:48 - 2014-03-19 14:59 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\FileZilla
2014-03-19 14:48 - 2014-03-19 14:48 - 00002025 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-19 14:48 - 2014-03-19 14:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-03-19 14:40 - 2014-03-19 14:40 - 00000000 ____D () C:\Users\DeadMan\Cam Wizard
2014-03-19 14:33 - 2014-03-19 14:33 - 00001366 _____ () C:\Users\DeadMan\Desktop\HG612 Stats logging GUI.lnk
2014-03-19 13:18 - 2014-03-19 13:18 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-03-19 13:18 - 2014-03-19 13:18 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-03-19 13:18 - 2013-08-29 11:18 - 00040576 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.dll
2014-03-19 13:18 - 2013-08-29 11:18 - 00036992 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.dll
2014-03-19 13:18 - 2013-07-03 15:20 - 00002835 ____N () C:\Windows\MBCfg_SP_APOIM.ini
2014-03-19 13:18 - 2013-07-03 15:20 - 00002783 ____N () C:\Windows\MBCfg_APOIM.ini
2014-03-19 13:18 - 2013-07-03 15:20 - 00002747 ____N () C:\Windows\MBCfg_HP_APOIM.ini
2014-03-19 13:18 - 2013-04-23 10:54 - 00332928 ____N (Creative Technology Ltd.) C:\Windows\system32\ChezSC64.DLL
2014-03-19 13:18 - 2013-04-23 10:54 - 00288896 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ChezSC32.DLL
2014-03-19 13:18 - 2013-04-23 10:54 - 00148096 ____N (Creative Technology Ltd.) C:\Windows\system32\MBCfg64.exe
2014-03-19 13:18 - 2013-04-23 10:53 - 00138880 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\MBCfg32.exe
2014-03-19 13:18 - 2013-04-23 10:53 - 00015488 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\ResDefA.exe
2014-03-19 13:18 - 2013-01-08 10:11 - 00008570 ____N () C:\Windows\system32\MBCfg64.ini
2014-03-19 13:18 - 2013-01-08 10:11 - 00005856 ____N () C:\Windows\system32\MBCfgUninstall64.ini
2014-03-19 13:18 - 2013-01-08 10:10 - 00008570 ____N () C:\Windows\SysWOW64\MBCfg32.ini
2014-03-19 13:18 - 2013-01-08 10:10 - 00005856 ____N () C:\Windows\SysWOW64\MBCfgUninstall32.ini
2014-03-19 13:18 - 2012-11-01 11:23 - 00089600 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-03-19 13:18 - 2012-11-01 11:22 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-03-19 13:18 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\system32\APOMgr64.DLL
2014-03-19 13:18 - 2012-11-01 11:19 - 00246272 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-03-19 13:18 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2014-03-19 13:12 - 2013-09-17 03:20 - 00016344 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-03-19 12:34 - 2014-03-19 12:35 - 00001546 _____ () C:\Users\DeadMan\Desktop\VirtualDJ PC Optimizer.bat.lnk
2014-03-19 12:29 - 2014-03-25 16:42 - 00003178 _____ () C:\Windows\System32\Tasks\Razer_Game_Booster_AutoUpdate
2014-03-19 12:29 - 2014-03-19 12:30 - 00000000 ____D () C:\Users\DeadMan\Documents\Razer
2014-03-19 12:29 - 2014-03-19 12:29 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-19 03:36 - 2014-03-25 16:22 - 00000000 ____D () C:\Program Files\Novation
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\NVIDIA
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\ATI
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\ProgramData\ATI
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-19 01:12 - 2014-03-19 01:12 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201403190112086971.log
2014-03-19 01:12 - 2014-03-19 01:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-19 01:12 - 2014-03-19 01:12 - 00000000 ____D () C:\AMD
2014-03-19 01:11 - 2014-03-19 01:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-19 01:11 - 2014-03-19 01:11 - 00000000 ____D () C:\Program Files\ATI
2014-03-19 01:11 - 2014-03-19 01:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-19 01:10 - 2014-03-19 01:12 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-18 21:30 - 2014-03-18 21:30 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-03-18 15:43 - 2014-03-18 15:43 - 00000879 _____ () C:\Users\DeadMan\Desktop\Skyrim (SKSE).lnk
2014-03-18 15:05 - 2014-03-18 16:39 - 00000000 ____D () C:\Users\DeadMan\Documents\Nexus Mod Manager
2014-03-18 15:05 - 2014-03-18 15:05 - 00000750 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-03-17 21:02 - 2014-03-17 21:02 - 00000774 _____ () C:\Users\DeadMan\Desktop\TSEV Skyrim LE.lnk
2014-03-17 20:25 - 2014-03-17 20:26 - 00000000 ____D () C:\Program Files (x86)\Flawless Widescreen
2014-03-17 20:25 - 2014-03-17 20:25 - 00001159 _____ () C:\Users\Public\Desktop\Flawless Widescreen.lnk
2014-03-17 19:51 - 2014-03-17 19:52 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-17 18:13 - 2014-03-17 18:18 - 00000000 ____D () C:\Users\DeadMan\Heaven
2014-03-17 18:12 - 2014-03-17 18:12 - 00001012 _____ () C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2014-03-17 17:20 - 2014-03-04 13:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-17 17:20 - 2014-03-04 11:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-17 17:19 - 2014-03-04 14:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-17 17:19 - 2014-03-04 14:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-17 17:19 - 2014-03-04 14:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-17 17:02 - 2014-03-17 17:02 - 00002863 _____ () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2014-03-17 17:02 - 2014-03-17 17:02 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2014-03-17 17:01 - 2014-03-17 17:01 - 00000000 ____D () C:\Program Files (x86)\MSECACHE
2014-03-17 12:45 - 2014-03-17 12:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-17 12:45 - 2014-03-17 12:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-17 06:18 - 2014-03-17 06:18 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-17 04:26 - 2014-02-25 18:31 - 00252704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-03-17 04:26 - 2014-02-25 18:27 - 00126752 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-03-17 02:07 - 2013-12-20 16:38 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-03-17 01:40 - 2014-03-18 14:10 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-17 00:51 - 2013-04-09 23:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-17 00:51 - 2013-04-02 22:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-17 00:28 - 2014-03-17 00:28 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-17 00:18 - 2014-03-17 00:18 - 00000000 ____D () C:\Windows\system32\RAPID
2014-03-17 00:16 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 00:16 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 00:15 - 2014-03-01 06:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 00:15 - 2014-03-01 05:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 00:15 - 2014-03-01 05:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-17 00:15 - 2014-03-01 04:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 00:15 - 2014-03-01 04:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-17 00:15 - 2014-03-01 04:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-17 00:15 - 2014-03-01 04:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 00:15 - 2014-03-01 04:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-17 00:15 - 2014-03-01 04:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 00:15 - 2014-03-01 04:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 00:15 - 2014-03-01 04:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-17 00:15 - 2014-03-01 04:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-17 00:15 - 2014-03-01 04:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 00:15 - 2014-03-01 04:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-17 00:15 - 2014-03-01 04:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-17 00:15 - 2014-03-01 04:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 00:15 - 2014-03-01 04:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-17 00:15 - 2014-03-01 03:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 00:15 - 2014-03-01 03:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-17 00:15 - 2014-03-01 03:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-17 00:15 - 2014-03-01 03:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 00:15 - 2014-03-01 03:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 00:15 - 2014-03-01 03:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-17 00:15 - 2014-03-01 03:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 00:15 - 2014-03-01 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-17 00:15 - 2014-03-01 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 00:15 - 2014-03-01 03:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-17 00:15 - 2014-03-01 03:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 00:15 - 2014-03-01 03:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 00:15 - 2014-03-01 03:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-17 00:15 - 2014-03-01 03:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 00:15 - 2014-03-01 03:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 00:15 - 2014-03-01 03:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 00:15 - 2014-03-01 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 00:15 - 2014-03-01 02:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 00:15 - 2014-03-01 02:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 00:15 - 2014-03-01 02:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 00:15 - 2014-03-01 02:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 00:15 - 2014-03-01 02:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-17 00:15 - 2014-03-01 02:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-17 00:15 - 2014-02-04 02:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-17 00:15 - 2014-02-04 02:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-17 00:15 - 2014-01-09 02:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-17 00:15 - 2014-01-03 22:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-17 00:15 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-17 00:15 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-17 00:15 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-17 00:15 - 2013-11-23 18:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-17 00:15 - 2013-11-23 17:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-17 00:15 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-17 00:15 - 2012-02-11 06:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-03-17 00:15 - 2012-02-11 06:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-03-17 00:15 - 2011-03-11 06:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-03-17 00:15 - 2011-03-11 06:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-03-17 00:15 - 2011-03-11 06:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-03-17 00:15 - 2011-03-11 06:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-03-17 00:15 - 2011-03-11 06:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-03-17 00:15 - 2011-03-11 06:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-03-17 00:15 - 2011-03-11 06:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-03-17 00:15 - 2011-03-11 06:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-03-17 00:15 - 2011-03-11 05:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-03-17 00:15 - 2011-03-11 05:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-03-17 00:15 - 2011-03-11 04:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-03-17 00:15 - 2011-02-25 06:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-17 00:15 - 2011-02-25 05:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-17 00:05 - 2013-05-10 05:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-17 00:05 - 2013-05-10 05:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-17 00:05 - 2013-05-10 04:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-17 00:05 - 2013-05-10 04:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-16 23:48 - 2013-10-02 02:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-16 23:48 - 2013-10-02 02:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-16 23:48 - 2013-10-02 02:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-16 23:48 - 2013-10-02 01:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-16 23:48 - 2013-10-02 01:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-16 23:48 - 2013-10-02 01:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-16 23:48 - 2013-10-02 01:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-16 23:48 - 2013-10-02 00:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-16 23:48 - 2013-10-02 00:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-16 23:48 - 2013-10-02 00:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-16 23:48 - 2013-10-02 00:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-16 23:48 - 2013-10-02 00:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-16 23:48 - 2013-10-01 23:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-16 23:48 - 2013-10-01 23:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-16 23:48 - 2013-10-01 23:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-16 23:48 - 2013-10-01 22:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-16 23:41 - 2014-03-16 23:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-16 23:41 - 2014-03-16 23:41 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-16 23:41 - 2014-03-16 23:41 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-16 23:41 - 2014-03-16 23:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-16 23:41 - 2014-03-16 23:41 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-16 23:41 - 2014-03-16 23:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-16 23:40 - 2014-03-16 23:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-16 23:40 - 2014-03-16 23:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-16 23:40 - 2014-03-16 23:40 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-16 23:20 - 2012-08-23 14:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-03-16 23:20 - 2012-08-23 14:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2014-03-16 23:20 - 2012-08-23 14:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-03-16 23:20 - 2012-08-23 14:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-03-16 23:20 - 2012-08-23 13:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-03-16 23:20 - 2012-08-23 11:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-03-16 23:20 - 2012-08-23 10:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-03-16 23:20 - 2012-08-23 09:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-03-16 23:16 - 2010-02-23 08:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-16 23:11 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 23:10 - 2012-07-26 03:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-03-16 23:10 - 2012-07-26 03:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-03-16 23:10 - 2012-07-26 03:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-03-16 23:10 - 2012-07-26 03:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-03-16 23:10 - 2012-07-26 03:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-03-16 23:10 - 2012-07-26 02:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-03-16 23:10 - 2012-07-26 02:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-03-16 23:10 - 2012-06-02 14:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-16 23:07 - 2013-01-13 21:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 21:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-16 23:07 - 2013-01-13 20:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-16 23:07 - 2013-01-13 20:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-16 23:07 - 2013-01-13 20:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-16 23:07 - 2013-01-13 19:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-16 23:07 - 2013-01-13 19:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-16 23:07 - 2013-01-13 19:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-16 23:07 - 2013-01-13 19:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-16 23:07 - 2013-01-13 19:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-16 23:07 - 2013-01-13 19:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-16 23:07 - 2013-01-13 19:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-16 23:07 - 2013-01-13 19:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-16 23:07 - 2013-01-13 19:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-16 23:07 - 2013-01-13 19:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-16 23:07 - 2013-01-13 19:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-16 23:07 - 2013-01-13 19:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-16 23:07 - 2013-01-13 19:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-16 23:07 - 2013-01-13 19:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-16 23:07 - 2013-01-13 18:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-16 23:07 - 2013-01-13 18:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-16 23:07 - 2013-01-13 17:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-16 23:07 - 2013-01-13 17:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-16 23:07 - 2013-01-04 06:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-16 23:07 - 2013-01-04 06:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-16 23:07 - 2012-03-01 06:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-16 23:07 - 2012-03-01 06:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-16 23:07 - 2012-03-01 05:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-03-16 23:06 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-16 23:06 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-16 23:06 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-16 23:06 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-16 23:06 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-16 23:06 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-16 23:06 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-16 23:06 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-16 23:06 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-16 23:06 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-16 23:06 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-16 23:06 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-16 23:06 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-16 23:06 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-16 23:06 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-16 23:06 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-16 23:06 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-16 23:06 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-16 23:06 - 2013-10-30 02:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-16 23:06 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-16 23:06 - 2013-09-25 02:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-16 23:06 - 2013-09-25 01:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-16 23:06 - 2013-08-02 02:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-16 23:06 - 2013-08-02 02:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-16 23:06 - 2013-08-02 02:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-16 23:06 - 2013-08-02 01:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 01:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-16 23:06 - 2013-08-02 00:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-16 23:06 - 2013-08-02 00:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 00:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-16 23:06 - 2013-08-02 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-16 23:06 - 2013-07-25 09:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-16 23:06 - 2013-07-25 08:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-16 23:06 - 2013-07-09 05:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-16 23:06 - 2013-07-09 04:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-16 23:06 - 2013-06-15 04:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-16 23:06 - 2013-02-27 06:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-16 23:06 - 2013-02-27 05:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-16 23:06 - 2012-12-07 13:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-03-16 23:06 - 2012-12-07 13:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-03-16 23:06 - 2012-12-07 12:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-03-16 23:06 - 2012-12-07 12:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-03-16 23:06 - 2012-12-07 11:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-03-16 23:06 - 2012-12-07 11:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-03-16 23:06 - 2012-12-07 11:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-03-16 23:06 - 2012-12-07 10:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-03-16 23:06 - 2012-10-09 18:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-03-16 23:06 - 2012-10-09 18:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-03-16 23:06 - 2012-10-09 17:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-03-16 23:06 - 2012-10-09 17:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-03-16 23:06 - 2012-10-03 17:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-03-16 23:06 - 2012-10-03 17:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-03-16 23:06 - 2012-10-03 17:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-03-16 23:06 - 2012-10-03 17:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-03-16 23:06 - 2012-10-03 17:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-03-16 23:06 - 2012-10-03 17:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-16 23:06 - 2012-10-03 16:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-03-16 23:06 - 2012-10-03 16:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-03-16 23:06 - 2012-10-03 16:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-03-16 23:06 - 2012-10-03 16:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-03-16 23:06 - 2012-08-21 21:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-03-16 23:06 - 2012-01-13 07:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-03-16 23:06 - 2012-01-04 10:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-03-16 23:06 - 2012-01-04 08:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-03-16 23:06 - 2011-10-26 05:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-16 23:06 - 2011-10-26 04:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-16 23:06 - 2011-04-09 06:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-16 23:06 - 2011-04-09 05:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-16 23:05 - 2014-02-07 01:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-16 23:05 - 2014-02-04 02:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-16 23:05 - 2014-02-04 02:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-16 23:05 - 2014-01-29 02:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-16 23:05 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-16 23:05 - 2014-01-28 02:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-16 23:05 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-16 23:05 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-16 23:05 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-16 23:05 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-16 23:05 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-16 23:05 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-16 23:05 - 2013-11-27 01:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-16 23:05 - 2013-11-27 01:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-16 23:05 - 2013-11-27 01:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-16 23:05 - 2013-11-27 01:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-16 23:05 - 2013-11-27 01:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-16 23:05 - 2013-11-26 11:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-16 23:05 - 2013-11-12 02:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-16 23:05 - 2013-11-12 02:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-16 23:05 - 2013-10-19 02:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-16 23:05 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-16 23:05 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-16 23:05 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-16 23:05 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-16 23:05 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-16 23:05 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-16 23:05 - 2013-10-04 02:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-16 23:05 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-16 23:05 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-16 23:05 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-16 23:05 - 2013-10-04 01:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-16 23:05 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-16 23:05 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-16 23:05 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-16 23:05 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-16 23:05 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-16 23:05 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-16 23:05 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-16 23:05 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-16 23:05 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-16 23:05 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-16 23:05 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-16 23:05 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-16 23:05 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-16 23:05 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-16 23:05 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-16 23:05 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-16 23:05 - 2013-09-08 02:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-16 23:05 - 2013-09-08 02:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-16 23:05 - 2013-09-08 02:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-16 23:05 - 2013-08-29 02:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-16 23:05 - 2013-08-29 02:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-16 23:05 - 2013-08-29 02:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-16 23:05 - 2013-08-29 02:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-16 23:05 - 2013-08-29 02:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-16 23:05 - 2013-08-29 01:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-16 23:05 - 2013-08-29 01:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-16 23:05 - 2013-08-29 01:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-16 23:05 - 2013-08-29 01:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-16 23:05 - 2013-08-29 01:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-16 23:05 - 2013-08-29 01:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-16 23:05 - 2013-08-29 00:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-16 23:05 - 2013-08-29 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-16 23:05 - 2013-08-29 00:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-16 23:05 - 2013-08-29 00:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-16 23:05 - 2013-08-05 02:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-16 23:05 - 2013-07-26 02:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-16 23:05 - 2013-07-26 02:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-16 23:05 - 2013-07-26 01:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-16 23:05 - 2013-07-26 01:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-16 23:05 - 2013-07-12 10:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-16 23:05 - 2013-07-12 10:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-03-16 23:05 - 2013-07-09 05:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-16 23:05 - 2013-07-09 05:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-16 23:05 - 2013-07-09 05:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-16 23:05 - 2013-07-09 04:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-16 23:05 - 2013-07-09 04:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-16 23:05 - 2013-07-09 04:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-16 23:05 - 2013-07-04 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-16 23:05 - 2013-07-04 12:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-16 23:05 - 2013-07-04 12:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-16 23:05 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-16 23:05 - 2013-07-04 11:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-16 23:05 - 2013-07-04 11:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-16 23:05 - 2013-07-04 11:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-16 23:05 - 2013-07-04 10:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-16 23:05 - 2013-07-03 04:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-16 23:05 - 2013-07-03 04:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-16 23:05 - 2013-06-25 22:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-16 23:05 - 2013-06-06 05:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-16 23:05 - 2013-06-06 05:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-16 23:05 - 2013-06-06 05:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-16 23:05 - 2013-06-06 05:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-16 23:05 - 2013-06-06 04:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-16 23:05 - 2013-06-06 04:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-16 23:05 - 2013-06-06 04:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-16 23:05 - 2013-06-06 03:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-16 23:05 - 2013-06-06 03:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-16 23:05 - 2013-06-06 03:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-16 23:05 - 2013-05-10 05:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-16 23:05 - 2013-05-10 03:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-16 23:05 - 2013-04-26 05:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-16 23:05 - 2013-04-26 04:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-16 23:05 - 2013-04-25 23:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-16 23:05 - 2013-04-12 14:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-16 23:05 - 2013-03-31 22:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-16 23:05 - 2013-03-19 05:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-03-16 23:05 - 2013-02-12 04:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-16 23:05 - 2012-11-30 05:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-03-16 23:05 - 2012-11-30 05:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-03-16 23:05 - 2012-11-30 05:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-03-16 23:05 - 2012-11-23 03:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-16 23:05 - 2012-11-22 05:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-03-16 23:05 - 2012-11-22 04:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-03-16 23:05 - 2012-11-02 05:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-16 23:05 - 2012-11-02 05:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-16 23:05 - 2012-11-01 05:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-16 23:05 - 2012-11-01 04:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-16 23:05 - 2012-09-25 22:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-16 23:05 - 2012-09-25 22:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-16 23:05 - 2012-08-22 18:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-03-16 23:05 - 2012-08-11 00:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-16 23:05 - 2012-08-10 23:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-16 23:05 - 2012-07-04 20:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-03-16 23:05 - 2012-05-04 11:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-16 23:05 - 2012-05-04 09:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-16 23:05 - 2012-05-01 05:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-03-16 23:05 - 2012-04-28 03:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-16 23:05 - 2012-04-26 05:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-16 23:05 - 2012-04-26 05:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-16 23:05 - 2012-04-26 05:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-16 23:05 - 2012-04-07 12:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-03-16 23:05 - 2012-04-07 11:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-03-16 23:05 - 2012-03-17 07:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-16 23:05 - 2011-12-30 06:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-16 23:05 - 2011-12-30 05:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-03-16 23:05 - 2011-11-17 06:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-16 23:05 - 2011-11-17 05:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-03-16 23:05 - 2011-08-17 05:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-16 23:05 - 2011-08-17 05:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-16 23:05 - 2011-08-17 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-16 23:05 - 2011-08-17 04:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-16 23:05 - 2011-07-09 02:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-16 23:05 - 2011-06-16 05:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-16 23:05 - 2011-06-16 04:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-16 23:05 - 2011-06-15 10:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-16 23:05 - 2011-06-15 10:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-16 23:05 - 2011-06-15 10:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-16 23:05 - 2011-06-15 10:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-16 23:05 - 2011-06-15 08:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-03-16 23:05 - 2011-06-15 08:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-03-16 23:05 - 2011-06-15 08:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-03-16 23:05 - 2011-06-15 08:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-03-16 23:05 - 2011-06-15 08:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-03-16 23:05 - 2011-05-24 11:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-16 23:05 - 2011-05-24 10:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-03-16 23:05 - 2011-05-24 10:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-03-16 23:05 - 2011-05-24 10:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-03-16 23:05 - 2011-05-24 10:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-03-16 23:05 - 2011-05-04 05:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-03-16 23:05 - 2011-05-04 05:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-03-16 23:05 - 2011-05-04 05:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-03-16 23:05 - 2011-05-04 05:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-03-16 23:05 - 2011-05-04 05:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-03-16 23:05 - 2011-05-04 05:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-03-16 23:05 - 2011-05-04 05:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-03-16 23:05 - 2011-05-04 05:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-03-16 23:05 - 2011-05-04 05:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-03-16 23:05 - 2011-05-04 04:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-03-16 23:05 - 2011-05-04 04:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-03-16 23:05 - 2011-05-04 04:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-03-16 23:05 - 2011-05-04 04:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-03-16 23:05 - 2011-05-04 04:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-03-16 23:05 - 2011-05-04 04:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-03-16 23:05 - 2011-05-04 04:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-03-16 23:05 - 2011-05-04 04:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-03-16 23:05 - 2011-05-04 04:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-03-16 23:05 - 2011-04-29 03:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-16 23:05 - 2011-04-29 03:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-16 23:05 - 2011-04-29 03:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-16 23:05 - 2011-04-27 02:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-16 23:05 - 2011-04-27 02:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-16 23:05 - 2011-04-22 22:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-03-16 23:05 - 2011-03-11 06:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-16 23:05 - 2011-03-11 06:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-16 23:05 - 2011-03-11 05:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-03-16 23:05 - 2011-03-11 05:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-03-16 23:05 - 2011-03-03 06:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-16 23:05 - 2011-03-03 06:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-16 23:05 - 2011-03-03 06:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-16 23:05 - 2011-03-03 05:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-16 23:05 - 2011-03-03 05:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-03-16 23:05 - 2011-02-05 17:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-16 23:05 - 2011-02-05 17:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-03-16 23:05 - 2011-02-05 17:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-03-16 23:05 - 2011-02-05 17:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-03-16 23:05 - 2011-02-05 17:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-16 23:05 - 2011-02-05 17:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-03-16 23:05 - 2011-02-05 17:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-16 23:05 - 2010-12-23 10:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-16 23:05 - 2010-12-23 10:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-16 23:05 - 2010-12-23 10:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-16 23:05 - 2010-12-23 05:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-03-16 23:05 - 2010-12-23 05:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-03-16 23:05 - 2010-12-23 05:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-03-16 23:02 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-16 23:02 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-16 23:02 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-16 23:02 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-16 23:02 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-16 23:02 - 2013-08-01 12:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-16 23:02 - 2013-07-20 10:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-16 23:02 - 2013-07-20 10:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-16 23:02 - 2013-05-13 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-16 23:02 - 2013-05-13 03:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-16 23:02 - 2013-05-13 03:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-16 23:02 - 2013-05-13 03:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-16 23:02 - 2013-04-10 06:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-16 23:02 - 2013-01-24 06:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-16 23:02 - 2013-01-03 06:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-16 23:02 - 2012-07-04 22:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-16 23:02 - 2012-07-04 22:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-16 23:02 - 2012-07-04 22:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-16 23:02 - 2012-07-04 21:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-16 23:02 - 2012-07-04 21:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-03-16 23:02 - 2012-06-06 06:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-16 23:02 - 2012-06-06 05:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-03-16 23:02 - 2012-05-05 08:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-03-16 23:02 - 2012-05-05 07:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-03-16 23:02 - 2011-12-16 08:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-16 23:02 - 2011-12-16 07:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-16 23:02 - 2011-08-27 05:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-16 23:02 - 2011-08-27 05:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-16 23:02 - 2011-08-27 04:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-16 23:02 - 2011-08-27 04:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-16 23:02 - 2011-05-03 05:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-16 23:02 - 2011-05-03 04:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-03-16 23:02 - 2011-02-18 10:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-03-16 23:02 - 2011-02-18 05:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-03-16 23:02 - 2011-02-12 11:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-03-16 23:02 - 2011-02-03 11:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-03-16 23:01 - 2013-10-12 02:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-16 23:01 - 2013-10-12 02:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-16 23:01 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-16 23:01 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-16 23:01 - 2013-10-12 01:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-16 23:01 - 2013-10-12 01:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-16 23:01 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-16 23:01 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-16 23:01 - 2013-08-28 01:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-03-16 23:01 - 2012-05-14 05:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-16 23:01 - 2012-02-17 06:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-16 23:01 - 2012-02-17 05:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-03-16 23:01 - 2012-02-17 04:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-16 23:01 - 2011-11-19 14:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-16 23:01 - 2011-11-19 14:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-16 23:01 - 2011-10-15 06:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-16 23:01 - 2011-10-15 05:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-16 23:01 - 2011-02-23 04:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-16 22:53 - 2014-03-16 22:53 - 00002783 _____ () C:\Users\Public\Desktop\Killer Network Manager.lnk
2014-03-16 22:53 - 2014-03-16 22:53 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-03-16 22:53 - 2014-03-16 22:53 - 00000000 ____D () C:\Program Files\Qualcomm Atheros
2014-03-16 22:50 - 2014-03-17 17:21 - 00001372 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-16 22:50 - 2014-03-17 17:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-16 22:50 - 2014-03-16 22:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-16 22:50 - 2014-03-04 13:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-16 22:50 - 2014-03-04 13:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-16 22:50 - 2014-03-04 13:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-16 22:50 - 2014-03-04 13:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-16 22:50 - 2014-03-04 13:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-16 22:50 - 2014-03-04 13:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-16 22:50 - 2014-02-05 09:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-16 22:50 - 2014-02-05 09:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-16 22:49 - 2014-03-17 17:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-16 22:49 - 2014-03-16 22:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-16 22:49 - 2014-03-16 22:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-16 22:49 - 2014-03-04 14:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-16 22:49 - 2014-03-04 14:35 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-16 22:49 - 2014-01-15 23:13 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433467.dll
2014-03-16 22:49 - 2014-01-15 23:13 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433467.dll
2014-03-16 22:49 - 2013-12-27 18:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-16 22:49 - 2013-12-27 18:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-16 22:49 - 2013-12-27 18:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-16 22:49 - 2013-11-28 13:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-16 22:49 - 2013-11-28 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-16 22:49 - 2013-11-22 08:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-03-16 22:42 - 2014-03-24 21:48 - 00780846 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-16 22:37 - 2014-03-17 00:12 - 00001438 _____ () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 22:36 - 2014-03-16 22:36 - 00000020 ___SH () C:\Users\DeadMan\ntuser.ini
2014-03-16 22:36 - 2012-06-02 22:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-16 22:36 - 2012-06-02 22:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-16 22:36 - 2012-06-02 22:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-16 22:36 - 2012-06-02 22:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-16 22:36 - 2012-06-02 22:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-16 22:36 - 2012-06-02 22:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-16 22:36 - 2012-06-02 22:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-16 22:36 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-16 22:36 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-16 22:35 - 2014-03-16 22:35 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-03-16 22:35 - 2012-07-26 04:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-16 22:35 - 2012-07-26 02:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-16 22:35 - 2012-06-02 14:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-16 22:32 - 2014-03-16 22:32 - 00022744 _____ () C:\Windows\system32\emptyregdb.dat
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-16 22:24 - 2014-03-24 21:48 - 00000000 ____D () C:\Users\DeadMan
2014-03-16 22:24 - 2009-07-14 04:54 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-16 22:24 - 2009-07-14 04:49 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-16 22:23 - 2014-03-24 12:21 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-16 22:23 - 2014-03-23 19:06 - 00021601 _____ () C:\Windows\system32\lvcoinst.log
2014-03-16 22:23 - 2014-03-23 19:05 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-16 22:23 - 2014-03-16 22:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-16 22:22 - 2014-03-26 01:00 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-03-16 22:22 - 2014-03-17 18:29 - 00000000 ____D () C:\Program Files\AMD
2014-03-16 22:22 - 2014-03-16 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2014-03-16 22:21 - 2014-03-24 21:48 - 00000000 ____D () C:\Program Files\Intel
2014-03-16 22:21 - 2014-03-16 22:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-03-16 21:31 - 2014-03-16 21:50 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-03-16 21:31 - 2014-03-16 21:50 - 00001890 _____ () C:\Windows\diagerr.xml
2014-03-16 21:23 - 2014-03-19 01:12 - 00000000 ____D () C:\ProgramData\AMD
2014-03-16 20:28 - 2013-12-06 21:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SET935D.tmp
2014-03-16 20:00 - 2014-03-16 20:00 - 00000763 _____ () C:\Users\Public\Desktop\Driver Fusion.lnk
2014-03-16 17:24 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-16 17:24 - 2014-03-16 17:24 - 00002280 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-16 17:10 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\GUM8FF0.tmp
2014-03-16 17:10 - 2014-03-16 17:11 - 49940480 _____ () C:\Program Files (x86)\GUT8FF1.tmp
2014-03-16 15:33 - 2014-03-16 15:33 - 00002312 _____ () C:\Users\DeadMan\Desktop\Kaspersky Antivirus.lnk
2014-03-16 13:44 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\QuickScan
2014-03-16 13:05 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\LavasoftStatistics
2014-03-16 13:04 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-16 12:35 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\java
2014-03-16 10:57 - 2014-03-16 12:30 - 00002248 ____H () C:\Users\DeadMan\Documents\Default.rdp
2014-03-16 10:51 - 2014-03-21 14:45 - 00002609 _____ () C:\Users\Public\Desktop\WOL Magic Packet Sender.lnk
2014-03-16 10:51 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IsolatedStorage
2014-03-16 10:51 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\WOL Magic Packet Sender
2014-03-15 19:51 - 2014-03-23 01:24 - 00000921 _____ () C:\Users\DeadMan\Desktop\4K Video Downloader.lnk
2014-03-15 10:14 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\gsmartcontrol
2014-03-15 01:07 - 2014-03-15 01:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-03-15 01:02 - 2014-03-15 01:02 - 00000189 _____ () C:\mylog.log
2014-03-15 01:02 - 2013-04-10 11:09 - 00849992 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-03-15 01:02 - 2013-04-10 11:09 - 00108104 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-03-15 01:02 - 2013-04-10 11:09 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-03-15 00:40 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\8890C549-E2D4-46B9-A46E-1C7FE5E8420B
2014-03-15 00:40 - 2014-03-15 00:40 - 00970336 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-15 00:40 - 2014-03-15 00:40 - 00285280 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-03-15 00:15 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\FDB3F4A9-AD07-49D4-BBBB-C2267E102C6D
2014-03-14 21:45 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\GUMA543.tmp
2014-03-14 21:45 - 2014-03-15 00:27 - 49940480 _____ () C:\Program Files (x86)\GUTA544.tmp
2014-03-14 18:42 - 2014-03-14 21:36 - 00001250 _____ () C:\Users\Public\Desktop\Samsung Magician.lnk
2014-03-14 18:31 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Resplendent Registrar
2014-03-14 10:49 - 2014-03-14 10:50 - 00000964 _____ () C:\Users\DeadMan\Desktop\DogeCoin.lnk
2014-03-14 02:42 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Winamp
2014-03-14 02:42 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-03-14 02:42 - 2014-03-14 02:42 - 00001004 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-03-12 16:10 - 2014-03-12 16:10 - 10899112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 10176088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 10145128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 08764440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 06716264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 01329352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 01106872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00116024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-03-12 16:06 - 2014-03-12 16:06 - 00273632 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-03-12 16:04 - 2014-03-12 16:04 - 13929984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-03-12 15:50 - 2014-03-12 15:50 - 00230912 _____ () C:\Windows\system32\clinfo.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 28425216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-03-12 15:47 - 2014-03-12 15:47 - 23903744 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-03-12 15:44 - 2014-03-12 15:44 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-12 15:44 - 2014-03-12 15:44 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-12 15:27 - 2014-03-12 15:27 - 27490304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00577368 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-03-12 15:24 - 2014-03-12 15:24 - 00577368 _____ () C:\Windows\system32\atiapfxx.blb
2014-03-12 15:24 - 2014-03-12 15:24 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-03-12 15:24 - 2014-03-12 15:24 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-03-12 15:23 - 2014-03-12 15:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 00126464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-03-12 15:19 - 2014-03-12 15:19 - 05393408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-03-12 15:07 - 2014-03-12 15:07 - 23108608 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-03-12 15:06 - 2014-03-12 15:06 - 04319744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-03-12 15:03 - 2014-03-12 15:03 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-03-12 15:03 - 2014-03-12 15:03 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-03-12 15:03 - 2014-03-12 15:03 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-03-12 15:02 - 2014-03-12 15:02 - 00240128 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-03-12 15:00 - 2014-03-12 15:00 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-03-12 14:53 - 2014-03-12 14:53 - 00081920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-03-12 14:53 - 2014-03-12 14:53 - 00079360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-03-12 14:50 - 2014-03-12 14:50 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-03-12 14:50 - 2014-03-12 14:50 - 00035840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-03-12 14:46 - 2014-03-12 14:46 - 03434288 _____ () C:\Windows\system32\atiumd6a.cap
2014-03-12 14:43 - 2014-03-12 14:43 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-03-12 14:34 - 2014-03-12 14:34 - 00806912 _____ (AMD) C:\Windows\system32\coinst_13.350.dll
2014-03-12 14:33 - 2014-03-12 14:33 - 03468336 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-03-12 14:27 - 2014-03-12 14:27 - 01148416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00828416 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00146432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-03-12 14:25 - 2014-03-12 14:25 - 00636928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-03-12 14:25 - 2014-03-12 14:25 - 00133120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-03-12 14:20 - 2014-03-12 14:20 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-03-12 12:00 - 2014-03-12 12:00 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-03-12 11:55 - 2014-03-12 11:55 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-03-12 11:46 - 2014-03-12 11:46 - 02404352 _____ () C:\Windows\system32\amdacpusl.pdb
2014-03-12 11:36 - 2014-03-12 11:36 - 00357376 _____ () C:\Windows\system32\amdacpusl.dll
2014-03-12 11:36 - 2014-03-12 11:36 - 00306176 _____ () C:\Windows\system32\amdacpusl.pdb.pub
2014-03-12 11:36 - 2014-03-12 11:36 - 00242688 _____ () C:\Windows\SysWOW64\amdacpusl.dll
2014-03-11 14:43 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-11 14:43 - 2014-03-11 14:43 - 00002233 _____ () C:\Users\Public\Desktop\Seagate Drive Settings.lnk
2014-03-11 14:40 - 2014-03-11 14:40 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2014-03-11 14:38 - 2014-03-25 16:41 - 00003006 _____ () C:\Windows\System32\Tasks\{2F0263E8-831F-401A-875C-CD3A5456FE22}
2014-03-11 14:19 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 10.0.0.27 PreCracked
2014-03-11 14:19 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\AVG
2014-03-11 14:19 - 2014-03-11 14:19 - 00001228 _____ () C:\Users\DeadMan\Desktop\AVG PC TuneUp 2012.lnk
2014-03-11 14:18 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\AVG PC TuneUp 10.0.0.27 PreCracked
2014-03-11 11:57 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2014-03-11 11:51 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\Visual Studio 2008
2014-03-11 08:57 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\NeoSmart Technologies
2014-03-11 08:57 - 2014-03-11 08:57 - 00001238 _____ () C:\Users\Public\Desktop\EasyBCD 2.0.lnk
2014-03-11 08:27 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
2014-03-11 08:21 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\PingPlotter Standard
2014-03-11 08:21 - 2014-03-11 08:21 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\PingPlotter
2014-03-11 08:21 - 2014-03-09 20:21 - 00000044 ____H () C:\Program Files (x86)\5f5dbcaa.tmp
2014-03-11 08:20 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Downloaded Installations
2014-03-10 20:10 - 2014-03-23 18:11 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-10 19:45 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\GSmartControl
2014-03-10 19:29 - 2014-03-11 03:32 - 00000000 ____D () C:\backupres
2014-03-10 19:24 - 2014-03-10 19:24 - 00000048 _____ () C:\boot.ini
2014-03-10 18:51 - 2014-03-10 18:51 - 00000000 ____D () C:\HG612_Modem_Stats
2014-03-10 18:37 - 2014-03-10 18:37 - 00011224 _____ () C:\config.xml
2014-03-07 04:49 - 2013-09-17 03:20 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-03-07 04:49 - 2013-09-17 03:20 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-03-05 17:29 - 2014-03-05 17:29 - 00107760 _____ () C:\Windows\system32\EvGr_Data{B183C2D3-BAC8-470A-ACAD-87B1C92168EF}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00025814 _____ () C:\Windows\system32\RW_AppData.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00003776 _____ () C:\Windows\system32\RW_FileType.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000444 _____ () C:\Windows\system32\RW_FileFlag.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000296 _____ () C:\Windows\system32\EvGr_Data{E956A423-A050-11E3-8245-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{ED1D803F-A117-11E3-9C6C-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{E956A423-A050-11E3-8245-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{C5C3D4C4-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{C5C3D4C3-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{B183C2D3-BAC8-470A-ACAD-87B1C92168EF}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4C-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4B-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4A-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{ED1D803F-A117-11E3-9C6C-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{C5C3D4C4-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{C5C3D4C3-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{625EFE4C-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 14:47 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-03-05 10:23 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Western Digital Corporation
2014-03-05 10:23 - 2014-03-05 10:23 - 00001487 _____ () C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2014-03-05 09:33 - 2014-03-05 09:33 - 00000000 _____ () C:\Windows\Bench32.INI
2014-03-05 08:59 - 2014-03-25 17:20 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-05 08:59 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-03-05 08:59 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-05 08:59 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-03-04 22:29 - 2014-03-04 22:29 - 00000000 ___DL () C:\MSOCache
2014-03-04 21:37 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Logitech
2014-03-04 21:24 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-03-04 19:31 - 2014-03-04 19:31 - 00001432 _____ () C:\Users\DeadMan\Desktop\Diskeeper.lnk
2014-03-04 19:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Condusiv_Technologies
2014-03-04 16:48 - 2012-04-15 14:25 - 00021440 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\rxbsknl.sys
2014-03-04 13:07 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Condusiv Technologies
2014-03-04 13:07 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Common Files\Diskeeper Corporation
2014-03-04 13:07 - 2012-07-09 14:54 - 00106832 _____ (Condusiv Technologies) C:\Windows\system32\Drivers\DKTLFSMF.sys
2014-03-04 13:07 - 2012-06-18 19:14 - 00052048 _____ (Condusiv Technologies) C:\Windows\system32\Drivers\DKRtWrt.sys
2014-03-04 13:07 - 2012-04-05 02:32 - 00040752 _____ (Condusiv Technologies) C:\Windows\system32\Drivers\DKDFM.sys
2014-03-04 13:06 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Diskeeper Setup Files
2014-03-04 09:50 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-03-04 09:50 - 2014-03-04 09:50 - 00000888 _____ () C:\Users\Public\Desktop\MyDefrag.lnk
2014-03-04 09:50 - 2010-05-21 12:11 - 01147392 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe
2014-03-04 09:50 - 2010-05-21 12:11 - 00485376 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr
2014-03-04 09:31 - 2014-03-04 09:31 - 00002166 _____ () C:\Users\DeadMan\Desktop\SSD Life.lnk
2014-03-04 09:30 - 2014-03-04 09:30 - 00002084 _____ () C:\Users\Public\Desktop\SSDlife Pro.lnk
2014-03-04 09:27 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Stopper
2014-03-04 09:27 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Time Stopper
2014-03-04 09:27 - 2014-03-04 09:27 - 00001972 _____ () C:\Users\DeadMan\Desktop\Time Stopper.lnk
2014-03-04 08:45 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-04 08:45 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Binarysense
2014-03-04 08:45 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\BinarySense
2014-03-04 07:57 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-04 07:57 - 2014-03-04 07:58 - 00001749 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-03-04 05:50 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\LinkShellExtension
2014-03-04 05:50 - 2014-03-04 05:50 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2014-03-04 05:11 - 2014-03-04 05:11 - 00001064 _____ () C:\Users\DeadMan\Desktop\Dropbox.lnk
2014-03-04 05:10 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-04 05:10 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\DropboxMaster
2014-03-04 05:09 - 2014-03-26 01:01 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Dropbox
2014-03-03 19:24 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\skypePM
2014-03-03 19:23 - 2014-03-25 22:47 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Skype
2014-03-03 19:21 - 2014-03-21 14:45 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-03 19:21 - 2014-03-21 14:45 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 19:21 - 2014-03-16 22:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-03 19:20 - 2014-03-25 16:41 - 00003118 _____ () C:\Windows\System32\Tasks\{C050B5AC-EB6A-49A8-AF23-C9CEC8D8098F}
2014-03-03 17:53 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\SystemRequirementsLab
2014-03-03 17:53 - 2014-03-16 22:27 - 00000000 ____D () C:\Windows\Sun
2014-03-03 17:52 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Sun
2014-03-03 17:52 - 2014-03-03 17:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-03 17:20 - 2014-03-25 16:41 - 00003022 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-03-03 17:20 - 2014-03-18 21:59 - 00000000 ____D () C:\Program Files\Lucidlogix Technologies
2014-03-03 10:32 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Phyxion.net
2014-03-03 09:54 - 2014-03-03 09:54 - 00001543 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2014-03-02 17:17 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\mkvtoolnix
2014-03-02 17:08 - 2014-03-02 17:08 - 00000000 ____D () C:\Users\DeadMan\Documents\My Corel Shows
2014-03-02 17:05 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Corel
2014-03-02 17:05 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-02 17:04 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\My PSP Files
2014-03-02 17:04 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Corel
2014-03-02 17:04 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-03-02 17:04 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-03-02 17:04 - 2014-03-02 17:04 - 00001365 _____ () C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
2014-03-02 17:01 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-02 16:51 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\Adobe
2014-03-02 16:51 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-03-02 16:51 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Common Files\PACE Anti-Piracy
2014-03-02 16:51 - 2014-03-02 16:51 - 00000021 _____ () C:\Windows\SurCode.INI
2014-03-02 16:50 - 2014-03-25 16:40 - 00003506 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-ODDBALL-DeadMan
2014-03-02 16:49 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-02 16:44 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-02 16:38 - 2014-03-16 22:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-02 16:38 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-02 16:38 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-02 16:38 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-03-02 16:38 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-02 16:38 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-02 16:38 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-02 16:16 - 2014-03-10 18:55 - 02784624 _____ (Acronis) C:\Windows\system32\auto_reactivate.exe
2014-03-02 16:16 - 2014-03-10 18:55 - 00000000 _RSHD () C:\bootwiz
2014-03-02 16:05 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-03-02 16:05 - 2014-03-15 00:40 - 00001538 _____ () C:\Users\Public\Desktop\Acronis Online Backup.lnk
2014-03-02 16:05 - 2014-03-15 00:40 - 00001164 _____ () C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
2014-03-02 16:05 - 2014-03-02 16:05 - 00277088 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-02 16:05 - 2014-03-02 16:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-02 16:04 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Acronis
2014-03-02 15:58 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\15F2C5FE-77AF-456D-BE0B-734EF6B84B49
2014-03-02 15:57 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Acronis
2014-03-02 15:50 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\03E84EAF-9B64-4112-94FD-428E33B96B85
2014-03-02 08:10 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\SyncToy 2.1
2014-03-02 08:10 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-03-01 16:37 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Process Hacker 2
2014-03-01 16:32 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-03-01 16:32 - 2014-03-01 16:32 - 00001866 _____ () C:\Users\DeadMan\Desktop\Process Hacker 2.lnk
2014-03-01 16:29 - 2014-03-25 17:10 - 00000000 ____D () C:\Program Files\ProcessExplorer
2014-03-01 14:57 - 2014-03-22 17:17 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Audacity
2014-03-01 14:46 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer
2014-03-01 14:44 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\PTAutoRun
2014-03-01 14:44 - 2014-03-01 14:44 - 00249856 _____ (Microsoft Corporation) C:\Windows\Setup1.exe
2014-03-01 14:44 - 2014-03-01 14:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-03-01 14:44 - 2014-03-01 14:44 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Karen's Power Tools
2014-03-01 14:41 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-03-01 14:41 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Unlocker
2014-03-01 14:41 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Attribute Changer
2014-03-01 14:39 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Eraser
2014-03-01 14:39 - 2009-12-16 12:12 - 00377232 _____ (-) C:\Windows\system32\Eraser.dll
2014-03-01 14:39 - 2009-12-16 12:12 - 00315280 _____ (-) C:\Windows\SysWOW64\Eraser.dll
2014-03-01 14:39 - 2009-12-16 12:12 - 00103824 _____ (-) C:\Windows\system32\Erasext.dll
2014-03-01 14:39 - 2009-12-16 12:12 - 00091536 _____ (-) C:\Windows\system32\Eraserl.exe
2014-03-01 14:39 - 2009-12-16 12:12 - 00085392 _____ (-) C:\Windows\SysWOW64\Erasext.dll
2014-03-01 14:33 - 2007-03-29 07:06 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1iSis_x64.sys
2014-03-01 14:27 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\XnViewMP
2014-03-01 14:22 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\TrueCrypt
2014-03-01 12:55 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-01 12:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-03-01 12:55 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-03-01 12:55 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-03-01 12:55 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-03-01 12:55 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-03-01 12:55 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-03-01 12:55 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-03-01 12:55 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-03-01 12:55 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-03-01 12:55 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-01 12:55 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-03-01 12:55 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-01 12:55 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-03-01 12:55 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-03-01 12:55 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-01 12:55 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-03-01 12:55 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-01 12:55 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-03-01 12:55 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-01 12:55 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-03-01 12:55 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-03-01 12:55 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-03-01 12:55 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-03-01 12:55 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-03-01 12:55 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-03-01 12:55 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-03-01 12:55 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-03-01 12:55 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-03-01 12:55 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-03-01 12:55 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-03-01 12:55 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-03-01 12:55 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-03-01 12:55 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-03-01 12:55 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-03-01 12:55 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-03-01 12:55 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-03-01 12:55 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-03-01 12:55 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-03-01 12:55 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-03-01 12:55 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-03-01 12:55 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-03-01 12:55 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-03-01 12:55 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-03-01 12:55 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-03-01 12:55 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-03-01 12:55 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-03-01 12:55 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-03-01 12:55 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-03-01 12:55 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-03-01 12:55 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-03-01 12:55 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-03-01 12:55 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-03-01 12:55 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-03-01 12:55 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-01 12:55 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-01 12:55 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-03-01 12:55 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-01 12:55 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-03-01 12:55 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-01 12:55 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-03-01 12:55 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-01 12:55 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-03-01 12:55 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-01 12:55 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-03-01 12:55 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-01 12:55 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-03-01 12:55 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-01 12:55 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-03-01 12:55 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-01 12:55 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-03-01 12:55 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-03-01 12:55 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-01 12:55 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-01 12:55 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-03-01 12:55 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-01 12:55 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-03-01 12:55 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-03-01 12:55 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-01 12:55 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-01 12:55 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-01 12:55 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-03-01 12:55 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-03-01 12:55 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-03-01 12:55 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-01 12:55 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-01 12:55 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-03-01 12:55 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-01 12:55 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-03-01 12:55 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-01 12:55 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-03-01 12:55 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-01 12:55 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-03-01 12:55 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-01 12:55 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-03-01 12:55 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-01 12:55 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-03-01 12:55 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-01 12:55 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-03-01 12:55 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-01 12:55 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-03-01 12:55 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-01 12:55 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-03-01 12:55 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-01 12:55 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-03-01 12:55 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-01 12:55 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-03-01 12:45 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-03-01 12:45 - 2014-03-01 12:45 - 00001649 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-03-01 11:58 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2014-03-01 10:55 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-03-01 10:55 - 2014-03-01 10:55 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-03-01 10:54 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\MKVToolNix
2014-03-01 10:54 - 2014-03-02 17:19 - 00001887 _____ () C:\Users\Public\Desktop\mkvmerge GUI.lnk
2014-03-01 10:21 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\PCMark 8
2014-03-01 10:21 - 2014-03-01 10:32 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-03-01 10:09 - 2014-03-01 10:09 - 00001005 _____ () C:\Users\Public\Desktop\3DMark.lnk
2014-03-01 09:58 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\3DMark
 


2014-03-01 09:57 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-03-01 09:57 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-01 09:57 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-03-01 09:57 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-01 09:57 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-01 09:57 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-03-01 09:57 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-01 09:57 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-01 09:57 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-01 09:57 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-01 09:57 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-01 09:57 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-03-01 09:38 - 2014-03-20 00:27 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\XnView
2014-03-01 09:38 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\XnViewMP
2014-03-01 09:37 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-01 09:35 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Malwarebytes
2014-03-01 09:35 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 09:35 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-01 09:35 - 2014-03-01 09:35 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-01 09:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 09:33 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\HD Tune Pro
2014-03-01 09:31 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Cam Wizard
2014-03-01 09:31 - 2014-03-01 09:31 - 00002583 _____ () C:\Users\Public\Desktop\Cam Wizard.lnk
2014-03-01 09:10 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Thunderbird
2014-03-01 08:56 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Impulse Technology
2014-03-01 08:48 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\SpeedProject
2014-03-01 08:38 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\CallStation
2014-03-01 08:38 - 2004-09-16 17:23 - 00167936 _____ (Data Techniques Inc.) C:\Windows\SysWOW64\FMJR10.dll
2014-03-01 08:38 - 2004-09-14 11:16 - 00282624 _____ () C:\Windows\SysWOW64\ClassX.dll
2014-03-01 08:38 - 2004-09-14 11:16 - 00024576 _____ () C:\Windows\SysWOW64\ClassXps.dll
2014-03-01 08:38 - 2004-09-01 08:00 - 00073728 _____ (Data Techniques, Inc.) C:\Windows\SysWOW64\im32tif.dil
2014-03-01 08:38 - 2004-09-01 08:00 - 00065536 _____ (Data Techniques, Inc.) C:\Windows\SysWOW64\im32fax.dil
2014-03-01 08:38 - 2004-09-01 08:00 - 00053248 _____ (Data Techniques, Inc.) C:\Windows\SysWOW64\im32xfax.del
2014-03-01 08:36 - 2014-03-01 08:36 - 00000000 ___RD () C:\Sandbox
2014-03-01 08:17 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-01 08:17 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\WDCSAM
2014-03-01 08:17 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\DIFX
2014-03-01 08:04 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Logitech
2014-02-28 14:08 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2014-02-28 14:08 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-02-28 13:32 - 2014-02-28 13:32 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2014-02-28 07:22 - 2012-02-21 14:51 - 00648808 _____ (TP-LINK TECHNOLOGIES CO., LTD) C:\Windows\system32\Drivers\tpg64win7.sys
2014-02-28 07:22 - 2012-02-21 14:51 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp.dll
2014-02-28 05:59 - 2014-03-25 17:04 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\foobar2000
2014-02-28 05:58 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-02-28 05:58 - 2014-02-28 05:58 - 00001031 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-02-27 15:22 - 2014-03-21 14:11 - 00000000 ____D () C:\Windows\pss
2014-02-27 15:10 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\CyberGhost VPN
2014-02-27 15:10 - 2014-02-27 15:10 - 00000864 _____ () C:\Users\Public\Desktop\CyberGhost VPN.lnk
2014-02-27 15:10 - 2011-12-15 20:29 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-02-27 15:05 - 2014-02-28 11:25 - 00000000 ____D () C:\Program Files\EliteBytes
2014-02-27 15:04 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\TrueCrypt
2014-02-27 15:04 - 2014-02-27 15:04 - 00230352 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2014-02-27 15:04 - 2014-02-27 15:04 - 00000875 _____ () C:\Users\Public\Desktop\TrueCrypt.lnk
2014-02-27 15:00 - 2014-03-19 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 15:00 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-27 15:00 - 2014-03-01 09:09 - 00002111 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-02-27 14:57 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Mozilla
2014-02-27 14:56 - 2014-03-17 21:50 - 00000000 ____D () C:\Users\DeadMan\Documents\My Games
2014-02-27 14:55 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\Documents\VirtualDJ
2014-02-27 14:27 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Leadertech
2014-02-27 14:27 - 2014-03-16 22:27 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-02-27 14:26 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Logitech
2014-02-27 14:26 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Logishrd
2014-02-27 14:20 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Apple Computer
2014-02-27 14:20 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Apple
2014-02-27 14:20 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-02-27 14:20 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-27 14:20 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-27 14:19 - 2014-03-19 12:29 - 00002150 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-02-27 14:19 - 2014-03-19 12:29 - 00000000 ____D () C:\ProgramData\Razer
2014-02-27 14:19 - 2013-01-30 17:47 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-02-27 14:19 - 2013-01-30 17:47 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-02-27 14:17 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-02-27 14:17 - 2014-02-27 14:17 - 00002453 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-02-27 14:16 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Foxit Software
2014-02-27 14:16 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-02-27 14:16 - 2014-02-27 14:16 - 00002050 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-02-27 14:16 - 2013-06-09 21:59 - 00216064 _____ () C:\Windows\SysWOW64\gcapi_dll.dll
2014-02-27 14:15 - 2014-03-04 07:02 - 00000534 _____ () C:\Users\DeadMan\Desktop\µTorrent.lnk
2014-02-27 14:13 - 2014-03-25 16:41 - 00003070 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-27 14:13 - 2014-03-16 22:32 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-02-27 14:13 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd
2014-02-27 14:13 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\SABnzbd
2014-02-27 14:13 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-02-27 14:13 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-27 14:13 - 2014-03-11 14:30 - 00000847 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-27 14:13 - 2014-02-27 14:13 - 00000991 _____ () C:\Users\DeadMan\Desktop\SABnzbd.lnk
2014-02-27 14:13 - 2014-02-27 14:13 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-02-27 14:12 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-27 14:12 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-27 14:12 - 2014-02-27 14:12 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-27 14:12 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-02-27 14:11 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-02-27 14:11 - 2014-02-27 14:11 - 00000960 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-02-27 14:09 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2014-02-27 14:09 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Cyberfox
2014-02-27 14:09 - 2014-02-27 14:09 - 00000812 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2014-02-27 14:07 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Karen's Power Tools
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\ProgramData\Karen's Power Tools
2014-02-27 14:06 - 2014-03-15 00:54 - 00000000 ____D () C:\IpWatchDog_1.2
2014-02-27 14:06 - 2014-02-27 14:06 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IpWatchDog
2014-02-27 14:04 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\X-Rite
2014-02-27 14:04 - 2007-02-08 13:48 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1iO2_x64.sys
2014-02-27 14:04 - 2007-02-08 13:48 - 00051600 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1_x64.sys
2014-02-27 14:04 - 2007-01-25 16:40 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2014-02-27 14:04 - 2007-01-25 16:40 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-02-27 14:04 - 2007-01-25 16:40 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-02-27 14:04 - 2005-12-14 00:53 - 00007808 _____ (GretagMacbeth LLC) C:\Windows\system32\Drivers\i1display_x64.sys
2014-02-27 14:03 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\GretagMacbeth
2014-02-27 14:03 - 2013-04-30 10:52 - 00053552 _____ (Novation DMS Ltd.) C:\Windows\system32\Drivers\nvnusbaudio.sys
2014-02-27 14:00 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-02-27 14:00 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-02-27 14:00 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\ReClock
2014-02-27 14:00 - 2014-02-27 14:00 - 00001041 _____ () C:\Users\DeadMan\Desktop\VirtualDJ PRO Full.lnk
2014-02-27 14:00 - 2014-02-27 14:00 - 00000986 _____ () C:\Users\Public\Desktop\Configure ReClock.lnk
2014-02-27 13:59 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-02-27 13:59 - 2014-02-27 13:59 - 00001007 _____ () C:\Users\DeadMan\Desktop\Audacity.lnk
2014-02-27 13:58 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\SVP 3.1
2014-02-27 13:58 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\SVP
2014-02-27 13:58 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\MPC-HC
2014-02-27 13:58 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-02-27 13:58 - 2014-03-01 12:12 - 00001112 _____ () C:\Users\DeadMan\Desktop\MPC-HC.lnk
2014-02-27 13:58 - 2013-12-03 18:18 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-02-27 13:57 - 2014-03-15 15:33 - 00000000 ____D () C:\madVR
2014-02-27 13:54 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Realtime Soft
2014-02-27 13:54 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-02-27 13:54 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-02-27 13:54 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\UltraMon
2014-02-27 13:54 - 2014-03-01 09:37 - 00000944 _____ () C:\Users\DeadMan\Desktop\XnView.lnk
2014-02-27 13:53 - 2014-03-26 05:00 - 00001588 _____ () C:\Windows\Sandboxie.ini
2014-02-27 13:53 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Sandboxie
2014-02-27 13:53 - 2014-02-27 13:53 - 00000896 _____ () C:\Users\DeadMan\Desktop\Sandboxed Web Browser.lnk
2014-02-27 13:52 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-02-27 13:52 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-02-27 13:52 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-02-27 13:52 - 2014-03-15 00:57 - 00001102 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-02-27 13:52 - 2014-02-27 13:52 - 00001007 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-02-27 13:52 - 2010-04-12 08:55 - 00091568 _____ (PowerISO Computing, Inc.) C:\Windows\system32\Drivers\scdemu.sys
2014-02-27 13:52 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-02-27 13:51 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\HD Tune Pro
2014-02-27 13:50 - 2014-03-16 22:27 - 00000000 ____D () C:\Users\Public\Documents\PhoneTray
2014-02-27 13:50 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Traysoft
2014-02-27 13:49 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-27 13:49 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-27 13:49 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Adobe
2014-02-27 13:49 - 2014-03-01 09:23 - 00002080 _____ () C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
2014-02-27 13:46 - 2014-03-15 00:40 - 01263200 _____ (Acronis) C:\Windows\system32\Drivers\tdrpm273.sys
2014-02-27 13:41 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\SpeedProject
2014-02-27 13:41 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Common Files\SpeedProject
2014-02-27 13:41 - 2014-02-27 13:41 - 00001151 _____ () C:\Users\Public\Desktop\SpeedCommander.lnk
2014-02-27 11:11 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\poclbm
2014-02-27 08:07 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2014-02-27 08:07 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\CrystalDiskMark
2014-02-27 08:07 - 2014-02-27 08:07 - 00001801 _____ () C:\Users\DeadMan\Desktop\CrystalDiskMark.lnk
2014-02-27 08:07 - 2014-02-27 08:07 - 00001225 _____ () C:\Users\DeadMan\Desktop\CrystalDiskInfo Shizuku Edition.lnk
2014-02-27 08:07 - 2014-02-27 08:07 - 00001186 _____ () C:\Users\DeadMan\Desktop\CrystalDiskInfo.lnk
2014-02-27 07:17 - 2014-02-27 07:17 - 00001311 _____ () C:\Users\DeadMan\Desktop\FurMark.lnk
2014-02-27 07:08 - 2009-07-13 05:04 - 05173760 _____ () C:\Users\DeadMan\Desktop\prime95.exe
2014-02-27 06:11 - 2014-03-19 01:09 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-02-27 06:11 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\WinRAR
2014-02-27 06:11 - 2010-10-27 01:43 - 00110592 _____ () C:\Windows\system32\rtvcvfw32.dll
2014-02-27 06:03 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2014-02-27 06:03 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2014-02-27 06:02 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Geeks3D
2014-02-27 05:56 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\library_dir
2014-02-27 03:27 - 2014-03-21 12:59 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-27 03:27 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\TuneUp Software
2014-02-27 03:27 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-02-27 03:22 - 2014-03-22 19:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 03:20 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-02-27 03:19 - 2014-03-23 19:33 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-27 03:19 - 2014-02-26 20:14 - 00000000 ____D () C:\Intel
2014-02-27 03:19 - 2013-08-05 11:50 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-02-27 03:14 - 2014-03-24 21:50 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-27 03:14 - 2014-03-17 00:13 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-27 03:13 - 2014-03-16 22:35 - 00000000 __SHD () C:\Recovery
2014-02-26 22:37 - 2014-03-19 16:30 - 00000894 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-02-26 22:37 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\CPUID
2014-02-26 22:17 - 2013-07-29 11:56 - 00240864 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SamsungRapidDiskFltr.sys
2014-02-26 22:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-02-26 21:40 - 2014-03-17 00:17 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-02-26 21:40 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-26 21:27 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-02-26 21:15 - 2014-03-03 17:59 - 00020878 _____ () C:\Windows\system32\results.xml
2014-02-26 21:14 - 2014-02-26 21:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2014-02-26 21:14 - 2013-08-01 17:01 - 00029088 _____ () C:\Windows\system32\Drivers\INETMON.sys
2014-02-26 21:04 - 2014-03-16 23:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-26 20:13 - 2013-08-20 07:24 - 00180224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3277.dll
2014-02-26 19:53 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Macromedia
2014-02-26 19:52 - 2014-03-25 20:01 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 19:52 - 2014-03-25 20:01 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 19:52 - 2014-03-25 20:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 19:52 - 2014-03-25 16:41 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-26 19:52 - 2014-03-25 16:41 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-26 19:52 - 2014-03-25 16:39 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-26 19:52 - 2014-03-16 22:29 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Adobe
2014-02-26 19:52 - 2014-03-16 22:27 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-26 19:52 - 2014-03-16 22:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-26 19:52 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Google
2014-02-26 19:52 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Google
2014-02-26 19:52 - 2014-03-01 14:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-26 19:52 - 2014-03-01 14:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-26 19:48 - 2014-03-24 21:48 - 00000000 ____D () C:\ProgramData\Intel
2014-02-26 19:48 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Setup Files
2014-02-26 19:46 - 2014-03-16 22:27 - 00000000 ____D () C:\ProgramData\mvp
2014-02-26 19:46 - 2014-03-16 22:26 - 00000000 _RSHD () C:\ProgramData\Key-Base
2014-02-26 19:44 - 2014-03-23 16:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-26 19:44 - 2014-03-19 12:49 - 00000000 ____D () C:\uninstall
2014-02-26 19:44 - 2014-03-16 22:26 - 00000000 ____D () C:\ProgramData\Intel Application Pairing
2014-02-26 19:44 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-02-26 19:44 - 2014-03-16 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-26 19:44 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-02-26 19:44 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-02-26 19:44 - 2014-02-26 19:44 - 00002669 _____ () C:\Users\Public\Desktop\MSI™ Intel® Extreme Tuning Utility.lnk
2014-02-26 19:44 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-26 19:44 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-26 19:44 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-02-26 19:44 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-02-26 19:43 - 2014-03-26 01:00 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-02-26 19:43 - 2013-04-18 11:03 - 00005120 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\acpimof.dll
2014-02-26 19:42 - 2014-03-21 16:10 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-02-26 19:42 - 2013-11-25 17:20 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-02-26 19:41 - 2014-03-19 13:18 - 00000000 ____D () C:\ProgramData\Creative
2014-02-26 19:40 - 2014-03-16 22:25 - 00000000 ____D () C:\Program Files\Speccy
2014-02-26 19:40 - 2014-02-26 19:40 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-02-25 18:27 - 2014-02-25 18:27 - 00140576 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-02-25 18:24 - 2014-02-25 18:24 - 00204064 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll

==================== One Month Modified Files and Folders =======

2014-03-26 09:57 - 2014-03-26 09:57 - 02157056 _____ (Farbar) C:\Users\DeadMan\Desktop\FRST64.exe
2014-03-26 09:57 - 2014-03-26 09:57 - 00016799 _____ () C:\Users\DeadMan\Desktop\FRST.txt
2014-03-26 09:57 - 2014-03-26 09:57 - 00000000 ____D () C:\FRST
2014-03-26 09:56 - 2014-03-26 09:56 - 00000623 _____ () C:\Users\DeadMan\Desktop\JRT.txt
2014-03-26 09:53 - 2014-03-26 09:53 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 09:52 - 2014-03-26 09:52 - 01038974 _____ (Thisisu) C:\Users\DeadMan\Desktop\JRT.exe
2014-03-26 09:51 - 2014-03-26 09:39 - 00000000 ____D () C:\AdwCleaner
2014-03-26 09:38 - 2014-03-21 15:23 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-26 09:21 - 2014-03-20 16:29 - 00474780 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 05:00 - 2014-02-27 13:53 - 00001588 _____ () C:\Windows\Sandboxie.ini
2014-03-26 04:01 - 2014-03-24 13:44 - 03437001 _____ () C:\Windows\setupact.log
2014-03-26 03:52 - 2014-03-26 03:52 - 00001153 _____ () C:\Users\DeadMan\Desktop\Duplicate Cleaner Free.lnk
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\DigitalVolcano
2014-03-26 03:52 - 2014-03-26 03:52 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-03-26 01:29 - 2014-03-24 13:14 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-26 01:08 - 2009-07-14 04:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 01:08 - 2009-07-14 04:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 01:07 - 2009-07-14 05:13 - 00774168 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-26 01:01 - 2014-03-04 05:09 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Dropbox
2014-03-26 01:01 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 01:00 - 2014-03-16 22:22 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-03-26 01:00 - 2014-02-26 19:43 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-03-25 22:47 - 2014-03-03 19:23 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Skype
2014-03-25 20:01 - 2014-02-26 19:52 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-25 20:01 - 2014-02-26 19:52 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-25 20:01 - 2014-02-26 19:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-25 17:20 - 2014-03-05 08:59 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-25 17:10 - 2014-03-01 16:29 - 00000000 ____D () C:\Program Files\ProcessExplorer
2014-03-25 17:04 - 2014-02-28 05:59 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\foobar2000
2014-03-25 16:42 - 2014-03-19 12:29 - 00003178 _____ () C:\Windows\System32\Tasks\Razer_Game_Booster_AutoUpdate
2014-03-25 16:41 - 2014-03-25 16:33 - 00003660 _____ () C:\Windows\System32\Tasks\HG612 Stats Program
2014-03-25 16:41 - 2014-03-11 14:38 - 00003006 _____ () C:\Windows\System32\Tasks\{2F0263E8-831F-401A-875C-CD3A5456FE22}
2014-03-25 16:41 - 2014-03-03 19:20 - 00003118 _____ () C:\Windows\System32\Tasks\{C050B5AC-EB6A-49A8-AF23-C9CEC8D8098F}
2014-03-25 16:41 - 2014-03-03 17:20 - 00003022 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-03-25 16:41 - 2014-02-27 14:13 - 00003070 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-25 16:41 - 2014-02-26 19:52 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-25 16:41 - 2014-02-26 19:52 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 16:40 - 2014-03-02 16:50 - 00003506 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-ODDBALL-DeadMan
2014-03-25 16:39 - 2014-02-26 19:52 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-25 16:22 - 2014-03-19 03:36 - 00000000 ____D () C:\Program Files\Novation
2014-03-25 11:42 - 2014-03-25 11:42 - 00000000 ____D () C:\Windows\Minidump
2014-03-25 11:42 - 2009-07-14 05:08 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-24 23:16 - 2014-03-24 23:16 - 00000000 ____D () C:\ProgramData\ClubSanDisk
2014-03-24 21:50 - 2014-02-27 03:14 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-24 21:48 - 2014-03-24 21:48 - 00000000 ____D () C:\Users\DeadMan\Intel
2014-03-24 21:48 - 2014-03-24 21:48 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Intel Corporation
2014-03-24 21:48 - 2014-03-16 22:42 - 00780846 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-24 21:48 - 2014-03-16 22:24 - 00000000 ____D () C:\Users\DeadMan
2014-03-24 21:48 - 2014-03-16 22:21 - 00000000 ____D () C:\Program Files\Intel
2014-03-24 21:48 - 2014-02-26 19:48 - 00000000 ____D () C:\ProgramData\Intel
2014-03-24 13:44 - 2014-03-24 13:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-24 13:14 - 2014-03-24 13:14 - 00001032 _____ () C:\Users\DeadMan\Desktop\SpeedFan.lnk
2014-03-24 13:14 - 2014-03-24 13:14 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-03-24 13:14 - 2014-03-24 13:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-03-24 12:21 - 2014-03-16 22:23 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-23 19:33 - 2014-02-27 03:19 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-23 19:06 - 2014-03-16 22:23 - 00021601 _____ () C:\Windows\system32\lvcoinst.log
2014-03-23 19:05 - 2014-03-16 22:23 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-23 18:11 - 2014-03-10 20:10 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-03-23 16:28 - 2014-03-23 16:18 - 00002503 _____ () C:\Users\Public\Desktop\Serato DJ .lnk
2014-03-23 16:18 - 2014-03-23 15:55 - 00000000 ____D () C:\Program Files (x86)\Serato
2014-03-23 16:18 - 2014-02-26 19:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-23 15:55 - 2014-03-23 15:55 - 00001021 _____ () C:\Users\DeadMan\Desktop\ITCH.lnk
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkV7
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkNS7
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\usb-audio.deNumarkNS6
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-03-23 15:55 - 2014-03-23 15:55 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serato
2014-03-23 01:24 - 2014-03-15 19:51 - 00000921 _____ () C:\Users\DeadMan\Desktop\4K Video Downloader.lnk
2014-03-22 19:08 - 2014-03-22 19:08 - 00002085 _____ () C:\Users\Public\Desktop\UltraEdit.lnk
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IDMComp
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\ProgramData\IDMComp
2014-03-22 19:08 - 2014-03-22 19:08 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-03-22 19:08 - 2014-02-27 03:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-22 19:04 - 2014-03-22 19:03 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Notepad++
2014-03-22 19:03 - 2014-03-22 19:03 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-22 19:03 - 2014-03-22 19:03 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-03-22 18:42 - 2014-03-22 18:41 - 00001047 _____ () C:\Users\DeadMan\Desktop\dpclat.exe.lnk
2014-03-22 17:17 - 2014-03-01 14:57 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Audacity
2014-03-22 17:16 - 2014-03-22 17:16 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-03-21 16:12 - 2014-03-21 16:12 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-03-21 16:12 - 2014-03-21 16:12 - 00000000 ____D () C:\Program Files\Realtek
2014-03-21 16:10 - 2014-02-26 19:42 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-21 16:09 - 2014-03-21 16:09 - 00002088 _____ () C:\Users\Public\Desktop\Super-Charger.lnk
2014-03-21 16:09 - 2014-03-21 16:09 - 00000000 ___HD () C:\SuperChargerProfile
2014-03-21 16:09 - 2014-03-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ASM106xSATA
2014-03-21 16:08 - 2014-03-21 16:04 - 00002032 _____ () C:\Users\Public\Desktop\Live Update 5.lnk
2014-03-21 16:03 - 2014-03-21 16:03 - 00001154 _____ () C:\Users\Public\Desktop\Fast Boot.lnk
2014-03-21 15:46 - 2014-03-21 15:46 - 01826929 _____ () C:\Users\DeadMan\Desktop\FixDotNet20140321154651819.cab
2014-03-21 15:32 - 2014-03-21 15:28 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-21 15:32 - 2013-05-02 17:11 - 00054368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2014-03-21 15:32 - 2013-05-02 17:11 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2014-03-21 15:32 - 2013-05-02 17:11 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-03-21 15:32 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-03-21 15:32 - 2012-06-19 17:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-03-21 15:28 - 2014-03-21 15:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-03-21 15:22 - 2014-03-21 15:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-03-21 15:19 - 2014-03-21 15:19 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-21 14:45 - 2014-03-16 10:51 - 00002609 _____ () C:\Users\Public\Desktop\WOL Magic Packet Sender.lnk
2014-03-21 14:45 - 2014-03-03 19:21 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-21 14:45 - 2014-03-03 19:21 - 00000000 ____D () C:\ProgramData\Skype
2014-03-21 14:11 - 2014-02-27 15:22 - 00000000 ____D () C:\Windows\pss
2014-03-21 12:59 - 2014-02-27 03:27 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-20 15:51 - 2014-03-20 15:51 - 00000000 ____D () C:\Program Files\LatencyMon
2014-03-20 00:27 - 2014-03-01 09:38 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\XnView
2014-03-20 00:07 - 2014-03-20 00:07 - 14090240 _____ () C:\kernel.etl
2014-03-20 00:07 - 2014-03-20 00:07 - 00000000 ____D () C:\SymCache
2014-03-19 16:34 - 2014-02-27 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 16:30 - 2014-02-26 22:37 - 00000894 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-03-19 16:10 - 2014-03-19 15:22 - 00000921 _____ () C:\Windows\QSFVExit.bat
2014-03-19 16:05 - 2014-03-19 16:05 - 00000000 ____D () C:\Windows\SysWOW64\ShellExt
2014-03-19 16:05 - 2014-03-19 16:05 - 00000000 ____D () C:\Windows\system32\ShellExt
2014-03-19 15:38 - 2014-03-19 15:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 14:59 - 2014-03-19 14:48 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\FileZilla
2014-03-19 14:48 - 2014-03-19 14:48 - 00002025 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-03-19 14:48 - 2014-03-19 14:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-03-19 14:40 - 2014-03-19 14:40 - 00000000 ____D () C:\Users\DeadMan\Cam Wizard
2014-03-19 14:33 - 2014-03-19 14:33 - 00001366 _____ () C:\Users\DeadMan\Desktop\HG612 Stats logging GUI.lnk
2014-03-19 13:18 - 2014-03-19 13:18 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-03-19 13:18 - 2014-03-19 13:18 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-03-19 13:18 - 2014-02-26 19:41 - 00000000 ____D () C:\ProgramData\Creative
2014-03-19 12:49 - 2014-02-26 19:44 - 00000000 ____D () C:\uninstall
2014-03-19 12:35 - 2014-03-19 12:34 - 00001546 _____ () C:\Users\DeadMan\Desktop\VirtualDJ PC Optimizer.bat.lnk
2014-03-19 12:30 - 2014-03-19 12:29 - 00000000 ____D () C:\Users\DeadMan\Documents\Razer
2014-03-19 12:29 - 2014-03-19 12:29 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-03-19 12:29 - 2014-02-27 14:19 - 00002150 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-03-19 12:29 - 2014-02-27 14:19 - 00000000 ____D () C:\ProgramData\Razer
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\NVIDIA
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\ATI
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 ____D () C:\ProgramData\ATI
2014-03-19 01:14 - 2014-03-19 01:14 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-19 01:12 - 2014-03-19 01:12 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201403190112086971.log
2014-03-19 01:12 - 2014-03-19 01:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-19 01:12 - 2014-03-19 01:12 - 00000000 ____D () C:\AMD
2014-03-19 01:12 - 2014-03-19 01:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-19 01:12 - 2014-03-19 01:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-19 01:12 - 2014-03-16 21:23 - 00000000 ____D () C:\ProgramData\AMD
2014-03-19 01:11 - 2014-03-19 01:11 - 00000000 ____D () C:\Program Files\ATI
2014-03-19 01:11 - 2014-03-19 01:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-19 01:09 - 2014-02-27 06:11 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-18 21:59 - 2014-03-03 17:20 - 00000000 ____D () C:\Program Files\Lucidlogix Technologies
2014-03-18 21:30 - 2014-03-18 21:30 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-03-18 16:39 - 2014-03-18 15:05 - 00000000 ____D () C:\Users\DeadMan\Documents\Nexus Mod Manager
2014-03-18 15:43 - 2014-03-18 15:43 - 00000879 _____ () C:\Users\DeadMan\Desktop\Skyrim (SKSE).lnk
2014-03-18 15:05 - 2014-03-18 15:05 - 00000750 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-03-18 14:10 - 2014-03-17 01:40 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-18 14:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-18 01:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-03-17 21:50 - 2014-02-27 14:56 - 00000000 ____D () C:\Users\DeadMan\Documents\My Games
2014-03-17 21:02 - 2014-03-17 21:02 - 00000774 _____ () C:\Users\DeadMan\Desktop\TSEV Skyrim LE.lnk
2014-03-17 20:26 - 2014-03-17 20:25 - 00000000 ____D () C:\Program Files (x86)\Flawless Widescreen
2014-03-17 20:25 - 2014-03-17 20:25 - 00001159 _____ () C:\Users\Public\Desktop\Flawless Widescreen.lnk
2014-03-17 19:52 - 2014-03-17 19:51 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-17 18:29 - 2014-03-16 22:22 - 00000000 ____D () C:\Program Files\AMD
2014-03-17 18:18 - 2014-03-17 18:13 - 00000000 ____D () C:\Users\DeadMan\Heaven
2014-03-17 18:12 - 2014-03-17 18:12 - 00001012 _____ () C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2014-03-17 17:21 - 2014-03-16 22:50 - 00001372 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-03-17 17:20 - 2014-03-16 22:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-17 17:20 - 2014-03-16 22:49 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-17 17:02 - 2014-03-17 17:02 - 00002863 _____ () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2014-03-17 17:02 - 2014-03-17 17:02 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2014-03-17 17:01 - 2014-03-17 17:01 - 00000000 ____D () C:\Program Files (x86)\MSECACHE
2014-03-17 12:53 - 2014-03-17 12:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-17 12:45 - 2014-03-17 12:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-17 06:19 - 2009-07-14 05:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-03-17 06:19 - 2009-07-14 05:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-17 06:18 - 2014-03-17 06:18 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-17 00:28 - 2014-03-17 00:28 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-17 00:18 - 2014-03-17 00:18 - 00000000 ____D () C:\Windows\system32\RAPID
2014-03-17 00:17 - 2014-02-26 21:40 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-17 00:17 - 2009-07-14 05:32 - 00000000 ____D () C:\Windows\system32\restore
2014-03-17 00:13 - 2014-02-27 03:14 - 00000000 ___RD () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-17 00:12 - 2014-03-16 22:37 - 00001438 _____ () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-17 00:09 - 2009-07-14 04:45 - 05034984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 00:08 - 2011-04-12 08:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-17 00:08 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-17 00:08 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-17 00:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-16 23:41 - 2014-03-16 23:41 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-16 23:41 - 2014-03-16 23:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-16 23:41 - 2014-03-16 23:41 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-16 23:41 - 2014-03-16 23:41 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-16 23:41 - 2014-03-16 23:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-16 23:41 - 2014-03-16 23:41 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-16 23:41 - 2014-03-16 23:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-16 23:41 - 2014-03-16 23:41 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-16 23:41 - 2014-03-16 23:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-16 23:40 - 2014-03-16 23:40 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-16 23:40 - 2014-03-16 23:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-16 23:40 - 2014-03-16 23:40 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-16 23:12 - 2014-02-26 21:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-16 22:53 - 2014-03-16 22:53 - 00002783 _____ () C:\Users\Public\Desktop\Killer Network Manager.lnk
2014-03-16 22:53 - 2014-03-16 22:53 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-03-16 22:53 - 2014-03-16 22:53 - 00000000 ____D () C:\Program Files\Qualcomm Atheros
2014-03-16 22:51 - 2014-03-16 22:49 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-16 22:50 - 2014-03-16 22:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-16 22:50 - 2014-03-16 22:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-16 22:50 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\Help
2014-03-16 22:37 - 2009-07-14 05:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-16 22:36 - 2014-03-16 22:36 - 00000020 ___SH () C:\Users\DeadMan\ntuser.ini
2014-03-16 22:35 - 2014-03-16 22:35 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2014-03-16 22:35 - 2014-02-27 03:13 - 00000000 __SHD () C:\Recovery
2014-03-16 22:35 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-16 22:34 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-16 22:33 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\Registration
2014-03-16 22:32 - 2014-03-16 22:32 - 00022744 _____ () C:\Windows\system32\emptyregdb.dat
2014-03-16 22:32 - 2014-03-02 16:38 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-16 22:32 - 2014-02-27 14:13 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-03-16 22:30 - 2014-03-16 22:30 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-16 22:30 - 2014-03-16 13:44 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\QuickScan
2014-03-16 22:30 - 2014-03-16 13:05 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\LavasoftStatistics
2014-03-16 22:30 - 2014-03-16 12:35 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\java
2014-03-16 22:30 - 2014-03-16 10:51 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IsolatedStorage
2014-03-16 22:30 - 2014-03-15 10:14 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\gsmartcontrol
2014-03-16 22:30 - 2014-03-15 00:15 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\FDB3F4A9-AD07-49D4-BBBB-C2267E102C6D
2014-03-16 22:30 - 2014-03-14 02:42 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Winamp
2014-03-16 22:30 - 2014-03-11 14:19 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 10.0.0.27 PreCracked
2014-03-16 22:30 - 2014-03-11 14:19 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\AVG
2014-03-16 22:30 - 2014-03-11 11:57 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2014-03-16 22:30 - 2014-03-11 11:51 - 00000000 ____D () C:\Users\DeadMan\Documents\Visual Studio 2008
2014-03-16 22:30 - 2014-03-11 08:27 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PingPlotter Standard
2014-03-16 22:30 - 2014-03-11 08:20 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Downloaded Installations
2014-03-16 22:30 - 2014-03-04 19:30 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Condusiv_Technologies
2014-03-16 22:30 - 2014-03-04 09:27 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Stopper
2014-03-16 22:30 - 2014-03-04 05:10 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-16 22:30 - 2014-03-04 05:10 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\DropboxMaster
2014-03-16 22:30 - 2014-03-03 19:24 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\skypePM
2014-03-16 22:30 - 2014-03-03 17:53 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\SystemRequirementsLab
2014-03-16 22:30 - 2014-03-02 17:17 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\mkvtoolnix
2014-03-16 22:30 - 2014-03-02 17:04 - 00000000 ____D () C:\Users\DeadMan\Documents\My PSP Files
2014-03-16 22:30 - 2014-03-02 17:04 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Corel
2014-03-16 22:30 - 2014-03-02 17:01 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-16 22:30 - 2014-03-02 16:51 - 00000000 ____D () C:\Users\DeadMan\Documents\Adobe
2014-03-16 22:30 - 2014-03-01 16:37 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Process Hacker 2
2014-03-16 22:30 - 2014-03-01 14:41 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-03-16 22:30 - 2014-03-01 14:22 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\TrueCrypt
2014-03-16 22:30 - 2014-03-01 10:21 - 00000000 ____D () C:\Users\DeadMan\Documents\PCMark 8
2014-03-16 22:30 - 2014-03-01 09:58 - 00000000 ____D () C:\Users\DeadMan\Documents\3DMark
2014-03-16 22:30 - 2014-03-01 09:38 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\XnViewMP
2014-03-16 22:30 - 2014-03-01 09:35 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Malwarebytes
2014-03-16 22:30 - 2014-03-01 09:33 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\HD Tune Pro
2014-03-16 22:30 - 2014-03-01 09:10 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Thunderbird
2014-03-16 22:30 - 2014-03-01 08:48 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\SpeedProject
2014-03-16 22:30 - 2014-02-28 14:08 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2014-03-16 22:30 - 2014-02-27 14:57 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Mozilla
2014-03-16 22:30 - 2014-02-27 14:55 - 00000000 ____D () C:\Users\DeadMan\Documents\VirtualDJ
2014-03-16 22:30 - 2014-02-27 14:27 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Leadertech
2014-03-16 22:30 - 2014-02-27 14:26 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Logitech
2014-03-16 22:30 - 2014-02-27 14:26 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Logishrd
2014-03-16 22:30 - 2014-02-27 14:16 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Foxit Software
2014-03-16 22:30 - 2014-02-27 14:13 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd
2014-03-16 22:30 - 2014-02-27 14:09 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox
2014-03-16 22:30 - 2014-02-27 14:00 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-03-16 22:30 - 2014-02-27 13:54 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Realtime Soft
2014-03-16 22:30 - 2014-02-27 11:11 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\poclbm
2014-03-16 22:30 - 2014-02-27 06:11 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\WinRAR
2014-03-16 22:30 - 2014-02-27 06:03 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2014-03-16 22:30 - 2014-02-27 05:56 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\library_dir
2014-03-16 22:30 - 2014-02-27 03:27 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\TuneUp Software
2014-03-16 22:30 - 2014-02-26 19:53 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Macromedia
2014-03-16 22:30 - 2009-07-14 03:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-16 22:30 - 2009-07-14 03:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-16 22:30 - 2009-07-14 03:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-16 22:30 - 2009-07-14 03:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-16 22:29 - 2014-03-15 00:40 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\8890C549-E2D4-46B9-A46E-1C7FE5E8420B
2014-03-16 22:29 - 2014-03-02 15:58 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\15F2C5FE-77AF-456D-BE0B-734EF6B84B49
2014-03-16 22:29 - 2014-03-02 15:57 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Acronis
2014-03-16 22:29 - 2014-03-02 15:50 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\03E84EAF-9B64-4112-94FD-428E33B96B85
2014-03-16 22:29 - 2014-02-27 14:20 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Apple Computer
2014-03-16 22:29 - 2014-02-26 19:52 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Adobe
2014-03-16 22:27 - 2014-03-11 14:43 - 00000000 ____D () C:\ProgramData\Seagate
2014-03-16 22:27 - 2014-03-04 21:24 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-03-16 22:27 - 2014-03-03 17:53 - 00000000 ____D () C:\Windows\Sun
2014-03-16 22:27 - 2014-03-03 17:52 - 00000000 ____D () C:\ProgramData\Sun
2014-03-16 22:27 - 2014-03-02 17:04 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-03-16 22:27 - 2014-03-02 16:51 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-03-16 22:27 - 2014-03-02 16:49 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-16 22:27 - 2014-03-02 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-16 22:27 - 2014-03-01 09:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 22:27 - 2014-03-01 08:17 - 00000000 ____D () C:\ProgramData\Western Digital
2014-03-16 22:27 - 2014-03-01 08:04 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-16 22:27 - 2014-02-27 15:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-16 22:27 - 2014-02-27 14:27 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-16 22:27 - 2014-02-27 14:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-16 22:27 - 2014-02-27 13:58 - 00000000 ____D () C:\ProgramData\SVP 3.1
2014-03-16 22:27 - 2014-02-27 13:54 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-03-16 22:27 - 2014-02-27 13:52 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-16 22:27 - 2014-02-27 13:50 - 00000000 ____D () C:\Users\Public\Documents\PhoneTray
2014-03-16 22:27 - 2014-02-26 21:40 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-16 22:27 - 2014-02-26 21:27 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-03-16 22:27 - 2014-02-26 19:52 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-16 22:27 - 2014-02-26 19:52 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-16 22:27 - 2014-02-26 19:46 - 00000000 ____D () C:\ProgramData\mvp
2014-03-16 22:27 - 2011-04-12 08:28 - 00000000 ____D () C:\Windows\ShellNew
2014-03-16 22:27 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-16 22:26 - 2014-03-16 17:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-16 22:26 - 2014-03-16 17:10 - 00000000 ____D () C:\Program Files (x86)\GUM8FF0.tmp
2014-03-16 22:26 - 2014-03-16 13:04 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-16 22:26 - 2014-03-16 10:51 - 00000000 ____D () C:\Program Files (x86)\WOL Magic Packet Sender
2014-03-16 22:26 - 2014-03-14 21:45 - 00000000 ____D () C:\Program Files (x86)\GUMA543.tmp
2014-03-16 22:26 - 2014-03-14 18:31 - 00000000 ____D () C:\Program Files (x86)\Resplendent Registrar
2014-03-16 22:26 - 2014-03-14 02:42 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-03-16 22:26 - 2014-03-11 08:57 - 00000000 ____D () C:\Program Files (x86)\NeoSmart Technologies
2014-03-16 22:26 - 2014-03-11 08:21 - 00000000 ____D () C:\Program Files (x86)\PingPlotter Standard
2014-03-16 22:26 - 2014-03-10 19:45 - 00000000 ____D () C:\Program Files (x86)\GSmartControl
2014-03-16 22:26 - 2014-03-05 14:47 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-03-16 22:26 - 2014-03-05 10:23 - 00000000 ____D () C:\Program Files (x86)\Western Digital Corporation
2014-03-16 22:26 - 2014-03-05 08:59 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-03-16 22:26 - 2014-03-04 13:07 - 00000000 ____D () C:\ProgramData\Condusiv Technologies
2014-03-16 22:26 - 2014-03-04 13:06 - 00000000 ____D () C:\Program Files (x86)\Diskeeper Setup Files
2014-03-16 22:26 - 2014-03-04 09:27 - 00000000 ____D () C:\Program Files (x86)\Time Stopper
2014-03-16 22:26 - 2014-03-04 08:45 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-16 22:26 - 2014-03-04 08:45 - 00000000 ____D () C:\ProgramData\Binarysense
2014-03-16 22:26 - 2014-03-03 19:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 22:26 - 2014-03-03 10:32 - 00000000 ____D () C:\Program Files (x86)\Phyxion.net
2014-03-16 22:26 - 2014-03-02 17:05 - 00000000 ____D () C:\ProgramData\Corel
2014-03-16 22:26 - 2014-03-02 17:05 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-16 22:26 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-16 22:26 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-03-16 22:26 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-16 22:26 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-16 22:26 - 2014-03-02 16:04 - 00000000 ____D () C:\ProgramData\Acronis
2014-03-16 22:26 - 2014-03-01 14:46 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer
2014-03-16 22:26 - 2014-03-01 14:44 - 00000000 ____D () C:\Program Files (x86)\PTAutoRun
2014-03-16 22:26 - 2014-03-01 14:27 - 00000000 ____D () C:\Program Files (x86)\XnViewMP
2014-03-16 22:26 - 2014-03-01 12:45 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-03-16 22:26 - 2014-03-01 11:58 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2014-03-16 22:26 - 2014-03-01 10:54 - 00000000 ____D () C:\Program Files (x86)\MKVToolNix
2014-03-16 22:26 - 2014-03-01 09:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 22:26 - 2014-03-01 08:56 - 00000000 ____D () C:\ProgramData\Impulse Technology
2014-03-16 22:26 - 2014-02-28 14:08 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-03-16 22:26 - 2014-02-28 05:58 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-03-16 22:26 - 2014-02-27 14:20 - 00000000 ____D () C:\ProgramData\Apple
2014-03-16 22:26 - 2014-02-27 14:20 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-03-16 22:26 - 2014-02-27 14:17 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-03-16 22:26 - 2014-02-27 14:16 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-03-16 22:26 - 2014-02-27 14:13 - 00000000 ____D () C:\Program Files (x86)\SABnzbd
2014-03-16 22:26 - 2014-02-27 14:13 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-03-16 22:26 - 2014-02-27 14:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-16 22:26 - 2014-02-27 14:07 - 00000000 ____D () C:\Program Files (x86)\Karen's Power Tools
2014-03-16 22:26 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files (x86)\X-Rite
2014-03-16 22:26 - 2014-02-27 14:03 - 00000000 ____D () C:\Program Files (x86)\GretagMacbeth
2014-03-16 22:26 - 2014-02-27 14:00 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-03-16 22:26 - 2014-02-27 14:00 - 00000000 ____D () C:\Program Files (x86)\ReClock
2014-03-16 22:26 - 2014-02-27 13:58 - 00000000 ____D () C:\Program Files (x86)\SVP
2014-03-16 22:26 - 2014-02-27 13:58 - 00000000 ____D () C:\Program Files (x86)\MPC-HC
2014-03-16 22:26 - 2014-02-27 13:58 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-03-16 22:26 - 2014-02-27 13:54 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-03-16 22:26 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-03-16 22:26 - 2014-02-27 13:51 - 00000000 ____D () C:\Program Files (x86)\HD Tune Pro
2014-03-16 22:26 - 2014-02-27 13:50 - 00000000 ____D () C:\Program Files (x86)\Traysoft
2014-03-16 22:26 - 2014-02-27 13:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-16 22:26 - 2014-02-27 08:07 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2014-03-16 22:26 - 2014-02-27 06:03 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2014-03-16 22:26 - 2014-02-27 06:02 - 00000000 ____D () C:\Program Files (x86)\Geeks3D
2014-03-16 22:26 - 2014-02-27 03:20 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-03-16 22:26 - 2014-02-26 19:52 - 00000000 ____D () C:\ProgramData\Google
2014-03-16 22:26 - 2014-02-26 19:48 - 00000000 ____D () C:\Program Files (x86)\Setup Files
2014-03-16 22:26 - 2014-02-26 19:46 - 00000000 _RSHD () C:\ProgramData\Key-Base
2014-03-16 22:26 - 2014-02-26 19:44 - 00000000 ____D () C:\ProgramData\Intel Application Pairing
2014-03-16 22:26 - 2014-02-26 19:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-03-16 22:26 - 2014-02-26 19:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-16 22:26 - 2009-07-14 05:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-16 22:25 - 2014-03-11 14:18 - 00000000 ____D () C:\Program Files (x86)\AVG PC TuneUp 10.0.0.27 PreCracked
2014-03-16 22:25 - 2014-03-05 08:59 - 00000000 ____D () C:\Program Files\Western Digital
2014-03-16 22:25 - 2014-03-05 08:59 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-03-16 22:25 - 2014-03-04 21:37 - 00000000 ____D () C:\Program Files\Logitech
2014-03-16 22:25 - 2014-03-04 13:07 - 00000000 ____D () C:\Program Files\Common Files\Diskeeper Corporation
2014-03-16 22:25 - 2014-03-04 09:50 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-03-16 22:25 - 2014-03-04 08:45 - 00000000 ____D () C:\Program Files (x86)\BinarySense
2014-03-16 22:25 - 2014-03-04 07:57 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-16 22:25 - 2014-03-04 05:50 - 00000000 ____D () C:\Program Files\LinkShellExtension
2014-03-16 22:25 - 2014-03-02 17:04 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-03-16 22:25 - 2014-03-02 16:51 - 00000000 ____D () C:\Program Files\Common Files\PACE Anti-Piracy
2014-03-16 22:25 - 2014-03-02 16:44 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-16 22:25 - 2014-03-02 16:38 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-16 22:25 - 2014-03-02 16:05 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-03-16 22:25 - 2014-03-02 08:10 - 00000000 ____D () C:\Program Files\SyncToy 2.1
2014-03-16 22:25 - 2014-03-02 08:10 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-03-16 22:25 - 2014-03-01 16:32 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-03-16 22:25 - 2014-03-01 14:41 - 00000000 ____D () C:\Program Files\Unlocker
2014-03-16 22:25 - 2014-03-01 14:41 - 00000000 ____D () C:\Program Files (x86)\Attribute Changer
2014-03-16 22:25 - 2014-03-01 14:39 - 00000000 ____D () C:\Program Files\Eraser
2014-03-16 22:25 - 2014-03-01 10:55 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-03-16 22:25 - 2014-03-01 09:37 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-16 22:25 - 2014-03-01 09:31 - 00000000 ____D () C:\Program Files (x86)\Cam Wizard
2014-03-16 22:25 - 2014-03-01 08:38 - 00000000 ____D () C:\Program Files (x86)\CallStation
2014-03-16 22:25 - 2014-03-01 08:17 - 00000000 ____D () C:\Program Files\WDCSAM
2014-03-16 22:25 - 2014-03-01 08:17 - 00000000 ____D () C:\Program Files\DIFX
2014-03-16 22:25 - 2014-02-27 15:10 - 00000000 ____D () C:\Program Files\CyberGhost VPN
2014-03-16 22:25 - 2014-02-27 15:04 - 00000000 ____D () C:\Program Files\TrueCrypt
2014-03-16 22:25 - 2014-02-27 14:20 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-16 22:25 - 2014-02-27 14:20 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-16 22:25 - 2014-02-27 14:13 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-16 22:25 - 2014-02-27 14:11 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-03-16 22:25 - 2014-02-27 14:09 - 00000000 ____D () C:\Program Files\Cyberfox
2014-03-16 22:25 - 2014-02-27 13:59 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-16 22:25 - 2014-02-27 13:54 - 00000000 ____D () C:\Program Files\UltraMon
2014-03-16 22:25 - 2014-02-27 13:53 - 00000000 ____D () C:\Program Files\Sandboxie
2014-03-16 22:25 - 2014-02-27 13:52 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-16 22:25 - 2014-02-27 13:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-16 22:25 - 2014-02-27 13:49 - 00000000 ____D () C:\Program Files\Adobe
2014-03-16 22:25 - 2014-02-27 13:41 - 00000000 ____D () C:\Program Files\SpeedProject
2014-03-16 22:25 - 2014-02-27 13:41 - 00000000 ____D () C:\Program Files\Common Files\SpeedProject
2014-03-16 22:25 - 2014-02-27 08:07 - 00000000 ____D () C:\Program Files\CrystalDiskMark
2014-03-16 22:25 - 2014-02-27 03:27 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-16 22:25 - 2014-02-26 22:37 - 00000000 ____D () C:\Program Files\CPUID
2014-03-16 22:25 - 2014-02-26 19:52 - 00000000 ____D () C:\Program Files\Google
2014-03-16 22:25 - 2014-02-26 19:44 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-03-16 22:25 - 2014-02-26 19:44 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-03-16 22:25 - 2014-02-26 19:40 - 00000000 ____D () C:\Program Files\Speccy
2014-03-16 22:25 - 2009-07-14 03:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-16 22:23 - 2014-03-16 22:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-16 22:23 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-03-16 22:22 - 2014-03-16 22:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2014-03-16 22:21 - 2014-03-16 22:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-03-16 22:20 - 2011-04-12 08:28 - 00000000 ____D () C:\Windows\CSC
2014-03-16 21:50 - 2014-03-16 21:31 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-03-16 21:50 - 2014-03-16 21:31 - 00001890 _____ () C:\Windows\diagerr.xml
2014-03-16 20:00 - 2014-03-16 20:00 - 00000763 _____ () C:\Users\Public\Desktop\Driver Fusion.lnk
2014-03-16 17:24 - 2014-03-16 17:24 - 00002280 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-16 17:11 - 2014-03-16 17:10 - 49940480 _____ () C:\Program Files (x86)\GUT8FF1.tmp
2014-03-16 15:33 - 2014-03-16 15:33 - 00002312 _____ () C:\Users\DeadMan\Desktop\Kaspersky Antivirus.lnk
2014-03-16 12:30 - 2014-03-16 10:57 - 00002248 ____H () C:\Users\DeadMan\Documents\Default.rdp
2014-03-15 15:33 - 2014-02-27 13:57 - 00000000 ____D () C:\madVR
2014-03-15 01:07 - 2014-03-15 01:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-03-15 01:02 - 2014-03-15 01:02 - 00000189 _____ () C:\mylog.log
2014-03-15 00:57 - 2014-02-27 13:52 - 00001102 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-03-15 00:54 - 2014-02-27 14:06 - 00000000 ____D () C:\IpWatchDog_1.2
2014-03-15 00:40 - 2014-03-15 00:40 - 00970336 _____ (Acronis) C:\Windows\system32\Drivers\timntr.sys
2014-03-15 00:40 - 2014-03-15 00:40 - 00285280 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-03-15 00:40 - 2014-03-02 16:05 - 00001538 _____ () C:\Users\Public\Desktop\Acronis Online Backup.lnk
2014-03-15 00:40 - 2014-03-02 16:05 - 00001164 _____ () C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
2014-03-15 00:40 - 2014-02-27 13:46 - 01263200 _____ (Acronis) C:\Windows\system32\Drivers\tdrpm273.sys
2014-03-15 00:27 - 2014-03-14 21:45 - 49940480 _____ () C:\Program Files (x86)\GUTA544.tmp
2014-03-14 21:36 - 2014-03-14 18:42 - 00001250 _____ () C:\Users\Public\Desktop\Samsung Magician.lnk
2014-03-14 10:50 - 2014-03-14 10:49 - 00000964 _____ () C:\Users\DeadMan\Desktop\DogeCoin.lnk
2014-03-14 02:42 - 2014-03-14 02:42 - 00001004 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-03-12 16:10 - 2014-03-12 16:10 - 10899112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 10176088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 10145128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 08764440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 06716264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 01329352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 01106872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00116024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-03-12 16:10 - 2014-03-12 16:10 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-03-12 16:06 - 2014-03-12 16:06 - 00273632 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-03-12 16:04 - 2014-03-12 16:04 - 13929984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-03-12 15:50 - 2014-03-12 15:50 - 00230912 _____ () C:\Windows\system32\clinfo.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 28425216 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2014-03-12 15:49 - 2014-03-12 15:49 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-03-12 15:49 - 2014-03-12 15:49 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-03-12 15:47 - 2014-03-12 15:47 - 23903744 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-03-12 15:44 - 2014-03-12 15:44 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-12 15:44 - 2014-03-12 15:44 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-12 15:27 - 2014-03-12 15:27 - 27490304 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00577368 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-03-12 15:24 - 2014-03-12 15:24 - 00577368 _____ () C:\Windows\system32\atiapfxx.blb
2014-03-12 15:24 - 2014-03-12 15:24 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-03-12 15:24 - 2014-03-12 15:24 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-03-12 15:24 - 2014-03-12 15:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-03-12 15:23 - 2014-03-12 15:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 00126464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-03-12 15:20 - 2014-03-12 15:20 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-03-12 15:19 - 2014-03-12 15:19 - 05393408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-03-12 15:07 - 2014-03-12 15:07 - 23108608 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-03-12 15:06 - 2014-03-12 15:06 - 04319744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-03-12 15:03 - 2014-03-12 15:03 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-03-12 15:03 - 2014-03-12 15:03 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-03-12 15:03 - 2014-03-12 15:03 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-03-12 15:02 - 2014-03-12 15:02 - 00240128 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-03-12 15:00 - 2014-03-12 15:00 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-03-12 14:53 - 2014-03-12 14:53 - 00081920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-03-12 14:53 - 2014-03-12 14:53 - 00079360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-03-12 14:50 - 2014-03-12 14:50 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-03-12 14:50 - 2014-03-12 14:50 - 00035840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-03-12 14:46 - 2014-03-12 14:46 - 03434288 _____ () C:\Windows\system32\atiumd6a.cap
2014-03-12 14:43 - 2014-03-12 14:43 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2014-03-12 14:43 - 2014-03-12 14:43 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2014-03-12 14:34 - 2014-03-12 14:34 - 00806912 _____ (AMD) C:\Windows\system32\coinst_13.350.dll
2014-03-12 14:33 - 2014-03-12 14:33 - 03468336 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-03-12 14:27 - 2014-03-12 14:27 - 01148416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00828416 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00146432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-03-12 14:26 - 2014-03-12 14:26 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-03-12 14:25 - 2014-03-12 14:25 - 00636928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-03-12 14:25 - 2014-03-12 14:25 - 00133120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-03-12 14:24 - 2014-03-12 14:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-03-12 14:20 - 2014-03-12 14:20 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-03-12 12:00 - 2014-03-12 12:00 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-03-12 11:55 - 2014-03-12 11:55 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-03-12 11:46 - 2014-03-12 11:46 - 02404352 _____ () C:\Windows\system32\amdacpusl.pdb
2014-03-12 11:36 - 2014-03-12 11:36 - 00357376 _____ () C:\Windows\system32\amdacpusl.dll
2014-03-12 11:36 - 2014-03-12 11:36 - 00306176 _____ () C:\Windows\system32\amdacpusl.pdb.pub
2014-03-12 11:36 - 2014-03-12 11:36 - 00242688 _____ () C:\Windows\SysWOW64\amdacpusl.dll
2014-03-11 14:43 - 2014-03-11 14:43 - 00002233 _____ () C:\Users\Public\Desktop\Seagate Drive Settings.lnk
2014-03-11 14:40 - 2014-03-11 14:40 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2014-03-11 14:30 - 2014-02-27 14:13 - 00000847 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-11 14:19 - 2014-03-11 14:19 - 00001228 _____ () C:\Users\DeadMan\Desktop\AVG PC TuneUp 2012.lnk
2014-03-11 08:57 - 2014-03-11 08:57 - 00001238 _____ () C:\Users\Public\Desktop\EasyBCD 2.0.lnk
2014-03-11 08:21 - 2014-03-11 08:21 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\PingPlotter
2014-03-11 03:32 - 2014-03-10 19:29 - 00000000 ____D () C:\backupres
2014-03-10 19:24 - 2014-03-10 19:24 - 00000048 _____ () C:\boot.ini
2014-03-10 18:55 - 2014-03-02 16:16 - 02784624 _____ (Acronis) C:\Windows\system32\auto_reactivate.exe
2014-03-10 18:55 - 2014-03-02 16:16 - 00000000 _RSHD () C:\bootwiz
2014-03-10 18:51 - 2014-03-10 18:51 - 00000000 ____D () C:\HG612_Modem_Stats
2014-03-10 18:37 - 2014-03-10 18:37 - 00011224 _____ () C:\config.xml
2014-03-09 20:21 - 2014-03-11 08:21 - 00000044 ____H () C:\Program Files (x86)\5f5dbcaa.tmp
2014-03-05 17:29 - 2014-03-05 17:29 - 00107760 _____ () C:\Windows\system32\EvGr_Data{B183C2D3-BAC8-470A-ACAD-87B1C92168EF}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00025814 _____ () C:\Windows\system32\RW_AppData.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00003776 _____ () C:\Windows\system32\RW_FileType.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000444 _____ () C:\Windows\system32\RW_FileFlag.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000296 _____ () C:\Windows\system32\EvGr_Data{E956A423-A050-11E3-8245-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{ED1D803F-A117-11E3-9C6C-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{E956A423-A050-11E3-8245-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{C5C3D4C4-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{C5C3D4C3-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{B183C2D3-BAC8-470A-ACAD-87B1C92168EF}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4C-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4B-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000056 _____ () C:\Windows\system32\RW_{625EFE4A-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{ED1D803F-A117-11E3-9C6C-10FEED02AF2E}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{C5C3D4C4-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{C5C3D4C3-9F5C-11E3-A7FD-806E6F6E6963}.dat
2014-03-05 17:29 - 2014-03-05 17:29 - 00000016 _____ () C:\Windows\system32\EvGr_Data{625EFE4C-A04F-11E3-8BBD-806E6F6E6963}.dat
2014-03-05 10:23 - 2014-03-05 10:23 - 00001487 _____ () C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2014-03-05 09:33 - 2014-03-05 09:33 - 00000000 _____ () C:\Windows\Bench32.INI
2014-03-04 22:29 - 2014-03-04 22:29 - 00000000 ___DL () C:\MSOCache
2014-03-04 19:31 - 2014-03-04 19:31 - 00001432 _____ () C:\Users\DeadMan\Desktop\Diskeeper.lnk
2014-03-04 14:35 - 2014-03-17 17:19 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 14:35 - 2014-03-17 17:19 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 14:35 - 2014-03-17 17:19 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 14:35 - 2014-03-16 22:49 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 13:06 - 2014-03-16 22:50 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 13:06 - 2014-03-16 22:50 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 13:05 - 2014-03-17 17:20 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 13:05 - 2014-03-16 22:50 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 13:05 - 2014-03-16 22:50 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 13:05 - 2014-03-16 22:50 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 13:05 - 2014-03-16 22:50 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 11:32 - 2014-03-17 17:20 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-04 09:50 - 2014-03-04 09:50 - 00000888 _____ () C:\Users\Public\Desktop\MyDefrag.lnk
2014-03-04 09:31 - 2014-03-04 09:31 - 00002166 _____ () C:\Users\DeadMan\Desktop\SSD Life.lnk
2014-03-04 09:30 - 2014-03-04 09:30 - 00002084 _____ () C:\Users\Public\Desktop\SSDlife Pro.lnk
2014-03-04 09:27 - 2014-03-04 09:27 - 00001972 _____ () C:\Users\DeadMan\Desktop\Time Stopper.lnk
2014-03-04 07:58 - 2014-03-04 07:57 - 00001749 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-03-04 07:02 - 2014-02-27 14:15 - 00000534 _____ () C:\Users\DeadMan\Desktop\µTorrent.lnk
2014-03-04 05:50 - 2014-03-04 05:50 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension
2014-03-04 05:11 - 2014-03-04 05:11 - 00001064 _____ () C:\Users\DeadMan\Desktop\Dropbox.lnk
2014-03-03 17:59 - 2014-02-26 21:15 - 00020878 _____ () C:\Windows\system32\results.xml
2014-03-03 17:52 - 2014-03-03 17:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-03 09:54 - 2014-03-03 09:54 - 00001543 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2014-03-02 17:19 - 2014-03-01 10:54 - 00001887 _____ () C:\Users\Public\Desktop\mkvmerge GUI.lnk
2014-03-02 17:08 - 2014-03-02 17:08 - 00000000 ____D () C:\Users\DeadMan\Documents\My Corel Shows
2014-03-02 17:04 - 2014-03-02 17:04 - 00001365 _____ () C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
2014-03-02 16:51 - 2014-03-02 16:51 - 00000021 _____ () C:\Windows\SurCode.INI
2014-03-02 16:38 - 2009-07-14 02:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-02 16:05 - 2014-03-02 16:05 - 00277088 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2014-03-02 16:05 - 2014-03-02 16:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-02 14:05 - 2014-03-16 23:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-01 16:32 - 2014-03-01 16:32 - 00001866 _____ () C:\Users\DeadMan\Desktop\Process Hacker 2.lnk
2014-03-01 14:44 - 2014-03-01 14:44 - 00249856 _____ (Microsoft Corporation) C:\Windows\Setup1.exe
2014-03-01 14:44 - 2014-03-01 14:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-03-01 14:44 - 2014-03-01 14:44 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Karen's Power Tools
2014-03-01 14:11 - 2014-02-26 19:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-01 14:11 - 2014-02-26 19:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 12:45 - 2014-03-01 12:45 - 00001649 _____ () C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2014-03-01 12:12 - 2014-02-27 13:58 - 00001112 _____ () C:\Users\DeadMan\Desktop\MPC-HC.lnk
2014-03-01 10:55 - 2014-03-01 10:55 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-03-01 10:32 - 2014-03-01 10:21 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-03-01 10:09 - 2014-03-01 10:09 - 00001005 _____ () C:\Users\Public\Desktop\3DMark.lnk
2014-03-01 09:37 - 2014-02-27 13:54 - 00000944 _____ () C:\Users\DeadMan\Desktop\XnView.lnk
2014-03-01 09:35 - 2014-03-01 09:35 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-01 09:31 - 2014-03-01 09:31 - 00002583 _____ () C:\Users\Public\Desktop\Cam Wizard.lnk
2014-03-01 09:23 - 2014-02-27 13:49 - 00002080 _____ () C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
2014-03-01 09:09 - 2014-02-27 15:00 - 00002111 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-01 08:36 - 2014-03-01 08:36 - 00000000 ___RD () C:\Sandbox
2014-03-01 06:05 - 2014-03-17 00:15 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:17 - 2014-03-17 00:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:16 - 2014-03-17 00:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 - 2014-03-17 00:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:52 - 2014-03-17 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-17 00:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:42 - 2014-03-17 00:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:40 - 2014-03-17 00:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:37 - 2014-03-17 00:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:33 - 2014-03-17 00:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:33 - 2014-03-17 00:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:32 - 2014-03-17 00:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:30 - 2014-03-17 00:15 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 04:23 - 2014-03-17 00:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 - 2014-03-17 00:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:11 - 2014-03-17 00:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 04:02 - 2014-03-17 00:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 03:54 - 2014-03-17 00:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 03:52 - 2014-03-17 00:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 03:51 - 2014-03-17 00:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 03:47 - 2014-03-17 00:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 03:43 - 2014-03-17 00:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 03:43 - 2014-03-17 00:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 03:42 - 2014-03-17 00:15 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 03:40 - 2014-03-17 00:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 03:38 - 2014-03-17 00:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 03:37 - 2014-03-17 00:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 03:35 - 2014-03-17 00:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:18 - 2014-03-17 00:15 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:16 - 2014-03-17 00:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 03:14 - 2014-03-17 00:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 03:10 - 2014-03-17 00:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:03 - 2014-03-17 00:15 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 03:00 - 2014-03-17 00:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 02:57 - 2014-03-17 00:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 02:38 - 2014-03-17 00:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 02:32 - 2014-03-17 00:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 02:27 - 2014-03-17 00:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 02:25 - 2014-03-17 00:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 02:25 - 2014-03-17 00:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 13:32 - 2014-02-28 13:32 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys
2014-02-28 11:25 - 2014-02-27 15:05 - 00000000 ____D () C:\Program Files\EliteBytes
2014-02-28 05:58 - 2014-02-28 05:58 - 00001031 _____ () C:\Users\Public\Desktop\foobar2000.lnk
2014-02-27 15:10 - 2014-02-27 15:10 - 00000864 _____ () C:\Users\Public\Desktop\CyberGhost VPN.lnk
2014-02-27 15:04 - 2014-02-27 15:04 - 00230352 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2014-02-27 15:04 - 2014-02-27 15:04 - 00000875 _____ () C:\Users\Public\Desktop\TrueCrypt.lnk
2014-02-27 14:17 - 2014-02-27 14:17 - 00002453 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-02-27 14:16 - 2014-02-27 14:16 - 00002050 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-02-27 14:13 - 2014-02-27 14:13 - 00000991 _____ () C:\Users\DeadMan\Desktop\SABnzbd.lnk
2014-02-27 14:13 - 2014-02-27 14:13 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-02-27 14:12 - 2014-02-27 14:12 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-02-27 14:11 - 2014-02-27 14:11 - 00000960 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-02-27 14:09 - 2014-02-27 14:09 - 00000812 _____ () C:\Users\Public\Desktop\Cyberfox.lnk
2014-02-27 14:07 - 2014-02-27 14:07 - 00000000 ____D () C:\ProgramData\Karen's Power Tools
2014-02-27 14:06 - 2014-02-27 14:06 - 00000000 ____D () C:\Users\DeadMan\AppData\Roaming\IpWatchDog
2014-02-27 14:00 - 2014-02-27 14:00 - 00001041 _____ () C:\Users\DeadMan\Desktop\VirtualDJ PRO Full.lnk
2014-02-27 14:00 - 2014-02-27 14:00 - 00000986 _____ () C:\Users\Public\Desktop\Configure ReClock.lnk
2014-02-27 13:59 - 2014-02-27 13:59 - 00001007 _____ () C:\Users\DeadMan\Desktop\Audacity.lnk
2014-02-27 13:53 - 2014-02-27 13:53 - 00000896 _____ () C:\Users\DeadMan\Desktop\Sandboxed Web Browser.lnk
2014-02-27 13:52 - 2014-02-27 13:52 - 00001007 _____ () C:\Users\Public\Desktop\PowerISO.lnk
2014-02-27 13:41 - 2014-02-27 13:41 - 00001151 _____ () C:\Users\Public\Desktop\SpeedCommander.lnk
2014-02-27 08:07 - 2014-02-27 08:07 - 00001801 _____ () C:\Users\DeadMan\Desktop\CrystalDiskMark.lnk
2014-02-27 08:07 - 2014-02-27 08:07 - 00001225 _____ () C:\Users\DeadMan\Desktop\CrystalDiskInfo Shizuku Edition.lnk
2014-02-27 08:07 - 2014-02-27 08:07 - 00001186 _____ () C:\Users\DeadMan\Desktop\CrystalDiskInfo.lnk
2014-02-27 07:17 - 2014-02-27 07:17 - 00001311 _____ () C:\Users\DeadMan\Desktop\FurMark.lnk
2014-02-26 21:14 - 2014-02-26 21:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2014-02-26 20:14 - 2014-02-27 03:19 - 00000000 ____D () C:\Intel
2014-02-26 19:44 - 2014-02-26 19:44 - 00002669 _____ () C:\Users\Public\Desktop\MSI™ Intel® Extreme Tuning Utility.lnk
2014-02-26 19:40 - 2014-02-26 19:40 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-02-25 18:31 - 2014-03-17 04:26 - 00252704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-02-25 18:27 - 2014-03-17 04:26 - 00126752 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-02-25 18:27 - 2014-02-25 18:27 - 00140576 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-02-25 18:24 - 2014-02-25 18:24 - 00204064 ____N (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll

ZeroAccess:
C:\Users\DeadMan\AppData\Local\Dropbox
C:\Users\DeadMan\AppData\Local\Dropbox\aggregation.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\config.db
C:\Users\DeadMan\AppData\Local\Dropbox\config.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\deleted.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\filecache.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\host.db
C:\Users\DeadMan\AppData\Local\Dropbox\host.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\notifications.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\PENDING_zlqybj
C:\Users\DeadMan\AppData\Local\Dropbox\photo.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\sigstore.dbx
C:\Users\DeadMan\AppData\Local\Dropbox\TO_HASH_k72sef
C:\Users\DeadMan\AppData\Local\Dropbox\unlink.db
C:\Users\DeadMan\AppData\Local\Dropbox\UPDATED_tslmbm
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52faeb24
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52faf0a6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52faf8a4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fafac6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fafae3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fb0017
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fb0301
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fb086a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fb0d85
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fb9fa3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fbe39b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc04ca
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc04ed
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc0a8f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc1573
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5882
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5978
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc59c3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5b3e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5b76
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5b8b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc5d9f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc62cd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6813
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6954
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6963
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6964
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6977
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6989
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6992
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6997
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc699c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69a7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69ad
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69b4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69b8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69bd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69c2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69c7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69cf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69d4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69d8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69dc
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69e1
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69e5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69e9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69ee
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69f2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69f6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc69fb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a00
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a05
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a09
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a0d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a11
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a32
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a37
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a3c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a40
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a45
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a49
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a4f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a53
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a58
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a5c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a61
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a65
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a69
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a6c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a75
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6a79
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fa2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fa3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6faa
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6faf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fb5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fba
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fbe
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fc5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fcc
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fd2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fd7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fdf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fe8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6fee
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6ff4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc6ff9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7a64
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7a7f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7a88
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7a91
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7aa4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7c2e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7c36
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d0a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d18
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d1d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d20
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d24
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d27
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d2a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d2f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d32
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d35
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d38
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d3d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d40
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d43
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d46
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d4b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d4f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d54
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d58
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7d5c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7de3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7dfa
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e0a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e0e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e12
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e16
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e1a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e1d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e23
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e27
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e2b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e2f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e33
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e36
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e3a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e3e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e42
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e47
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e4a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e4e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc7e54
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc8736
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87a7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87ab
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87b5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87dd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87ef
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc87f9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc8855
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fc8884
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fcf005
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd7229
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd7f3d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd8190
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd8d42
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd8d58
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fd9f52
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fda50a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdaa43
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdaf64
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdaff7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdb00d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdb565
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fdb56d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fe3cca
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fe3f53
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fe4d87
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52feca47
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fed43d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fee745
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fefd06
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff051a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff1b6d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff1d20
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff1dd0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff1f89
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ff1fff
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffaf0e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffbaa4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffdb07
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffdd79
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffe38d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffe9ad
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52ffef47
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fff07d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\52fff0cf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53000fe1
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53001531
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530016ae
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530016af
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530019f7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5300201b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53002162
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53002167
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530026a7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53002ba0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53002ca4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53004695
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530058ae
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530058dd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530100ac
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53010765
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5301786a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53017b1b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530180d4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53018696
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53018bad
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53018bb2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53018bb6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53018bbf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530190d9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530195a8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530195ae
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530195d3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530198f0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5301b4fb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53027bb0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53027d2c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530294ae
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530294e4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302a4fa
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302c163
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302c1a2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302c862
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302e338
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302e3bd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302e5fc
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302ec25
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302f1bd
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5302f1c4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530354b0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5303bbfb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5303c05b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5303f9f3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5303fcc9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53040559
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53040771
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530407f7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530413d8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53041438
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53041699
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53041f99
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53041ff5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5304202a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53042095
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530420d6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530422ea
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5304404f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53044067
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530445fb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5304460f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53044667
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53044b85
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5304568d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53045ebb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53045f09
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5304dc5d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53052277
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5305676d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5305bd16
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5305dd10
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5305eef7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53060b47
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53062451
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530657a8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306631a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530669b8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53067b71
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53069473
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53069487
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53069a29
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53069a31
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53069a41
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306d155
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306d7e4
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306dae9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306e0b7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306e773
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306e942
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306ef5e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306ef68
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306ef71
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306ef7f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f4de
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f4e6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f4ed
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f4fe
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f50f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f51d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306f524
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5306fa25
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53070036
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53070070
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53070a8b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53070c30
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307267c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307406f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307409d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307c49d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307c7e7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307e41d
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307e4ad
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307e597
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307e6c7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307f7d3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307fd56
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307fde7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5307ffb6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53080417
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53080961
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53081039
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530817a6
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53081dcb
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530827c3
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53082d17
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53085a46
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530879cf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53087ecf
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53088341
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53091169
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53091f67
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5309249f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530929f8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5309316c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53093737
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53093cf8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53094247
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530945db
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53096606
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53096652
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\53096743
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\5309698a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530a7726
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530a78a9
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530a7a54
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530ad39b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530ad780
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530af8f5
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530aff60
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530b0364
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530b401f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530bde4e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530bf11a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c4c86
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c5e76
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c5f0a
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c7d7c
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c86b7
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c9ba0
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530c9c4b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530cc558
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530ccb89
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530ce3bc
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530d9d37
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530d9ec2
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530daf3e
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530db0e8
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530dcb90
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530dcbc1
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530de167
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530f094f
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530f097b
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\530f4b94
C:\Users\DeadMan\AppData\Local\Dropbox\shellext\l\new_trace
C:\Users\DeadMan\AppData\Local\Dropbox\l\52fabab6
C:\Users\DeadMan\AppData\Local\Dropbox\l\52fcf000
C:\Users\DeadMan\AppData\Local\Dropbox\l\530285e4
C:\Users\DeadMan\AppData\Local\Dropbox\l\5307c787
C:\Users\DeadMan\AppData\Local\Dropbox\l\530b33fc
C:\Users\DeadMan\AppData\Local\Dropbox\l\530dcbbc
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Dropbox.exe
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Dropbox.exe.log
C:\Users\DeadMan\AppData\Local\Dropbox\bin\DropboxExt.22.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\DropboxExt64.22.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\DropboxUninstaller.exe
C:\Users\DeadMan\AppData\Local\Dropbox\bin\DropboxUpdateHelper.exe
C:\Users\DeadMan\AppData\Local\Dropbox\bin\icudt.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\itag
C:\Users\DeadMan\AppData\Local\Dropbox\bin\libcef.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\wxmsw28uh_vc.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\DeadMan\AppData\Local\Dropbox\bin\Microsoft.VC90.CRT\msvcr90.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-21 01:40

==================== End Of Log ============================

Addition.txt

Addition.txt

---

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by DeadMan at 2014-03-26 09:57:46
Running from C:\Users\DeadMan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Anti-Virus (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
4K Video Downloader 3.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.2.0.1300 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acronis True Image Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40312 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.4.0000 - Asmedia Technology)
Attribute Changer 7.10e (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 7.10e - Romain Petges)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG PC TuneUp 10.0.0.27 PreCracked (HKCU\...\AVG PC TuneUp 10.0.0.27 PreCracked) (Version:  - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
calibre (HKLM-x32\...\{60C18701-A823-4165-8E58-C083673F90DC}) (Version: 1.14.0 - Kovid Goyal)
CallStation 5.5 (HKLM-x32\...\CallStation_is1) (Version: 5.5.2 - Impulse Technology)
Cam Wizard (HKLM-x32\...\{964EE990-D3CA-43A6-AB4F-530FEBA09046}) (Version: 10.15 - Ledset Software)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0312.1130.18796 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0312.1131.18796 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.242 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 5.6.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2f Shizuku Edition (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 27.0.0.0 - 8pecxstudios)
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
Data Lifeguard Diagnostic for Windows 1.25 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Diskeeper 12 Home (HKLM\...\{2C0222FA-7DBD-4AED-862B-1672848539F4}) (Version: 16.0.1017.64 - Condusiv Technologies)
Dogecoin (HKCU\...\Dogecoin) (Version: 1.6.0.0 - Dogecoin)
Driver Fusion (HKLM-x32\...\Driver Fusion) (Version: 2.0 - Treexy)
Driver Sweeper 2.1.0 (HKLM-x32\...\{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1) (Version:  - Phyxion.net)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
Duplicate Cleaner Free 3.2.3 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.3 - DigitalVolcano Software Ltd)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Eye-One Match 3.6.2 (HKLM-x32\...\Eye-One Match_is1) (Version: 3.6.2 - GretagMacbeth)
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
ffdshow v1.3.4527 [2013-12-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4527.0 - )
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Flawless Widescreen version 1.0.12 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.12 - Flawless Widescreen)
foobar2000 v1.2.2 (HKLM-x32\...\foobar2000) (Version: 1.2.2 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Geeks3D FurMark 1.12.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GSmartControl (HKLM-x32\...\GSmartControl) (Version: 0.8.7 - Alexander Shaduri)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HD Tune Pro 4.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
i1Diagnostics (HKLM-x32\...\i1Diagnostics_is1) (Version:  - X-Rite)
ICA (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
IPM_PSP_CL (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPM_PSP_COM (x32 Version: 1.00.0000 - Your Company Name) Hidden
ITCH (HKLM-x32\...\{A86FE646-BE8F-46A7-AD10-68B69BB0029E}) (Version: 2.2.2.20 - Serato Audio Research)
Karen's Autorun.inf Editor (HKLM-x32\...\ST6UNST #1) (Version:  - )
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LatencyMon 6.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
LAV Filters 0.60.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.60.1 - Hendrik Leppkes)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.7.5.9 - Hermann Schinagl)
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\SP6) (Version: 6.61.15 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Windows Performance Toolkit (HKLM\...\{24190661-2122-40D1-9F7C-8FDEA5AE4197}) (Version: 4.6.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (40715) (Version: 7.0.40715 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 en-GB)) (Version: 24.4.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MPC-HC 1.7.3.64 (3527afd) Nightly (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3.64 - MPC-HC Team)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.1 - Black Tree Gaming)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Novation USB Audio Driver 2.5 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.5 - Novation DMS Ltd.)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhoneTray Free (HKLM-x32\...\PhoneTray) (Version: 1.35 - Traysoft Inc.)
PingPlotter Standard 3.41.0s (HKLM-x32\...\{57CE9ADD-8C74-42EF-92CE-3A7736877FB4}) (Version: 3.41.0.4 - Nessoft, LLC)
Plex Media Server (HKLM-x32\...\{90CB06AF-364A-4906-AF91-51E540EE8792}) (Version: 0.9.728 - Plex, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
RAPID Mode (Version: 1.0.1.42 - Samsung Electronics Co., Ltd.) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
Resplendent Registrar 3.00  (HKLM-x32\...\Resplendent Registrar 3.00 ) (Version:  - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 2.1.1 (HKLM\...\Revo Uninstaller Pro_is1) (Version:  - )
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Sandboxie 3.44 (64-bit) (HKLM\...\Sandboxie) (Version:  - )
Seagate Drive Settings Installer (HKLM-x32\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Serato DJ  (HKLM-x32\...\{47eb0a29-4314-4e93-9e7c-4113692cb0a1}) (Version: 1.3.0.10 - )
Serato DJ  (x32 Version: 1.3.0.10 - Serato) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Setup (x32 Version: 1.6.1.242 - Corel Corporation) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.5 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.5 - SVP)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13 - SpeedProject)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SSDlife Pro (HKLM-x32\...\{AF2EBA10-1F9C-4D56-8D02-5342BD9F44D5}) (Version: 2.5.67 - BinarySense Inc.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.022 - MSI)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Time Stopper (HKLM-x32\...\Time Stopper4.0) (Version: 4.0 - DilSoft)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 21.00.1033 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 21.00.1033 - IDM Computer Solutions, Inc.) Hidden
UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd)
Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb)
VirtualDJ PRO Full (HKLM-x32\...\{23F20D12-1D01-4806-8AA8-AC79055109DE}) (Version: 7.4 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Quick View (HKLM-x32\...\{63911503-7EA4-4685-B2FD-D391EF622FB9}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{34C6812E-E231-4B13-9DAC-21E06ECA864A}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1ec9e03a-452b-48fb-8e1b-27ee0477985f}) (Version: 2.3.0.20 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows SDK Intellidocs (x32 Version: 9.0.30729 - Microsoft) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WOL Magic Packet Sender (HKLM-x32\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
XnView 2.12 (HKLM-x32\...\XnView_is1) (Version: 2.12 - Gougelet Pierre-e)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {018DAA95-ED96-4747-9125-E87CBC128336} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-01] (Adobe Systems Incorporated)
Task: {182040E3-84F4-4192-B9F1-DAFD0C33A02C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)
Task: {2168CED7-EC42-425E-A0A2-24B5E3E8AAD5} - System32\Tasks\{C050B5AC-EB6A-49A8-AF23-C9CEC8D8098F} => c:\program files\cyberfox\cyberfox.exe [2014-02-04] (Mozilla Corporation)
Task: {3A52B30C-F02C-417E-A058-019E3E7C0A0F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {54D6B7EF-AC60-46C2-92BC-4DC49562D2DA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {595CA83C-3B20-4A54-A044-78A48576AAD7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {65005538-1473-41A6-B5D8-3AEDC4EE5DB4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {7080335B-51AE-47EB-9B07-B9EE083BFA3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)
Task: {7EDD5878-6583-4F7C-93A1-7FA643CC04AD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {9C7A9DCD-050E-4316-8D8D-6D65855CBA1B} - System32\Tasks\HG612 Stats Program => I:\HG612_Modem_Stats\Scripts\HG612_Run.exe [2013-03-13] ()
Task: {B467D4FA-84AD-41AC-9B2B-F5AEAAEB7DB9} - System32\Tasks\AdobeAAMUpdater-1.0-ODDBALL-DeadMan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {D792878F-8C33-4553-BD8C-032822DD8427} - \SidebarExecute No Task File
Task: {E0679EF5-759F-4B3E-9335-9FE5F271ACC0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-12 11:37 - 2014-03-12 11:37 - 00082432 _____ () C:\AMD\amdacpusrsvc.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2004-09-30 18:15 - 2004-09-30 18:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2010-04-29 23:40 - 2010-04-29 23:40 - 00013312 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-03-01 09:37 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-17 21:00 - 2014-02-17 21:00 - 00111616 _____ () C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2010-07-28 02:24 - 2010-07-28 02:24 - 00124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2012-06-18 15:24 - 2012-06-18 15:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-03-26 09:39 - 2014-03-26 09:39 - 01950720 _____ () I:\Software\Shareware\adwcleaner.exe
2014-02-27 14:09 - 2014-02-04 13:16 - 04509864 _____ () C:\Program Files\Cyberfox\mozjs.dll
2010-01-02 14:42 - 2010-01-02 14:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:91E29860

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliSrvc => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Diskeeper => 3
MSCONFIG\Services: FreeAgentGoFlex Service => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdate1cf413c86d8be1e => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gupdatem1cf413c872c0e48 => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: IpWatchDog => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: LucidSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MSIBIOSData_CC => 3
MSCONFIG\Services: MSIClock_CC => 3
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 3
MSCONFIG\Services: MSISaveLoad_CC => 3
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSIWMI_CC => 3
MSCONFIG\Services: MSI_SuperCharger => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Qualcomm Atheros Killer Service V2 => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: vToolbarUpdater18.0.0 => 2
MSCONFIG\Services: XTU3SERVICE => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MaxVeloSSD.lnk => C:\Windows\pss\MaxVeloSSD.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ProfileReminder.lnk => C:\Windows\pss\ProfileReminder.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Corel Photo Downloader => "c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: LiveUpdate 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 16303.5 MB
Available physical RAM: 14006.17 MB
Total Pagefile: 32605.18 MB
Available Pagefile: 30199.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Samsung EVO Pro 256GB SSD) (Fixed) (Total:238.37 GB) (Free:196.62 GB) NTFS
Drive d: (Seagate 4TB) (Fixed) (Total:3725.9 GB) (Free:807.63 GB) NTFS
Drive e: (My Book 2TB) (Fixed) (Total:1862.98 GB) (Free:1224.64 GB) NTFS
Drive f: (Samsung_F3_1TB) (Fixed) (Total:931.51 GB) (Free:172.25 GB) NTFS
Drive g: (Seagate_500GB) (Fixed) (Total:465.76 GB) (Free:90.21 GB) NTFS
Drive h: (Samsung 2TB) (Fixed) (Total:1863.01 GB) (Free:416.18 GB) NTFS
Drive i: (Samsung F3 1TB) (Fixed) (Total:931.51 GB) (Free:560.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 75FF674D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 049B31FA)
Partition 1: (Not Active) - (Size=-198626966528) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: 0E768617)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 932 GB) (Disk ID: 1B96DA10)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 93AA3B15)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 05D8DE43)
Partition 1: (Not Active) - (Size=-198661111808) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.

==================== End Of Log ============================



#5 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 26 March 2014 - 05:46 AM

Wow! There really is a lot of stuff shown. I seem to have some cracked software (Not good I know. I think my brother installed it)). Uninstalled that for starters after looking at some of the logs.

 

EDIT: After a reboot AdwCleaner only reports the same Chrome line. Because I use a folder junction for Chrome user data on a different partition it may be why AdwCleaner could not remove it.


Edited by Deadman3000, 26 March 2014 - 06:18 AM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 26 March 2014 - 08:42 AM

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
==============

Please let me know what problem persists.

#7 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 27 March 2014 - 06:06 PM

ComboFix 14-03-24.01 - DeadMan 27/03/2014  22:56:34.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.16304.13596 [GMT 0:00]
Running from: c:\users\DeadMan\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe.lnk
c:\users\DeadMan\AppData\Roaming\poclbm
c:\users\DeadMan\AppData\Roaming\poclbm\poclbm_scrypt.ini
D:\Autorun.inf
E:\Autorun.inf
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-27 to 2014-03-27  )))))))))))))))))))))))))))))))
.
.
2014-03-27 23:00 . 2014-03-27 23:00    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-03-26 12:27 . 2014-03-26 12:27    --------    d-----w-    c:\program files (x86)\VstPlugins
2014-03-26 12:27 . 2009-09-15 09:14    1554944    ----a-w-    c:\windows\SysWow64\vorbis.acm
2014-03-26 12:27 . 2014-03-26 12:27    --------    d-----w-    c:\program files (x86)\Outsim
2014-03-26 12:27 . 2014-03-26 12:27    --------    d-----w-    c:\program files (x86)\Image-Line
2014-03-26 09:57 . 2014-03-26 09:57    --------    d-----w-    C:\FRST
2014-03-26 09:53 . 2014-03-26 09:53    --------    d-----w-    c:\windows\ERUNT
2014-03-26 09:39 . 2014-03-26 10:50    --------    d-----w-    C:\AdwCleaner
2014-03-26 03:52 . 2014-03-26 03:52    --------    d-----w-    c:\program files (x86)\Duplicate Cleaner
2014-03-25 16:22 . 2013-04-30 10:52    21808    ----a-w-    c:\windows\system32\nvnusbaudio_coinst.dll
2014-03-24 23:16 . 2014-03-24 23:16    --------    d-----w-    c:\programdata\ClubSanDisk
2014-03-24 21:57 . 2014-03-24 21:57    --------    d-----w-    c:\program files (x86)\Common Files\Intel Corporation
2014-03-24 21:48 . 2014-03-24 21:48    --------    d-----w-    c:\windows\SysWow64\config\systemprofile\Intel
2014-03-24 13:14 . 2014-03-26 01:29    --------    d-----w-    c:\program files (x86)\SpeedFan
2014-03-23 19:33 . 2013-12-20 16:38    41984    ----a-w-    c:\windows\system32\drivers\USB3Ver.dll
2014-03-23 17:39 . 2013-12-20 16:38    20464    ----a-w-    c:\windows\system32\drivers\iusb3hcs.sys
2014-03-23 17:39 . 2013-12-20 16:38    790512    ----a-w-    c:\windows\system32\drivers\iusb3xhc.sys
2014-03-23 17:39 . 2013-12-20 16:38    369648    ----a-w-    c:\windows\system32\drivers\iusb3hub.sys
2014-03-23 15:55 . 2014-03-23 16:18    --------    d-----w-    c:\program files (x86)\Serato
2014-03-23 15:55 . 2014-03-23 15:55    --------    d-----w-    c:\windows\usb-audio.deNumarkV7
2014-03-23 15:55 . 2014-03-23 15:55    --------    d-----w-    c:\windows\usb-audio.deNumarkNS7
2014-03-23 15:55 . 2014-03-23 15:55    --------    d-----w-    c:\windows\usb-audio.deNumarkNS6
2014-03-23 15:55 . 2014-03-23 15:55    --------    d-----w-    c:\windows\Downloaded Installations
2014-03-22 19:08 . 2014-03-22 19:08    --------    d-----w-    c:\programdata\IDMComp
2014-03-22 19:08 . 2014-03-22 19:08    --------    d-----w-    c:\program files (x86)\IDM Computer Solutions
2014-03-22 19:03 . 2014-03-22 19:03    --------    d-----w-    c:\program files (x86)\Notepad++
2014-03-22 17:16 . 2014-03-22 17:16    --------    d-----w-    c:\program files (x86)\Lame For Audacity
2014-03-21 16:09 . 2014-03-21 16:09    --------    d-----w-    C:\SuperChargerProfile
2014-03-21 16:09 . 2014-03-21 16:09    --------    d-----w-    c:\program files (x86)\ASM106xSATA
2014-03-21 16:03 . 2014-03-21 16:03    --------    d-----w-    C:\msiFastBoot
2014-03-21 15:28 . 2013-05-02 17:11    64856    ----a-w-    c:\windows\system32\klfphc.dll
2014-03-21 15:28 . 2014-03-21 15:28    --------    d-----w-    c:\windows\ELAMBKUP
2014-03-21 15:28 . 2014-03-21 15:32    626272    ----a-w-    c:\windows\system32\drivers\klif.sys
2014-03-21 15:28 . 2013-05-02 17:11    90208    ----a-w-    c:\windows\system32\drivers\klflt.sys
2014-03-21 15:23 . 2014-03-27 21:14    --------    d-----w-    c:\programdata\Kaspersky Lab
2014-03-21 15:22 . 2014-03-21 15:22    --------    d-----w-    c:\program files (x86)\Kaspersky Lab
2014-03-21 15:19 . 2014-03-21 15:19    --------    d-----w-    c:\program files\7-Zip
2014-03-20 15:51 . 2014-03-20 15:51    --------    d-----w-    c:\program files\LatencyMon
2014-03-20 15:51 . 2013-10-21 12:26    25504    ----a-w-    c:\windows\system32\drivers\rspLLL64.sys
2014-03-20 00:07 . 2014-03-20 00:07    --------    d-----w-    C:\SymCache
2014-03-19 16:05 . 2014-03-19 16:05    --------    d-----w-    c:\windows\SysWow64\ShellExt
2014-03-19 16:05 . 2014-03-19 16:05    --------    d-----w-    c:\windows\system32\ShellExt
2014-03-19 15:38 . 2014-03-19 15:38    --------    d-----w-    c:\program files (x86)\Mozilla Thunderbird
2014-03-19 15:22 . 2014-03-19 16:10    921    ----a-w-    c:\windows\QSFVExit.bat
2014-03-19 14:48 . 2014-03-19 14:48    --------    d-----w-    c:\program files (x86)\FileZilla FTP Client
2014-03-19 13:12 . 2013-09-17 03:20    16344    ----a-w-    c:\windows\system32\drivers\IntelMEFWVer.dll
2014-03-19 12:29 . 2014-03-19 12:29    --------    d-----w-    c:\program files (x86)\Razer
2014-03-19 03:36 . 2014-03-25 16:22    --------    d-----w-    c:\program files\Novation
2014-03-19 01:14 . 2014-03-19 01:14    --------    d-----w-    c:\programdata\ATI
2014-03-19 01:14 . 2014-03-19 01:14    0    ----a-w-    c:\windows\ativpsrm.bin
2014-03-19 01:12 . 2014-03-19 01:12    --------    d-----w-    C:\AMD
2014-03-19 01:12 . 2014-03-19 01:12    --------    d-----w-    c:\program files (x86)\Common Files\ATI Technologies
2014-03-19 01:12 . 2014-03-19 01:12    --------    d-----w-    c:\program files (x86)\AMD AVT
2014-03-19 01:11 . 2014-03-19 01:12    --------    d-----w-    c:\program files\Common Files\ATI Technologies
2014-03-19 01:11 . 2014-03-19 01:11    --------    d-----w-    c:\program files (x86)\ATI Technologies
2014-03-19 01:11 . 2014-03-19 01:11    --------    d-----w-    c:\program files\ATI
2014-03-19 01:10 . 2014-03-19 01:12    --------    d-----w-    c:\program files\ATI Technologies
2014-03-17 20:59 . 2013-04-28 14:56    396800    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\DAO\w\a\l\m\a\r\t\dll\ISSkinExW.dll
2014-03-17 20:25 . 2014-03-17 20:26    --------    d-----w-    c:\program files (x86)\Flawless Widescreen
2014-03-17 17:20 . 2014-03-04 11:32    599840    ----a-w-    c:\windows\SysWow64\nvStreaming.exe
2014-03-17 17:20 . 2014-03-04 13:05    2558808    ----a-w-    c:\windows\system32\nvsvcr.dll
2014-03-17 17:02 . 2014-03-17 17:02    --------    d-----w-    c:\program files (x86)\Windows Installer Clean Up
2014-03-17 17:01 . 2014-03-17 17:01    --------    d-----w-    c:\program files (x86)\MSECACHE
2014-03-17 12:45 . 2014-03-17 12:53    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-03-17 12:45 . 2014-03-17 12:45    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-03-17 04:26 . 2014-02-25 18:31    252704    ----a-w-    c:\windows\system32\drivers\VBoxDrv.sys
2014-03-17 04:26 . 2014-02-25 18:27    126752    ----a-w-    c:\windows\system32\drivers\VBoxUSBMon.sys
2014-03-17 02:07 . 2013-12-20 16:38    1721576    ----a-w-    c:\windows\system32\WdfCoInstaller01009.dll
2014-03-17 01:40 . 2014-03-18 14:10    --------    d-----w-    c:\windows\system32\appmgmt
2014-03-17 00:51 . 2013-04-09 23:34    1247744    ----a-w-    c:\windows\SysWow64\DWrite.dll
2014-03-17 00:51 . 2013-04-02 22:51    1643520    ----a-w-    c:\windows\system32\DWrite.dll
2014-03-17 00:28 . 2014-03-17 00:28    --------    d-----w-    c:\program files (x86)\MSXML 4.0
2014-03-17 00:18 . 2014-03-17 00:18    --------    d-----w-    c:\windows\system32\RAPID
2014-03-17 00:16 . 2013-12-21 09:53    548864    ----a-w-    c:\windows\system32\vbscript.dll
2014-03-17 00:16 . 2013-12-21 08:56    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-03-17 00:05 . 2013-05-10 04:30    167424    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2014-03-17 00:05 . 2013-05-10 03:48    164864    ----a-w-    c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-03-17 00:05 . 2013-05-10 05:56    12625920    ----a-w-    c:\windows\system32\wmploc.DLL
2014-03-17 00:05 . 2013-05-10 04:56    12625408    ----a-w-    c:\windows\SysWow64\wmploc.DLL
2014-03-17 00:05 . 2013-05-10 05:56    14631424    ----a-w-    c:\windows\system32\wmp.dll
2014-03-16 23:41 . 2014-03-16 23:41    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2014-03-16 23:40 . 2014-03-16 23:40    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2014-03-16 23:40 . 2014-03-16 23:40    48128    ----a-w-    c:\windows\system32\imgutil.dll
2014-03-16 23:40 . 2014-03-16 23:40    135680    ----a-w-    c:\windows\system32\iepeers.dll
2014-03-16 23:20 . 2012-08-23 14:12    29696    ----a-w-    c:\windows\system32\drivers\terminpt.sys
2014-03-16 23:20 . 2012-08-23 14:10    19456    ----a-w-    c:\windows\system32\drivers\rdpvideominiport.sys
2014-03-16 23:20 . 2012-08-23 14:08    30208    ----a-w-    c:\windows\system32\drivers\TsUsbGD.sys
2014-03-16 23:20 . 2012-08-23 13:24    15360    ----a-w-    c:\windows\system32\RdpGroupPolicyExtension.dll
2014-03-16 23:20 . 2012-08-23 11:12    192000    ----a-w-    c:\windows\SysWow64\rdpendp_winip.dll
2014-03-16 23:20 . 2012-08-23 14:13    243200    ----a-w-    c:\windows\system32\rdpudd.dll
2014-03-16 23:20 . 2012-08-23 10:51    228864    ----a-w-    c:\windows\system32\rdpendp_winip.dll
2014-03-16 23:20 . 2012-08-23 09:51    3174912    ----a-w-    c:\windows\system32\rdpcorets.dll
2014-03-16 23:16 . 2010-02-23 08:16    294912    ----a-w-    c:\windows\system32\browserchoice.exe
2014-03-16 23:10 . 2012-07-26 03:08    229888    ----a-w-    c:\windows\system32\WUDFHost.exe
2014-03-16 23:10 . 2012-07-26 03:08    84992    ----a-w-    c:\windows\system32\WUDFSvc.dll
2014-03-16 23:10 . 2012-07-26 03:08    744448    ----a-w-    c:\windows\system32\WUDFx.dll
2014-03-16 23:10 . 2012-07-26 03:08    45056    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2014-03-16 23:10 . 2012-07-26 03:08    194048    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2014-03-16 23:10 . 2012-07-26 02:26    87040    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2014-03-16 23:10 . 2012-07-26 02:26    198656    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2014-03-16 23:06 . 2013-12-04 02:16    658432    ----a-w-    c:\windows\system32\RMActivate_isv.exe
2014-03-16 23:05 . 2013-11-12 02:23    2048    ----a-w-    c:\windows\system32\tzres.dll
2014-03-16 23:03 . 2013-04-10 05:48    1732608    ----a-w-    c:\program files\Windows Journal\NBDoc.DLL
2014-03-16 23:03 . 2013-04-10 05:46    1402880    ----a-w-    c:\program files\Windows Journal\JNWDRV.dll
2014-03-16 23:03 . 2013-04-10 05:46    1393152    ----a-w-    c:\program files\Windows Journal\JNTFiltr.dll
2014-03-16 23:03 . 2013-04-10 05:46    1367040    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-03-16 23:03 . 2013-04-10 05:03    936448    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-03-16 23:01 . 2011-10-15 06:31    723456    ----a-w-    c:\windows\system32\EncDec.dll
2014-03-16 22:53 . 2014-03-16 22:53    --------    d-----w-    c:\programdata\Qualcomm
2014-03-16 22:53 . 2014-03-16 22:53    --------    d-----w-    c:\program files\Qualcomm Atheros
2014-03-16 22:50 . 2014-02-05 09:31    1048152    ----a-w-    c:\windows\SysWow64\nvspcap.dll
2014-03-16 22:50 . 2014-02-05 09:30    1179576    ----a-w-    c:\windows\system32\nvspcap64.dll
2014-03-16 22:50 . 2014-03-16 22:50    --------    d-----w-    c:\program files (x86)\AGEIA Technologies
2014-03-16 22:50 . 2014-03-17 17:20    --------    d-----w-    c:\programdata\NVIDIA
2014-03-16 22:50 . 2014-03-04 13:06    6714312    ----a-w-    c:\windows\system32\nvcpl.dll
2014-03-16 22:50 . 2014-03-04 13:06    3497816    ----a-w-    c:\windows\system32\nvsvc64.dll
2014-03-16 22:50 . 2014-03-04 13:05    922968    ----a-w-    c:\windows\system32\nvvsvc.exe
2014-03-16 22:50 . 2014-03-04 13:05    64968    ----a-w-    c:\windows\system32\nvshext.dll
2014-03-16 22:50 . 2014-03-04 13:05    386336    ----a-w-    c:\windows\system32\nvmctray.dll
2014-03-16 22:50 . 2014-03-04 13:05    3649185    ----a-w-    c:\windows\system32\nvcoproc.bin
2014-03-16 22:44 . 2014-03-16 22:44    --------    d-----w-    c:\windows\system32\config\systemprofile\lucidlogix
2014-03-16 22:36 . 2012-06-02 22:19    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2014-03-16 22:36 . 2012-06-02 22:19    44056    ----a-w-    c:\windows\system32\wups2.dll
2014-03-16 22:36 . 2012-06-02 22:19    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2014-03-16 22:36 . 2012-06-02 22:15    2622464    ----a-w-    c:\windows\system32\wucltux.dll
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-21 15:32 . 2013-05-02 17:11    54368    ----a-w-    c:\windows\system32\drivers\kltdi.sys
2014-03-21 15:32 . 2013-05-02 17:11    29280    ----a-w-    c:\windows\system32\drivers\klmouflt.sys
2014-03-21 15:32 . 2013-05-02 17:11    29280    ----a-w-    c:\windows\system32\drivers\klkbdflt.sys
2014-03-21 15:32 . 2012-08-02 15:09    29792    ----a-w-    c:\windows\system32\drivers\klim6.sys
2014-03-21 15:32 . 2012-06-19 17:28    458336    ----a-w-    c:\windows\system32\drivers\kl1.sys
2014-02-25 18:27 . 2014-02-25 18:27    140576    ----a-w-    c:\windows\system32\drivers\VBoxNetAdp.sys
2014-02-25 18:24 . 2014-02-25 18:24    204064    ------w-    c:\windows\system32\VBoxNetFltNobj.dll
2014-02-14 17:01 . 2014-02-14 17:01    906224    ----a-w-    c:\windows\system32\igfxstarter.exe
2014-02-14 17:01 . 2014-02-14 17:01    530928    ----a-w-    c:\windows\system32\DPTopologyApp.exe
2014-02-14 17:01 . 2014-02-14 17:01    153072    ----a-w-    c:\windows\system32\difx64.exe
2014-02-14 17:01 . 2014-02-14 17:01    397296    ----a-w-    c:\windows\system32\CustomModeApp.exe
2014-01-22 14:57 . 2014-01-22 14:57    450520    ----a-w-    c:\windows\system32\drivers\IntcDAud.sys
2014-01-22 14:57 . 2014-01-22 14:57    182784    ----a-w-    c:\windows\system32\igfxCoIn_v3412.dll
2014-01-22 14:51 . 2014-01-22 14:51    7947776    ----a-w-    c:\windows\system32\ig75icd64.dll
2014-01-22 14:51 . 2014-01-22 14:51    373760    ----a-w-    c:\windows\system32\igdmd64.dll
2014-01-22 14:51 . 2014-01-22 14:51    21088256    ----a-w-    c:\windows\system32\igd10iumd64.dll
2014-01-22 14:51 . 2014-01-22 14:51    160256    ----a-w-    c:\windows\system32\igdail64.dll
2014-01-22 14:51 . 2014-01-22 14:51    733184    ----a-w-    c:\windows\system32\MetroIntelGenericUIFramework.dll
2014-01-22 14:51 . 2014-01-22 14:51    2384896    ----a-w-    c:\windows\system32\GfxRes.dll
2014-01-22 14:48 . 2014-01-22 14:48    3224064    ----a-w-    c:\windows\system32\igdrcl64.dll
2014-01-22 14:48 . 2014-01-22 14:48    329216    ----a-w-    c:\windows\system32\igdbcl64.dll
2014-01-22 14:48 . 2014-01-22 14:48    320512    ----a-w-    c:\windows\system32\IntelOpenCL64.dll
2014-01-22 14:48 . 2014-01-22 14:48    25971712    ----a-w-    c:\windows\system32\igdfcl64.dll
2014-01-22 14:48 . 2014-01-22 14:48    6289408    ----a-w-    c:\windows\SysWow64\ig75icd32.dll
2014-01-22 14:48 . 2014-01-22 14:48    299520    ----a-w-    c:\windows\SysWow64\igdmd32.dll
2014-01-22 14:48 . 2014-01-22 14:48    20433408    ----a-w-    c:\windows\SysWow64\igd10iumd32.dll
2014-01-22 14:48 . 2014-01-22 14:48    142848    ----a-w-    c:\windows\SysWow64\igdail32.dll
2014-01-22 14:44 . 2014-01-22 14:44    290816    ----a-w-    c:\windows\SysWow64\igdbcl32.dll
2014-01-22 14:44 . 2014-01-22 14:44    2896384    ----a-w-    c:\windows\SysWow64\igdrcl32.dll
2014-01-22 14:44 . 2014-01-22 14:44    265216    ----a-w-    c:\windows\SysWow64\IntelOpenCL32.dll
2014-01-22 14:44 . 2014-01-22 14:44    20954112    ----a-w-    c:\windows\SysWow64\igdfcl32.dll
2014-01-22 14:35 . 2014-01-22 14:35    64000    ----a-w-    c:\windows\system32\Intel_OpenCL_ICD64.dll
2014-01-22 14:35 . 2014-01-22 14:35    60416    ----a-w-    c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2014-01-22 14:35 . 2014-01-22 14:35    2065920    ----a-w-    c:\windows\system32\igfxcmjit64.dll
2014-01-22 14:35 . 2014-01-22 14:35    1815040    ----a-w-    c:\windows\SysWow64\igfxcmjit32.dll
2014-01-22 14:35 . 2014-01-22 14:35    155136    ----a-w-    c:\windows\system32\igfx11cmrt64.dll
2014-01-22 14:35 . 2014-01-22 14:35    133120    ----a-w-    c:\windows\SysWow64\igfx11cmrt32.dll
2014-01-22 14:35 . 2014-01-22 14:35    4474368    ----a-w-    c:\windows\system32\igdusc64.dll
2014-01-22 14:34 . 2014-01-22 14:34    3558912    ----a-w-    c:\windows\SysWow64\igdusc32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2013-12-29 13:08    538824    ----a-w-    c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2013-12-29 13:08    538824    ----a-w-    c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
@="{0A479751-02BC-11d3-A855-0004AC2568EE}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
2013-12-29 13:08    538824    ----a-w-    c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SVPMgr"="c:\program files (x86)\SVP\SVPMgr.exe" [2013-07-15 942080]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2010-02-03 570600]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2009-12-16 463248]
"CallStation"="c:\program files (x86)\CallStation\CStation.exe" [2012-05-23 1781760]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2014-02-28 5545328]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5551288]
"Sound Blaster Cinema"="c:\program files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" [2013-08-16 711680]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2537096]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2014-03-21 356128]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-12-20 292848]
.
c:\users\DeadMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\DeadMan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 33508336]
Samsung Magician.lnk - c:\program files (x86)\Samsung\Samsung Magician\Samsung Magician.exe  /AUTOHIDE [2014-3-14 4580256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logo Calibration Loader.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2014-2-27 708608]
UltraMon.lnk - c:\windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico /auto [2014-2-27 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"DisableThumbnailCache"= 1 (0x1)
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisableThumbnailCache"= 1 (0x1)
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys;c:\windows\SYSNATIVE\DRIVERS\DKRtWrt.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 rspLLL;rspLLL;c:\windows\system32\DRIVERS\rspLLL64.sys;c:\windows\SYSNATIVE\DRIVERS\rspLLL64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]
R4 FreeAgentGoFlex Service;Seagate Drive Settings Service;c:\program files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe;c:\program files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [x]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;i:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;i:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R4 gupdate1cf413c86d8be1e;Google Update Service (gupdate1cf413c86d8be1e);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R4 gupdatem1cf413c872c0e48;Google Update Service (gupdatem1cf413c872c0e48);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R4 IpWatchDog;IP Watchdog;c:\ipwatchdog_1.2\IpWatchDog.exe;c:\ipwatchdog_1.2\IpWatchDog.exe [x]
R4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R4 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
R4 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
R4 XTU3SERVICE;Intel® Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S0 asstor64;asstor64;c:\windows\system32\drivers\asstor64.sys;c:\windows\SYSNATIVE\drivers\asstor64.sys [x]
S0 DKDFM;Device Filter Manager Driver;c:\windows\system32\drivers\DKDFM.sys;c:\windows\SYSNATIVE\drivers\DKDFM.sys [x]
S0 DKTLFSMF;Telemetry File System Mini Filter Driver;c:\windows\system32\drivers\DKTLFSMF.sys;c:\windows\SYSNATIVE\drivers\DKTLFSMF.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;c:\windows\system32\DRIVERS\SamsungRapidDiskFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidDiskFltr.sys [x]
S0 SamsungRapidFSFltr;SamsungRapidFSFltr;c:\windows\system32\DRIVERS\SamsungRapidFSFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidFSFltr.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\amd\amdacpusrsvc.exe;c:\amd\amdacpusrsvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 SamsungRapidSvc;Samsung RAPID Mode Service;c:\windows\system32\RAPID\SamsungRapidSvc.exe;c:\windows\SYSNATIVE\RAPID\SamsungRapidSvc.exe [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NvnUsbAudio;Novation USB Audio Driver;c:\windows\system32\DRIVERS\nvnusbaudio.sys;c:\windows\SYSNATIVE\DRIVERS\nvnusbaudio.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tpg64win7;Gigabit PCI Express Network Adapter Driver;c:\windows\system32\DRIVERS\tpg64win7.sys;c:\windows\SYSNATIVE\DRIVERS\tpg64win7.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NTIOLIB_FASTBOOT
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 20:36]
.
2014-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16 17:24]
.
2014-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16 17:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\DeadMan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2013-12-29 13:08    692936    ----a-w-    c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2013-12-29 13:08    692936    ----a-w-    c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
@="{0A479751-02BC-11d3-A855-0004AC2568EE}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
2013-12-29 13:08    692936    ----a-w-    c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SamsungRapidApp"="c:\program files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe" [2013-07-29 109280]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2013-08-29 40576]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-12-06 7506136]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-uTorrent - c:\users\DeadMan\AppData\Roaming\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-03-27  23:00:58
ComboFix-quarantined-files.txt  2014-03-27 23:00
.
Pre-Run: 210,998,792,192 bytes free
Post-Run: 210,824,630,272 bytes free
.
- - End Of File - - C941997027F38F6DA5D69BE9E8277335
A36C5E4F47E84449FF07ED3517B43A31
 



#8 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 27 March 2014 - 06:17 PM

Additional info. I note in event viewer it says this.

 

2 instances before and after the other event.

 

Event 7030 The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

 

Sandwiched between is this.

 

Event 1060 \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

 

I don't know if that means Combofix was allowed to operate correctly or not.

 

I also get random DWM.exe related to ntdll.dll errors but that may be unrelated and some driver/hardware issue with my new Radeon card.

 

Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000031852
Faulting process id: 0x774
Faulting application start time: 0x01cf4a03b20d5b0e
Faulting application path: C:\Windows\system32\Dwm.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 6950c1eb-b5ff-11e3-b88f-ab9645f27df7


Edited by Deadman3000, 27 March 2014 - 06:41 PM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 28 March 2014 - 07:23 AM

The file DWM.exe is not listed in any of your logs.
It could be malware. Lets see what we can find.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


If your operating system is 64 bit download this tool:
SystemLook_x64.exe
  • Double-click SystemLook.exe
  • to run it.
  • Copy and paste the content
  • of the following bold text into the main textfield:
    :filefind
    DWM.exe

    :regfind
    DWM.exe

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt.
    ===

    While I check your log see if you have the wrong version of some files for your new Radeon card.

    Secunia Personal Software Inspector (PSI)
    http://secunia.com/vulnerability_scanning/personal/
    Secunia PSI is a security scanner which identifies programs/drivers that are damaged and need updates.
    If interested in security I would download the tool and run it.
    <<<>>>


#10 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 28 March 2014 - 08:13 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 13:10 on 28/03/2014 by DeadMan
Administrator - Elevation successful

========== filefind ==========

Searching for "DWM.exe"
C:\Windows\System32\dwm.exe    --a---- 120320 bytes    [23:37 13/07/2009]    [01:39 14/07/2009] F162D5F5E845B9DC352DD1BAD8CEF1BC
C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe    --a---- 120320 bytes    [23:37 13/07/2009]    [01:39 14/07/2009] F162D5F5E845B9DC352DD1BAD8CEF1BC

========== regfind ==========

Searching for "DWM.exe"
[HKEY_CURRENT_USER\Software\ATI\ACE\Settings\Runtime\Graphics\Radeon3D]
"NoCFModeApps"="::RelicCOH.exe::UDX|::Borderlands.exe::UDX|::Crysis.exe::UDX|::Magicka.exe::UDX|::RRU.exe::UDX|::SupremeCommander2.exe::UDX|::WinDVD.exe::UDX|::Avatar.exe::UDX|::Nexuiz.exe::UDX|::metroLL.exe::UDX|::test01.exe::UDX|::test02.exe::UDX|::test03.exe::UDX|::test04.exe::UDX|::test05.exe::UDX|::test06.exe::UDX|::test07.exe::UDX|::test08.exe::UDX|::test09.exe::UDX|::test10.exe::UDX|::test11.exe::UDX|::test12.exe::UDX|::F.E.A.R. 3.exe::UDX|::AVP.exe::UDX|::mlb2k10.exe::UDX|::RedOrchestra.exe::UDX|::ShippingPC-BmGame.exe::UDX|::deadspace2.exe::UDX|::Diablo III*.exe::UDX|::ScourgeGame.exe::UDX|::DOW2.exe::UDX|::SWTFU.exe::UDX|::UDK.exe::UDX|::prototype2*.exe::UDX|::SWTFU2.exe::UDX|::Wanted.exe::UDX|::Dead Space.exe::UDX|::moh.exe::UDX|::EFLC.exe::UDX|::DogFighterSteam.exe::UDX|::daorigins.exe::UDX|::darkfall.exe::UDX|::nostradamus.exe::UDX|*\\lionheart - king's crusade::Launcher.exe::UDX|::ffxivgame.exe::UDX|::TmForever.exe::UDX|::B
[HKEY_CURRENT_USER\Software\Microsoft\Speech\Preferences\AppCompatDisableDictation]
"dwm.exe"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\Users\DeadMan\AppData\Local\Microsoft\Windows\WER\ReportQueue\AppCrash_Dwm.exe_8e7294e5a9a76ac110f9d123143485ad9567f9fb_cab_0bffa460"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\F0\52C64B7E]
"@%SystemRoot%\system32\dwm.exe,-2001"="Provides Desktop Window Manager startup and maintenance services"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\ReflectionApplications\dwm.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Resolvers]
"SystemBinariesList"="win32k.sys:winlogon.exe:EXPLORER.EXE:CSRSS.Exe:dwm.exe:logon.scr:logonui.exe:lsass.exe:lsm.exe:ntkrpamp.exe:ntoskrnl.exe:RUNDLL32.EXE:services.exe:sppsvc.exe:smss.exe:spoolsv.exe:svchost.exe:taskeng.exe:WinInit.exe:WISPTIS.EXE:dllhost.exe:dllhst3g.exe:cscript.exe:mmc.exe:msiexec.exe:upnpcont.exe:wscript.exe:WUDFHost.exe:dfsvc.exe:dfsvc.exe:fdbs.exe:ntfsbs.exe:memdiag.exe:NETFXSBS10.exe:applaunch.exe:aspnet_compiler.exe:aspnet_regbrowsers.exe:aspnet_regiis.exe:aspnet_regsql.exe:aspnet_state.exe:aspnet_wp.exe:caspol.exe:csc.exe:CVTRES.EXE:dfsvc.exe:dw20.exe:IEExec.exe:ilasm.exe:InstallUtil.exe:jsc.exe:MSBuild.exe:mscorsvw.exe:ngen.exe:RegAsm.exe::RegSvcs.exe:vbc.exe:TrustedInstaller.exe:Aurora.scr:AutoChk.Exe:AUTOFMT.EXE:CHKDSK.EXE:CHKNTFS.EXE:consent.exe:PnPUnattend.exe:PnPutil.exe:RacAgent.exe:fsquirt.exe:Uninst.exe:updateWmc.exe:wmdc.exe:wmdsync.exe:mofcomp.exe:ScrCons.exe:smi2smir.exe:unse
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{bc2eeeec-b77a-4a52-b6a4-dffb1b1370cb}]
"ResourceFileName"="%SystemRoot%\system32\dwm.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{bc2eeeec-b77a-4a52-b6a4-dffb1b1370cb}]
"MessageFileName"="%SystemRoot%\system32\dwm.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\Users\DeadMan\AppData\Local\Microsoft\Windows\WER\ReportQueue\AppCrash_Dwm.exe_8e7294e5a9a76ac110f9d123143485ad9567f9fb_cab_0bffa460"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\HeapControlledList\dwm.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\RADAR\HeapLeakDetection\ReflectionApplications\dwm.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\Windows Error Reporting\HeapControlledList\dwm.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Desktop Window Manager]
"EventMessageFile"="%SystemRoot%\system32\dwm.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UxSms]
"DisplayName"="@%SystemRoot%\system32\dwm.exe,-2000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UxSms]
"Description"="@%SystemRoot%\system32\dwm.exe,-2001"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Desktop Window Manager]
"EventMessageFile"="%SystemRoot%\system32\dwm.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\UxSms]
"DisplayName"="@%SystemRoot%\system32\dwm.exe,-2000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\UxSms]
"Description"="@%SystemRoot%\system32\dwm.exe,-2001"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Desktop Window Manager]
"EventMessageFile"="%SystemRoot%\system32\dwm.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UxSms]
"DisplayName"="@%SystemRoot%\system32\dwm.exe,-2000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\UxSms]
"Description"="@%SystemRoot%\system32\dwm.exe,-2001"
[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MuiCache\F0\52C64B7E]
"@%SystemRoot%\system32\dwm.exe,-2000"="Desktop Window Manager Session Manager"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Speech\Preferences\AppCompatDisableDictation]
"dwm.exe"=""
[HKEY_USERS\S-1-5-20\Software\Microsoft\Speech\Preferences\AppCompatDisableDictation]
"dwm.exe"=""
[HKEY_USERS\S-1-5-21-3640305961-1857829111-264128548-1000\Software\ATI\ACE\Settings\Runtime\Graphics\Radeon3D]
"NoCFModeApps"="::RelicCOH.exe::UDX|::Borderlands.exe::UDX|::Crysis.exe::UDX|::Magicka.exe::UDX|::RRU.exe::UDX|::SupremeCommander2.exe::UDX|::WinDVD.exe::UDX|::Avatar.exe::UDX|::Nexuiz.exe::UDX|::metroLL.exe::UDX|::test01.exe::UDX|::test02.exe::UDX|::test03.exe::UDX|::test04.exe::UDX|::test05.exe::UDX|::test06.exe::UDX|::test07.exe::UDX|::test08.exe::UDX|::test09.exe::UDX|::test10.exe::UDX|::test11.exe::UDX|::test12.exe::UDX|::F.E.A.R. 3.exe::UDX|::AVP.exe::UDX|::mlb2k10.exe::UDX|::RedOrchestra.exe::UDX|::ShippingPC-BmGame.exe::UDX|::deadspace2.exe::UDX|::Diablo III*.exe::UDX|::ScourgeGame.exe::UDX|::DOW2.exe::UDX|::SWTFU.exe::UDX|::UDK.exe::UDX|::prototype2*.exe::UDX|::SWTFU2.exe::UDX|::Wanted.exe::UDX|::Dead Space.exe::UDX|::moh.exe::UDX|::EFLC.exe::UDX|::DogFighterSteam.exe::UDX|::daorigins.exe::UDX|::darkfall.exe::UDX|::nostradamus.exe::UDX|*\\lionheart - king's crusade::Launcher.exe::UDX|::ffxi
[HKEY_USERS\S-1-5-21-3640305961-1857829111-264128548-1000\Software\Microsoft\Speech\Preferences\AppCompatDisableDictation]
"dwm.exe"=""
[HKEY_USERS\S-1-5-21-3640305961-1857829111-264128548-1000\Software\Microsoft\Windows\Windows Error Reporting\Debug]
"StoreLocation"="C:\Users\DeadMan\AppData\Local\Microsoft\Windows\WER\ReportQueue\AppCrash_Dwm.exe_8e7294e5a9a76ac110f9d123143485ad9567f9fb_cab_0bffa460"
[HKEY_USERS\S-1-5-21-3640305961-1857829111-264128548-1000\Software\Classes\Local Settings\MuiCache\F0\52C64B7E]
"@%SystemRoot%\system32\dwm.exe,-2001"="Provides Desktop Window Manager startup and maintenance services"
[HKEY_USERS\S-1-5-21-3640305961-1857829111-264128548-1000_Classes\Local Settings\MuiCache\F0\52C64B7E]
"@%SystemRoot%\system32\dwm.exe,-2001"="Provides Desktop Window Manager startup and maintenance services"
[HKEY_USERS\S-1-5-18\Software\Classes\Local Settings\MuiCache\F0\52C64B7E]
"@%SystemRoot%\system32\dwm.exe,-2000"="Desktop Window Manager Session Manager"

-= EOF =-

 

It's possible my graphics card has a fault or there is a driver issue since I get random screen corruption on occasion but I think only if hardware  acceleration is enabled in Firefox and Thunderbird. Strangely if I run a game I get no issues though. I ran Unigine in all it's modes (DX9, DX11, OpenGL etc) and experienced no screen corruption (I also tried Skyrim and 3DMark and experienced no issues). I think I was getting it with hardware acceleration enabled in Thunderbird and Firefox though. I have disabled both to see if it reappears. One other thing. I think I get the DWM crashes when my HDTV is on and detected. Anyhow I it's probably unrelated to any virus or malware activity.

 

If you cannot see any issues in the above logs do you think we are OK to close this thread?

 

Thank you for your valuable time.


Edited by Deadman3000, 28 March 2014 - 09:30 AM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 28 March 2014 - 08:33 AM

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:

  • List last 10 Event Viewer log
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


#12 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 28 March 2014 - 12:26 PM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by DeadMan (administrator) on 28-03-2014 at 17:23:40
Running from "C:\Users\DeadMan\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/28/2014 02:37:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: atidxx64.dll, version: 8.17.10.539, time stamp: 0x53207034
Exception code: 0xc0000005
Fault offset: 0x000000000054e139
Faulting process id: 0x1114
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (03/27/2014 10:30:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000031852
Faulting process id: 0x774
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3


System errors:
=============
Error: (03/28/2014 08:59:04 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (03/28/2014 06:49:09 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (03/28/2014 04:59:04 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (03/27/2014 11:00:07 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/27/2014 10:59:52 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (03/27/2014 10:57:58 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (03/27/2014 05:09:26 PM) (Source: Service Control Manager) (User: )
Description: The System Event Notification Service service terminated with the following error:
%%997

Error: (03/27/2014 02:55:36 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.


Microsoft Office Sessions:
=========================
Error: (03/28/2014 02:37:16 PM) (Source: Application Error)(User: )
Description: Dwm.exe6.1.7600.163854a5bc541atidxx64.dll8.17.10.53953207034c0000005000000000054e139111401cf4a16903f2316C:\Windows\system32\Dwm.exeC:\Windows\system32\atidxx64.dll7521adea-b686-11e3-8f3c-c2b7e433bc60

Error: (03/27/2014 10:30:34 PM) (Source: Application Error)(User: )
Description: Dwm.exe6.1.7600.163854a5bc541ntdll.dll6.1.7601.18247521eaf24c0000005000000000003185277401cf4a03b20d5b0eC:\Windows\system32\Dwm.exeC:\Windows\SYSTEM32\ntdll.dll6950c1eb-b5ff-11e3-b88f-ab9645f27df7


CodeIntegrity Errors:
===================================
  Date: 2014-03-28 16:03:24.104
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-28 16:03:24.103
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-28 16:03:24.102
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-28 16:03:24.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-28 16:03:24.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-28 16:03:24.098
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-27 22:59:52.008
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-27 22:59:51.992
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-03-27 21:50:17.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-27 21:50:17.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


**** End of log ****
 

 

I tend to clear my logs regularly to test for issues using a batch file:

 

@echo off
:set path=c:\windows\system32
FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V
IF (%adminTest%)==(Access) goto noAdmin
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo.
echo Event Logs have been cleared! ^<press any key^>
goto theEnd
:do_clear
echo clearing %1
wevtutil.exe cl %1
goto :eof
:noAdmin
echo You must run this script as an Administrator!
echo ^<press any key^>
;theEnd

---

 

So may not be useful.

 

The hard disk controller issue is to do with coming out of sleep mode.

 

If you are not seeing anything suspicious in previous logs then I will not bother you with any driver/hardware issues. :)


Edited by Deadman3000, 28 March 2014 - 12:27 PM.


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 28 March 2014 - 01:24 PM

The first error today.

Error: (03/28/2014 02:37:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: atidxx64.dll, version: 8.17.10.539, time stamp: 0x53207034

The first error atidxx64.dll if for the Radeon card also.

You may be interested in checking with this forum.
Internal hardware forum
http://www.bleepingcomputer.com/forums/forum7.html

Edited by nasdaq, 29 March 2014 - 08:08 AM.


#14 Deadman3000

Deadman3000
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 28 March 2014 - 03:58 PM

Thanks. I will look into it. Are we good to go now? I also resolved my problem with my modem btw.



#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:14 AM

Posted 29 March 2014 - 08:10 AM


If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
===

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users